IdAM as a Service
Identity Access Management as a Service (IdAMaaS)
Identity is the new security perimeter, and our IdAM as a Service will ensure the security of both internal network and company resources. A high adjustability makes this open solution suitable for large variety of organizations.
Management of identities is a complex process which involves many technological aspects such as synchronization, connectors or attribute mapping. However, an advanced solution has to cover not only technological part of requirements, but also the business one in a form of processes, rules and policies as well. Both of these closely cooperating parts – identity management and identity governance – create one complete solution. Cogito’s IdAM as a Service is based on Midpoint, an open identity & organisation management and governance platform designed to cover both technological and business requirements of the organization. It will help your organisation with Identity Management and centralize the usage.
Cogito’s IdAM as a Service is built from Midpoint which has many satisfied clients from telco, insurance, scientific, financial, governmental or educational field and is used in many countries all over the world.
Identity Governance
Identity governance focuses on business processes, business rules, policies and organizational structures which helps managers, security officers and auditors to achieve high information security, efficient organization management and elimination of threat. Identity governance gives the organization control over using, storing or sharing identity information. It is an option to define, enforce, audit and review policies responsible for the exchange of information between internal systems as well as the external ones. Thanks to that, identity governance helps to lower the risk and threats.
Organisational Structure
Organisational structure is used to delegate part of the identity management duties to administrators distributed through the organisation. Provides native functionality to designate managers of organisational units and can synchronize the organisational structure from its source in the HR system as well as any other source or it can be an authoritative source of organisational structure. Supports not only hierarchical organisational trees, but other organisation structure types.
Audit
The audit trail is recorded in a database table which is part of the public interface. It may be used as a source of data for other systems: SIEM, data warehouse, reporting and analytic engines. For easy and quick access to the information it also maintains assignment metadata which includes the identifier of requestor and approver for each specific assignment as well as timestamps, owner of the process that actually executed the change and other additional data. Every external change in the environment is recorded in the audit log with no exception No important piece of information can escape.
Approvals
Ability to postpone selected actions (for example, role assignment) until they are approved by appropriate authority or authorities. This process is a set of specific steps thanks to which a user gets access or the information after it is passed from one participant to another and is approved. The workflow actions consist of creation, update, enabling, disabling or deletion. The approval process may involve multiple approvers, in many arrangements. Within the process, not only concrete persons might be engaged, but also organisation units or roles.
Entitlement Management
Entitlement Management is used for granting, resolving or enforcing entitlements. It will assist in making order between users, roles and resources, and increase the security level. A user is assigned to one or more roles and entitled to specific resources. Entitlement Management determines what concrete users are allowed to do once they enter the application or network. With centralized access policy, when the policy is entered or updated, all applications automatically receive the new or updated rule.
Credential Management
Generation of strong unique passwords for users as well as resources is another way of reinforcing the security. With this feature, an organisation can compose strong and unique passwords for both users and resources and also take care of them during their whole life cycle. It validades the passwords and generates them according to specific policies. It’s up to organisation’s decision what characters are allowed in the password, how many times they can repeat, how many are required and how they are positioned.
