IGA 10 for Identity Governance and Administration (ru)

IGA 10 for Identity Governance and Administration (ru)

Provide your users with a secure and relevant access to resources in a simple way with Evidian Identity Governance and Administration (IGA 10)

Who can access what in your organization? More than ever, information is a critical resource and organizations must reconcile two imperatives: maintaining confidentiality and ensuring access control, without harming the organization’s flexibility. Moreover, the ability to certify that you comply with regulations, to manage and minimize the risks and facilitate the involvement of the business individuals using business-aligned processes is also required. In order to achieve this goal, your organization should be able to:

  • let the business define end-user rights,
  • ensure the respect of the chosen security policy and detect inconsistencies,
  • be sure you are compliant with regulations and that you can prove it,
  • give the end-user the autonomy to request access rights or reset passwords,
  • speed up delivery of access to business applications with automatic provisioning,
  • improve user productivity by simplifying access to authorized applications wherever they may be.

Evidian Identity Governance and Administration (IGA 10) addresses those issues by managing the four pillars of the Identity and Access Governance market: Identities, Policy, Process & Access. For everyone, access control will no longer be seen as a constraint, but as an opportunity for optimization instead. With Evidian Identity Governance and Administration (IGA 10), only the right people access the right resources with the required rights for the right business reasons. 

The 4 pillars of Evidian Identity Governance and Administration

The 4 pillars of Evidian Identity Governance and Administration

Evidian Identity Governance and Administration brings you:

Identity management

  • Creation of a consolidated view of digital identities
  • Multiple types of information sources: HR systems, LDAP Directories, CSV/XLS files…
  • Non-intrusive with sources of identity information
  • Capacity to automatically launch Identity Management processes based on detection of changes
  • Capacity to follow enterprise evolutions; very easy to add/remove organizations
  • Simulation capability and Threshold management

Security Policy definition

  • Security policy based on RBAC (Role-based access control) model extended with Organizations, Contexts and Business Rules
  • User entitlement based on role assignment, role-organization couple, exceptions or “same as another user”
  • Dynamic role assignment based on user attribute values and time constraints
  • Management of risks (SOD) at user entitlement and role content definition
  • Centralized or distributed administration
  • Simulation capability, Central audit & reporting features

End user self-service and process management

  • End-user self-service portal; password reset, white pages, access requests, validation
  • Ready to use set of Identity & User entitlement management processes
  • Dynamic customization of the data and pages structure based on the user’s needs
  • User entitlement management delegated to the Business
  • Workflow actors & sequence based on Security Policy, no need to modify workflow process itself
  • Capacity to modify workflow processes structure with the “Workflow Editor” option

Access management to applications

  • Several Authentication Methods; Kerberos, Social Authentication, Strong Authentication, QREntry
  • End User activation
  • Standard connectors; LDAP, SQL, CSV, AD, Lotus Notes, SAP, GCOS, IBM RACF, SalesForce, Google Apps, Office 365 & Generic connec.
  • Capacity to manage AD & RACF low level permissions, e.g. printers, shared resources
  • Several processes to tailor provisioning actions
  • Reconciliation process to check the compliance with the defined policy
  • Integration with CyberArk & Wallix PAM tools
  • Integration with Service Now  ITSSM

Compliance & Reporting

  • Policy Status: provides status on the policy objects of your solution
  • User Lifecycle: provides information about user arrivals and departures
  • Statistics: helps you monitor the use of the policy
  • KPI – Quality: gives you Key Performance Indicators (KPIs) and Quality information on the policy you defined for your solution
  • Activity: helps you monitor the user activity

identity-governance-and-administration-report-en

Everyone can save time and be more efficient

Empower the end-user

Evidian turns your users into the main actors of your authorizations:

  • Employees, partners or externals, within a centralized or distributed organization.
  • Working on premises or remotely from a PC, tablet or smartphone.

New employees can start work more quicker and their rights are established automatically according to their responsibilities (additional validation steps may be added if required). Users can manage and request more rights by simply using a self-service portal. If users change role in the organization, their access rights are adjusted accordingly.

Leverage your investments

With Evidian, increase your current security policy hosted in your corporate directory to adapt your security requirements to your new challenges. You certainly spent time defining the rights that each user should have according to her/his business needs and modeled them in the corporate directory. Evidian offers the possibility to easily import this information in our security model and benefit from the entire set of functionalities offered by a tool designed to help you with the user access governance.

Address SaaS applications in a secure and cost effective way

With Evidian, you can manage and secure access to applications in the Cloud with controlled costs. Accounts in the Cloud applications will be dynamically created when the end-user requires access to them. This feature will prevent you from spending money on unused accounts and will help you deploy the use of Cloud applications.

Reduce operational risks

Evidian Identity Governance and Administration enables you to comply with the security policy and reduce risks (rights automatically withdrawn from employees who no longer need them, policy based on an up-to-date user database, etc.). Above all, Evidian Identity Governance and Administration guarantees compliance with a regulatory context of increased personal responsibility. Information is compartmentalized, ensuring compliance with integrity and confidentiality rules. Moreover the effectiveness of measures can be proven at any time by presenting compliance reports to external auditors.

Flexibility to adapt and develop alongside your organizational structure

Evidian Identity Governance and Administration is a standard product which is easy to implement:

  • It can be used immediately
  • It requires no modification of existing applications
  • It is compatible with your infrastructure
  • You do not need to modify your current user database

Evidian Identity Governance and Administration adapts to your organizational structure

  • It lets you model access to client applications in the form of roles that can be understood by operators
  • It gives an inventory and analysis of the access policy, which you can implement through a process of “reconciliation”
  • Workflow processes allow approval cycles to be automated and automatically adapt if the policy is modified

Evidian Identity Governance and Administration supports the company in all its activities and developments:

  • Unified management of the “extended” company (subcontractors, clients, etc.)
  • Extension of the installation in the event of a merger/acquisition

Extended company

The issue

Recent technical developments offer companies new possibilities for developing their activities. The rapid expansion of the internet and cloud computing and the multiple ways of accessing information allow companies to implement activities and processes beyond the traditional boundaries of technical environments, which are physically partitioned “within a building”. For example, an international financial entity, hospital group or distribution company may now wish to offer centralized and shared services, which can be securely accessed from their branches, various shops and premises. These entities still need reassurance about the security, facility and traceability of access to the services they offer without increasing the administrative burden of these services. They must be able to delegate local user administration to intermediate managers or allow end users to make access requests by triggering the required validation processes to ensure that the request is well founded.

Our Identity and Access Management solution

Evidian IAM Suite, particularly the Identity and Access Manager and Web Access Manager products, allows these organizations to set up centralized web services while delegating user administration to their immediate managers and ensuring easy and secure access. A professional institution was able to open up its services to 5,000 member companies and their 100,000 employees via a portal. Authorizations are delegated to a manager for each member company. Evidian IAM Suite ensures access control, in compliance with the authorizations delegated.