EmpowerID Products and Solutions
- Learning Center
Welcome to the Learning Center
Enterprise identities are the cornerstone of Identity & Access Management (IAM). EmpowerID provisions users, manages their permissions, synchronizes and resets their passwords, automates group membership, offers single sign-on, and enables auditing and compliance across all connected enterprise directories, applications and platforms. EmpowerID’s broad range of functionality is driven by secure workflows that can be initiated with self-service requests or automated processes.
EmpowerID’s Identity Warehouse manages enterprise identities, joining user accounts from all connected identity stores and applications. Each user’s permissions are managed by EmpowerID’s polyarchical RBAC engine, providing automated roles for each user. EmpowerID’s industry leading “time to value” is driven by its highly configurable workflows and a visual workflow designer that can create identity processes that match your existing business processes. The result is an IAM platform that ensures that the right users have the right access to the right resources at the right time with the least effort and expense.
Based on an authoritative source (commonly an HR system), EmpowerID provisions and de-provisions user accounts based on the user’s role(s). Provisioning to both cloud and on-premise applications, EmpowerID ensures that each user has the correct application accounts, based on either a role, group membership, or user request. Of equal importance to provisioning user accounts is the de-provisioning of user accounts, due to either role change or off-boarding.
Each user identity has a lifecycle, with some roles and responsibilities changing often – some estimates put internal turnover as high as a 20% or more per year. EmpowerID automates changes to users by inventorying one or more authoritative sources and projecting those changes to all connected applications and identity stores. Changes to group memberships, application accounts, file share permissions, and password reset policies are all handled automatically based on the changes to a user’s responsibilities.
EmpowerID provides solutions to assist organizations with corporate governance for IT systems, identification and reduction of risk in existing and proposed policies, and support for regulatory compliance efforts. EmpowerID meets the key requirements of effective GRC by providing visibility across systems and control of user access to applications and data within the enterprise.
EmpowerID assists in detecting and preventing actions and permissions that can compromise the roles and enterprise policies that govern a user’s access to applications, activities within applications, and corporate data.
End-users and non-IT management are often the best source for identity information and for the selective delegation of tasks for granting access. EmpowerID provides a modern HTML5 user interface for servicing user requests that involve permissions, group membership, attribute updates, password resets and application accounts. EmpowerID’s flexible User Interface (UI) auto-formats for a wide range of mobile devices enabling effective self-service for all users; it also offers device registration and multi-factor authentication for increased security.
EmpowerID’s Rights Based Approval Routing (RBAR) dynamically routes approvals for self service requests to an alternate user with requisite authority only when the user making the request lacks the needed permissions, which limits additional approval steps only to those situations that require them.
Whether they are Cloud applications, legacy applications, or SharePoint, your users need a single username and password that authenticates them into all of their applications. EmpowerID offers Federation, Web Access Management, and an LDAP Virtual Directory to provide Single Sign-On to all applications within your environment, whether they support Federation standards (SAML, OAuth, WS-Trust, or WS-Federation), or not. The EmpowerID Virtual Directory Service (VDS) acts as an LDAP Virtual Directory to handle authentication and authorization for internal applications.
Groups are vital to an enterprise, whether they are Active Directory groups, LDAP groups, or SharePoint groups. EmpowerID offers a central place to manage group membership either dynamically, or through self-service for all of these types of groups. Auditors appreciate the ability to attest to group membership or group permissions. Group lifecycle workflows give you the ability to clean up unused or unwanted groups on a scheduled basis. Map groups to roles or have them managed standalone, EmpowerID gives the option and choice.