EmpowerID Products and Solutions
- Learning Center
Welcome to the Learning Center
EmpowerID provides workflow-driven user provisioning and multi-directory identity and resource administration. By automating the entire process of provisioning, managing, and de-provisioning user accounts and application access across multiple directories, EmpowerID unifies the management of users, mailboxes, and other resources under a single role-based delegation and administrative model. One set of centrally-managed access and automation policies eliminates the tedious, repetitive, and labor-intensive manual procedures required to provision and manage access for both on-premise and cloud systems.
For many enterprises, the Human Capital Management (HCM) system is the authoritative source of user data for employees and all status changes - including pre-hire interview process, start-date, transfers and terminations - are managed and initiated within the HCM. EmpowerID integrates with an organization’s HCM to provision to both cloud and on-premise applications, EmpowerID ensures that each user has the correct application accounts, based on either a role, group membership or user request. Of equal importance to provisioning user accounts is de-provisioning user accounts, either due to off-boarding or role change.
Not all users that require access to an organization’s IT systems will reside in an HCM system yet the same level of security and automation is required. For these identities, EmpowerID provides flexible and easy to use workflow processes to automate onboarding, transfer and offboarding. The same policy-based provisioning engine automates what gets provisioned for these identities based on their roles, and organizational affiliation.
Your business exists outside of your employee base, external users need accounts on your network and it doesn’t make sense to provision AD accounts for them. The EmpowerID Identity Warehouse allows you to off self-registration and manual provisioning of accounts for your suppliers, partners, customers and other external users without compromising internal AD security. The Identity Warehouse provides full self-service and delegated administration capabilities that allow end users to manage their passwords and identity associations.
Identity Administration – Each user identity has a lifecycle, their roles and responsibilities change often, some estimates as high as a 20+% internal turnover per year. EmpowerID automates these changes when possible and for those that are not, provides a unified RBAC security model, user interface, and hundreds of workflows, covering delegated administration and self-service of Active Directory, LDAP, and custom application users and groups, Exchange mailboxes, and Lync without requiring delegation of native permissions. The unification of administration into a single web interface and set of workflows with a single robust Role-Based Access Control security model eliminates complex permission management in these systems and drives down ongoing costs associated with IT administration.
Groups are vital to an enterprise, whether it is Active Directory groups, LDAP groups or SharePoint groups. With a user account, your employees can log on to the network or application. With group memberships, they can accomplish their jobs. EmpowerID offers a central place to manage group membership either dynamically or through self-service for all of types of groups. Auditors love the ability to attest to group membership or group permissions. Group lifecycle gives you the ability to clean up unused or unwanted groups on a scheduled basis. Map groups to roles or have them managed standalone, EmpowerID gives the option and choice.
Close collaboration with partners is often the key to staying competitive in today's digital economy and a SharePoint portal is often the center piece of this collaboration infrastructure. The challenge is that securely managing IDs and access can be slow and cumbersome for your IT staff and often time-consuming. EmpowerID was designed to provide a complete multi-tenant access management solution for SharePoint without requiring any customizations. EmpowerID includes everything needed including a universal identity store, self-service user interfaces and workflows, and all of the security controls to manage and recertify SharePoint access.
Forgotten passwords lead to frustration and are typically the number one source of helpdesk calls. EmpowerID reduces these incidents notifying users before their passwords expire and when needed, allowing them to securing reset their forgotten passwords from their Windows login screen, the web or their mobile device without requiring helpdesk intervention. And with the password change detection agent for Active Directory, native password changes and captured to always keep a user’s passwords in sync.
EmpowerID includes a powerful 3-tiered role model that combines the structured approach of traditional RBAC with the dynamic flexibility of attribute-based access control (ABAC). These policies extend to control access to all of your systems, eliminating the need to grant administrators native permissions.
A shopping cart experience simplifies the role access request process. Users simply search for the roles or access they need and add them to their cart.
Periodic recertification and risk management ensure that role audits are performed quickly and easily using built-in recertification policies that snapshot the members for each role and the access they grant.
EmpowerID supports user provisioning and security management for on premise and cloud systems using both its Identity Warehouse and synchronization services as well as providing the ability to perform live real-time administration using workflows. The most popular systems are fully supported with in-depth functionality for provisioning and administration in systems such as Office 365, Google Apps, Amazon AWS, SalesForce.com, AD, LDAP, AS/400, Box.com, local groups on Windows Servers, SharePoint, and others. Custom-developed applications can be easily accommodated using the EmpowerID Universal Connector. The Universal Connector greatly simplifies connecting EmpowerID to a custom system, saving time by allowing staff to start building connectors immediately without specialized training.