Every web application has a unique user administration. How will IT consistently manage user and access management across all applications, when new applications are added and the business stays in control? How will IT ensure that when an employee leaves the organization the access to applications will be revoked?
User management is a key asset in dealing with the challenge of managing identities and managing, providing and governing user access to applications and information, both on-premise and in the Cloud. Within the IAM4Cloud services a comprehensive set of user management tools is provided to ensure control in a secure and auditable way.
- User store synchronization
IAM4Cloud doesn’t import or replicate any user store information regardless of whether it is deployed on-premises or in the cloud. IAM4Cloud syncs information near real-time between the primary user store and the web-based applications. Rules can be defined at own discretion to implement for syncing between a source and a target.
- Provisioning and de-provisioning
When it comes to managing provisioning and de-provisioning user accounts, the ability to manage accounts outside your network is crucial. As an identity provider there’s a continual challenge keeping user accounts synchronized with the connected applications. What’s needed is a way to automate management to keep these identity silos in sync.
IAM4Cloud automates provisioning by synchronizing with behind-the-firewall systems like Active Directory with 3rd party applications.
IAM4Cloud supports provisioning to most cloud applications. Within IAM4Cloud the provisioning rules for applications are generally related to group memberships. When a user is added to a group the applications will automatically be assigned to the user. Other authorization models are optionally supported.
Provisioning workflows manage the whole process from onboarding, promotion to offboarding users and their application assignments and credentials.
As soon as a user is disabled in or removed from the user directory, IAM4Cloud will make sure that the user will lose all credentials in the assigned applications.
- Self service
The platform also includes delegated administration that allows for department administrators or others to manage access for specific groups. This is particularly beneficial for large enterprises looking to unburden the central IT department by reducing help desk calls and resource constraints. It includes automated, self-service capabilities that enable end users to perform simple tasks as password resets, updates to basic profile information, requests for access to specific applications, etcetera.