Support   |   Contact Us  

Products Solutions Partners Resource Center News and Events Company
Solutions
Overview
LOB Manager
Enterprise IT Architect
Portals & Content Management
Microsoft SharePoint
Collaboration & Messaging
Databases
Service-Oriented Architecture
Identity & Access Management

Home / Solutions / Identity & Access Management
Identity and Access Management

In the past few years, many organizations have completed or initiated projects to deploy identity and access management technologies. The key focus of these tools has been on managing user identities – the creation and deletion, synchronization, provisioning, authentication, federation, and auditing of user accounts, attributes, and credentials.

These tools enable organizations to address the question of “who” is trying to access an application, data object, or network service. A critical gap, however, has been left unaddressed by identity and access management products – answering and enforcing “whether” a particular access request is entitled and therefore should be permitted. This second question is equally, if not more important, than the first. Once you have a handle on identity, the next logical step is entitlement. Entitlement Management is the administration, resolution, enforcement, audit, and review of policies that govern access to resources.

Some identity and access management vendors (primarily those offering web single sign-on or web access management products) can enforce access policies at a very coarse level that result in all or nothing propositions. Most organizations find this capability to be inadequate for their individual business needs and resort to custom coding authorization logic into applications.

Custom coding entitlements leads to a similar set of problems that were present when identities were managed in application silos prior to the adoption of identity and access management products:

  • high cost and complexity,
  • reduced security from the inconsistent application of policy,
  • longer time to deliver critical applications and services.

Furthermore, organizations are now driven by regulations such as Sarbanes-Oxley, HIPAA, GLBA, the European Data Protection Directive, and others, forcing them to focus intensely on establishing better controls around access to sensitive applications and data. Existing identity and access management solutions do not adequately address these requirements.


For More Info
Document          
Description
Type
Size
Date
Archived Webinar - Unified Access Management - June 12 2007
Unified Access Management for the Secure, Compliant Enterprise. Presented by Securent, Sun Microsystems, and The First American Corporation
flv
46.8MB
06/15/2007
How Securent Enhances Provisioning Deployments
A Securent Whitepaper
pdf
763KB
05/29/2007

Learn More



 
650.625.9400  |  Privacy & Legal  |  Site Map  |  © 2007 Securent Inc.    Powered by Broadchoice