The post Identity and Access Management appeared first on OpenIAM - Identity and Access Management.

Our OpenIAM Identity Manager Group can be found clicking here.

The post New LinkedIn Group appeared first on OpenIAM - Identity and Access Management.

OpenIAM has released v2.3 of its Identity Manager.

The community edition may be downloaded from: https://sourceforge.net/projects/openiam/files/latest/download

New Features in this release can found at:http://wiki.openiam.com/display/IDManager/What%27s+new+Identity+Manager+2.3

The roadmap for v2.4 and 3.0, which is a major release, will be published next week.

The post OpenIAM releases Identity Manager v2.3 appeared first on OpenIAM - Identity and Access Management.

OpenIAM announces the release of v3 of the OpenIAM Identity and Access Management suite. Fifteen months in the making, v3 is the biggest release of the IAM suite since the initial release of OpenIAM suite.

Version 3 is a complete refactoring of the solution based on experiences of 2.x version in large and complex deployments. Version 3 includes a new rich user interfaces and provides an architectural platform up which the OpenIAM site will be evolve.

Version 3 provides customers with the following benefits:

• Seamlessly unified Identity and Access Management suite so that customers using both Identity and Access need to manage only one platform and two separate products.
• Performance improvements
• Ease of use – Early customers reported that they have been able to implement v3 in half time required for v2.x

The suite features can be found at:

• Identity Manager: http://www.openiam.com/products/identity-manager/product-comparison-ce-v-ee/
• Access Manager: http://www.openiam.com/products/access-manager/feature-summary/

The post OpenIAM releases v3 of IAM suite appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY (PRWEB) June 18, 2014 OpenIAM, a provider of Identity and Access Management (IAM) solutions, has formed a business alliance with Information Development (ID) of Japan. The purpose of the alliance is to deliver a full-featured, high quality, yet economical Identity and Access Management solution to companies in Japan.

Current IAM offerings available in Japan are expensive, highly complex and difficult to deploy. Many of these solution providers have been slow to innovate and adapt to the changing needs resulting from cloud and mobile computing. This has limited the number of options available to companies looking to incorporate Identity and Access Management.

OpenIAM offers a comprehensive unified solution that is significantly easier to deploy and configure. OpenIAM has been designed to co-exist in heterogeneous environment where organizations may have a blend of cloud and on-premise solutions. Partnering with ID, end customers will be benefit from ID’s proven track record of delivering state-of-the-art solutions to major companies in Japan for over forty (40) years.

The OpenIAM solution suite offers customers with the following functionality:

• Authentication and Authorization
• Selfservice portal for end users to manage their own profile, request approval, and change password
• Forgot password management
• Single sign-on to cloud and on-premise applications
• Automated Provisioning and De-provisioning
• Access review and certification
• Audit and compliance

End customers will gain the following benefits:

• Operational efficiency: Automated account provisioning and de-provisioning significantly reduces the burden on IT staff.
• Improved end user productivity: Single sign on and self service save end users time by not having to repeatedly login and improve security
• Improved audit and compliance: Fine-grained audit allows customers to see how do what and when and meet regulator mandates.

About OpenIAM, LLC
Founded in 2008, OpenIAM provides a comprehensive Identity and Access Management stack. The OpenIAM product suite has been built from the ground up to provide a cost-effective, easy to use IAM solution without the issues found in offerings that have grown largely through acquisitions and legacy systems. The company’s products are being used by mid to large organizations in a variety of industries including: Government, Financial services, Telecommunications, Education, Healthcare, Manufacturing and Publishing.

About Information Development
Founded in 1969, Information Development is a systems integrator headquartered in Tokyo, Japan that offers a wide range of services including System Operation Management, Software Development, and Security Operations to the financial services, transportation, IT, telecom, and utility industries. ID is one of IBM’s Core Partners of the System Operating Division in Japan and helped spread McAfee from an early stage and is one of the powerful resellers of security solutions in Japan.

The post OpenIAM Announces Strategic Distributor Partnership With Japan’s Information Development appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY (PRWEB) June 30, 2014: OpenIAM, a provider of Identity and Access Management (IAM) solutions announces the immediate availability of version 3.1 of its IAM suite. The OpenIAM suite provides customers with a flexible and fully integrated IAM platform that can serve the needs for mid to large organizations. Organizations using the OpenIAM solution are able to:

• Provision and De-provision accounts to cloud services and on-premise applications
• Federate Single Sign On (SSO) to applications (cloud, enterprise, mobile) using standards such as SAML and OpenID
• Reverse proxy based SSO to applications that are not standards compliant
• Synchronize data from one or more source systems to target systems
• Audit
• Report

Version 3.1 builds on an already flexible platform and provides customers with the following new functionality and improvements:

• OpenIAM is now available in English, Spanish, German and Russian
• Access Review: a complete view of a user’s access privileges as well as determine access risk and exceptions
• Expanded list of out of the box workflow templates
• User management templates are configurable from the admin interface
• Scheduled reports: Users can subscribe to a report and have it delivered automatically
• Enhancements to:

1. Audit
2. Provisioning and Reconciliation engine
3. Administrative and operational tools
4. Configurability options for the Reverse proxy
5. New Connectors including: SCIM, REST, SOAP, Notes/Domino, Peoplesoft, SAP

These connectors are in addition to existing connectors for Microsoft Active Directory, LDAP, Microsoft Exchange, Google Apps, Salesforce.com, Groovy Script, Custom database tables, Oracle, Microsoft SQL Server and Linux.
“Certant chooses OpenIAM as its recommended product amongst other technologies because of OpenIAM’s benefits and added value to customers’ needs. Main benefits that led to our decision to make OpenIAM our first choice are simplicity, underlying technology, features, vision, roadmap, manufacturer quality of support, quality and total cost of ownership,” says Jonas Pfefferman CEO of Certant, an Argentina based consulting firm specializing in Identity Management services. Certant Identity Management services are certified under ISO 9001:2008 quality standards.

About OpenIAM, LLC
Founded in 2008, OpenIAM provides a comprehensive Identity and Access Management stack. The OpenIAM product suite has been built from the ground up to provide a cost effective, easy to use IAM solution without the issues found in offerings that have grown largely through acquisitions and legacy systems. The company’s products are being used by mid to large organizations in a variety of industries including: Government, financial services, telecommunications, education, healthcare, manufacturing, publishing, and retail. The OpenIAM ecosystem also includes systems integrator partners in the US, Europe, Asia and Latin America.

The post OpenIAM Announces the Availability of Version 3.1 of Its Identity and Access Management Suite appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY (PRWEB) March 03, 2015

OpenIAM, a provider of Identity and Access Management (IAM) solutions, has formed a business alliance with Unotech Software, an end-to-end partner for Open Source software conceptualization, development and deployment headquartered in Mumbai, India. The purpose of the alliance is to deliver a full-featured, high quality, yet economical IAM solutions to large enterprises in India.

“We are seeing strong demand for IAM solutions within the market in India,” said Ameet Shah, OpenIAM VP of Marketing. “Companies are increasingly interested in the cost savings offered through automation as well as improved security and governance. OpenIAM is expanding infrastructure in India to better support these customers.”

OpenIAM offers a comprehensive unified solution that is significantly easier to deploy and configure. It has been designed to co-exist in a heterogeneous environment where organizations may have a blend of cloud and on-premise solutions.
As part of the partnership, India based Unotech will oversee product integration providing end-to-end solutions ranging from consulting, deployment and managed services.

Mr. Vikas Jha, Managing Director of Unotech, said, “We are excited by the opportunity. We have seen IAM implementations fail to meet the expectations of customers due to their complexity of integration and high cost. With OpenIAM, we expect to deliver to our customers seamless integration to the existing environment and excellent ROIs. Our main motives are successful implementations through Unotech’s array of skills and knowledge.”
The OpenIAM solution suite offers customers the following functionality:

• Authentication and Authorization
• Self service portal for end users to manage their own profile, request approval, and change password
• Forgot password management
• Single sign-on to cloud and on-premise applications
• Automated Provisioning and De-provisioning
• Access review and certification
• Audit and compliance

About OpenIAM, LLC
Founded in 2008, OpenIAM is a comprehensive Identity and Access Management platform that manages an organization’s user identities and controls access to sensitive systems and data. The OpenIAM product suite has been built from the ground up to provide a cost effective, easy to use IAM solution without the issues found in offerings that have grown largely through acquisitions and legacy systems. The company’s products are being used by mid to large organizations in a variety of industries including: government, financial services, telecommunications, education, healthcare, manufacturing and publishing.
For more information, please visit: http://www.openiam.com

About Unotech Software
Founded in 2011, Unotech Software is an end-to-end partner for Open Source software conceptualization, development and deployment. They offer a full suite of software deployment services including support services like Consulting, Outsourced Product Development, Application Engineering and Open Source Training.
Unotech Software is dedicated to the cause of Open Source software and applications, the fact that they add value to your business and are fully customizable based on your unique challenges. Unotech Software is geared to offer effective substitution and automation techniques to your organization.
For more information, please visit: http://www.unotechsoft.com

The post OpenIAM Announces Partnership with Unotech Software appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY (PRWEB) March 10, 2015: OpenIAM, a provider of Identity and Access Management (IAM) solutions, has announced the release of version 3.3 of its IAM suite.

The OpenIAM suite is currently used globally by mid to large organizations in a variety of industries including financial services, healthcare, insurance, manufacturing and education. These organizations are using the OpenIAM solution to address a broad spectrum of challenges ranging from Access Review and Governance, User life cycle management, Selfservice and Single Sign On.

Of particular note in the new release are the improvements in the Access Governance functionality and the extended integration with Microsoft technologies. The new capabilities allow management of Sharepoint, Lync, and Office365. They also allow organizations to simplify tasks such as managing shared folders, computer objects, group management and certification. “For the OpenIAM customer, this means simplified management of their Microsoft ecosystem using the same OpenIAM platform that they use to manage their other systems,” said Ameet Shah, VP of Marketing at OpenIAM. “This simplifies the management effort, improves security and reduces costs.”

Version 3.3 offers customers the following new features and improvements:

• Improved group management with out of the box specialization for Active Directory Groups
• Extended integration with Microsoft technologies:

1) Active Directory - shared folder management
2) Microsoft Exchange - Ability to dynamically determine an available exchange database based on rules
3) Lync 2013 Connector
4) Office365 Connector
5) Sharepoint Connector

• Certification (Attestation) for Users and Group Membership
• Location management
• Improved flexibility in password policy and synchronization
• IT Policy / Terms and Conditions management
• Improved reporting
• Ease of use improvements for Federation and Reverse Proxy
• Localization: Portuguese and French
• Additional reports
• Support for PostgreSQL DB
• Performance improvements

About OpenIAM LLC

Founded in 2008, OpenIAM provides a comprehensive Identity and Access Management stack. The OpenIAM product suite has been built from the ground up to provide a cost effective, easy to use IAM solution without the issues found in offerings that have grown largely through acquisitions and legacy systems. The company’s products are being used by mid to large organizations in a variety of industries including: Government, financial services, telecommunications, education, healthcare, manufacturing, publishing, and retail. The OpenIAM ecosystem also includes systems integrator partners in the US, Europe, Asia and Latin America.

The post OpenIAM Releases Version 3.3 of its Identity and Access Management Stack appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY (PRWEB) April 07, 2015: OpenIAM, a provider of Identity and Access Management (IAM) solutions, has formed a business alliance with Certant, a company based out of Buenos Aires, Argentina. The purpose of the alliance is to deliver a full-featured, high quality, yet economical IAM solution to organizations in Argentina, Chile, Uruguay, Bolivia and Peru.

“There is a need for the OpenIAM solution in the Latin American market,” said Ameet Shah, OpenIAM VP of Marketing. “Companies are increasingly interested in the benefits of automation as well as improved governance and compliance with regulatory mandates.”

OpenIAM offers a comprehensive unified solution that is significantly easier to deploy and configure. It has been designed to co-exist in a heterogeneous environment where organizations may have a blend of cloud and on-premise solutions.

"Certant has found in OpenIAM a high quality, world-class and easy to implement Identity Management and Governance suite," says Jonás Pfefferman, Director at Certant. "Its architecture, support and features provide our customers with the right solution with affordable subscriptions. Also OpenIAM’s roadmap and vision gives to the companies that are currently acquiring OpenIAM a solution with a long term vision focused in identity management and governance’s needs."

The OpenIAM solution suite offers customers the following functionality:

• Authentication and Authorization
• Self service portal for end users to manage their own profile, aplications/programs request approval, and change password
• Forgot password management
• Single sign-on to cloud and on-premise applications
• Automated Provisioning and De-provisioning
• Access review and certification
• Audit and compliance

About OpenIAM, LLC:
Founded in 2008, OpenIAM is a comprehensive Identity and Access Management infrastructure that provides a strong security foundation to provision users and authenticate and authorize access to enterprise systems. The OpenIAM product suite has been built from the ground up to provide a cost effective, easy to use IAM solution without the issues found in offerings that have grown largely through acquisitions and legacy systems. The company’s products are being used by mid to large organizations in a variety of industries including: Government, financial services, telecommunications, education, healthcare, manufacturing, publishing, and retail. The OpenIAM ecosystem also includes systems integrator partners in the US, Europe, Asia and Latin America.
Visit us at:
https://www.openiam.com
https://twitter.com/openiam
https://www.facebook.com/openiam
https://www.linkedin.com/company/openiam-llc

About Certant:
Certant is a professional services consultancy company with HQ in Buenos Aires, Argentina. Founded in 1999, Certant has two main lines of services, Identity Management and Enterprise Software Development, with a special focus on eBanking and mBanking solutions. Certant’s professional services for Identity Management and software development are ISO 9001:2008 certified since 2009.

With strong customer oriented thinking, Certant’s Identity Management expertise began in 2005 and delivered more than 20 successful implementations for customers of varying size, industry, needs and countries in the LATAM region.

The Identity Management business understanding, expertise and skills of the company, along with its methodology and own processes, adds value to customers that need to define their IdM strategy, architecture, achieve goals, build their roadmap, implement a solution and grow it.

For OpenIAM, Certant covers SOLA (South of Latin American) region (Argentina, Chile, Uruguay, Bolivia and Peru) and Brazil under IDM Solutions brand.
Visit us at: http://www.certant.com/

The post OpenIAM Announces Partnership with Certant appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY (PRWEB) April 23, 2015:

OpenIAM, a leading provider of Identity and Access Management (IAM) solutions, has formed a business alliance with Chuanhow Technologies. The purpose of the alliance is to offer companies in Asia a mature, full-featured yet economical Identity and Access Management solution.

“We see strong potential for the OpenIAM solution in the Asian markets,” said Ameet Shah, OpenIAM VP of Marketing. “Companies are increasingly interested in the cost savings offered through automation as well as improved security and governance.”

OpenIAM offers a comprehensive unified solution that is significantly easier to deploy and configure. It has been designed to co-exist in a heterogeneous environment where organizations may have a blend of cloud and on-premise solutions. As part of this alliance, Chuanhow will help develop the partner network in Asia to distribute, implement and support the OpenIAM solution.

“We are very pleased to partner with OpenAM,” said Junhao Chen, CEO of Chuanhow. “Because many companies have begun to import cloud solutions, identity security will play an important role. OpenIAM information security products have won several awards. We see tremendous growth opportunities in our existing business.”

Current IAM offerings available in Asia are expensive, highly complex and difficult to deploy. Many of these solution providers have been slow to innovate and adapt to the changing needs resulting from cloud and mobile computing. This has limited the number of options available to companies looking to incorporate Identity and Access Management.

The OpenIAM solution suite offers customers the following functionality:

• Authentication and Authorization
• Selfservice portal for end users to manage their own profile, request approval, and change password
• Forgot password management
• Single sign-on to cloud and on-premise applications
• Automated Provisioning and De-provisioning
• Access review and certification
• Audit and compliance
• One Time Password (OTP)

End customers will gain the following benefits:

• Operational efficiency: Automated account provisioning and de-provisioning significantly reduces the burden on IT staff.
• Improved end user productivity: Single sign-on and self-service saves end-users time by not having to repeatedly login and improve security
• Improved audit and compliance: Fine-grained audit allows customers to see how to do what and when and meet regulatory mandates.

About OpenIAM, LLC
Founded in 2008, OpenIAM is a comprehensive Identity and Access Management infrastructure that provides a strong security foundation to provision users and authenticate and authorize access to enterprise systems. The OpenIAM product suite has been built from the ground up to provide a cost effective, easy to use IAM solution without the issues found in offerings that have grown largely through acquisitions and legacy systems. The company’s products are being used by mid to large organizations in a variety of industries including: Government, financial services, telecommunications, education, healthcare, manufacturing, publishing, and retail. The OpenIAM ecosystem also includes systems integrator partners in the US, Europe, Asia and Latin America.
Visit us at:
http://www.openiam.com
https://twitter.com/openiam
https://www.facebook.com/openiam
https://www.linkedin.com/company/openiam-llc

About Chuanhow Technologies
Chuanhow Technologies is a specialist in cloud computing/big data, software defined networking, network security, data analysis, data loss prevention, application delivery management, business continuity, enterprise software, e-commerce, mobile computing, asset management, social media and an innovation strategy for next generation products. Chuanhow helps vendors in the IT market develop a profitable business, provide a distinctive pathway for development, a new way of thinking to help reseller partners and enterprise customers reduce costs, optimize operations, improve efficiency, and build a profitable portfolio. Partner Website: http://www.chuanhow.com

The post OpenIAM Announces a Distributor Partnership with Chuanhow Technologies for Asian markets appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY, October 5, 2015: OpenIAM, a provider of Open Source Identity and Access Management (IAM) solutions, is collaborating with Red Hat to make its IAM suite available as an Amazon Machine Image (AMI) on the Amazon Web Service (AWS) Marketplace. The AMI uses Red Hat Enterprise Linux.

“OpenIAM is pleased to be included in the AWS Marketplace supporting our IAM stack with Red Hat Enterprise Linux,” said Arun Shah, CEO at OpenIAM. “The AWS marketplace allows customers to be up and running with OpenIAM in minutes and allows the solution to scale to support large deployments. This offering will be part of a managed service, allowing customers to focus on their business and let OpenIAM support their IAM infrastructure.”

“Red Hat is deeply committed to building a robust ecosystem of supported software for the cloud with our partners. The OpenIAM stack, based on open standards and supported on Red Hat Enterprise Linux in the cloud, delivers flexibility for customers looking for a fully supportable cloud-based identity infrastructure. We are pleased to include them as part of our software partner ecosystem,” said Mike Werner, Senior Director, Global Technology Partner Programs, Red Hat.

The OpenIAM solution suite offers customers the following functionality:

• Strong Authentication and Flexible Authorization engine
• Self Service portal for end users to manage their own profile, applications/programs request approval, and change password
• Forgot Password management
• Single Sign-On to cloud and on-premise applications
• Automated Provisioning and De-provisioning
• Access Review and Certification
• Audit and Compliance

The post OpenIAM Collaborates with Red Hat to Deliver its Identity and Access Management Suite on the AWS Marketplace appeared first on OpenIAM - Identity and Access Management.

CORTLANDT MANOR, NY (PRWEB) MARCH 30, 2016: OpenIAM, a leading provider of Open Source Identity and Access Management (IAM) solutions, announces a record 400% increase in sales growth in the first quarter of 2016 as the company has added many new customers across various industries. The uptick in growth is attributed to an increased market demand for an economical and scalable IAM suite as well as OpenIAM’s relentless effort in providing unparalleled customer care.

“The large increase in revenue this quarter signifies organizations’ urgent need for a unified IAM solution that is not only full-featured but has a low total cost of ownership,” said Ameet Shah, VP of Product Marketing at OpenIAM. “Current solutions on the market are either cost prohibitive, complex to install and deploy, or lack essential capabilities that many organizations need.”

High profile breaches of security in recent years have illustrated the critical need for software that securely and safely manages identities and sensitive data. This further underscores the fact that having an IAM system is no longer a luxury, but a critical component for any organization that seeks compliance. Yet many companies still have limited choices due to the astronomical costs of market leading solutions that consist of legacy components that need extensive cobbling in order to work in unison. OpenIAM’s growth this quarter has been fueled by filling this void in choices for Identity and Access Management.

In addition to the customer care, OpenIAM has created a uniquely user friendly, comprehensive IAM product. OpenIAM’s founders started the company pouring their own resources into it and loyal first adopters fueled our growth.

http://www.prweb.com/releases/2016/03/prweb13298862.htm

The post OpenIAM Quadruples Growth During First Quarter of 2016 appeared first on OpenIAM - Identity and Access Management.

CORTLANDT MANOR, NY (PRWEB) APRIL 13, 2016: OpenIAM, a vendor specializing in enterprise security, has announced version 3.4 of its Identity Manager. The OpenIAM suite is used globally by mid to large organizations in a variety of industries including financial services, healthcare, insurance, manufacturing and education. These organizations are using the OpenIAM solution to address a broad spectrum of challenges to improve security, compliance, reduce operational cost and improve end user productivity. The OpenIAM solution provides organizations with automated user life-cycle management, access governance and certification, Self-Service and Single Sign-On to both cloud and on-premise applications.

In this new version, organizations can look forward to:
*Expanded self-service functionality including Text/SMS token-based forgot password
*Entitlement and license management for popular cloud solutions such as Microsoft Office365, Google for Business and Box.net
*Improved performance

“Organizations can now administer on-premise and cloud systems from a single Identity management platform. This gives organizations a centralized solution to manage a hybrid environment,” said Ameet Shah, VP of Product Marketing at OpenIAM. “The integrated view also reduces the learning curve for administrators since they can perform their common tasks from a single interface instead of having to juggle separate administration interfaces for each product.”

The post Version 3.4 of the OpenIAM Identity Manager Released appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY: OpenIAM, a leading provider of Open Source IAG solutions, has successfully secured electronic privacy for patients at healthcare institutions. Additionally, the IAG stack has enhanced collaboration between medical personnel and their patients.

The healthcare industry currently faces multiple challenges in the area of information security. Of particular concern is HIPAA compliance and patient confidentiality, where there are now weekly headlines that involve data breaches of health records, which leads to patients lacking trust and confidence in the healthcare institution. Another issue in regards to HIPAA involves the sharing of information between medical personnel. The systems being used to access records must promptly establish the identity of the user with total certainty in order to retain integrity and security, while also keeping uptime.

The solution stack offered by OpenIAM has a proven track record in ameliorating these pain points. For healthcare customers, OpenIAM offers:
• Integration with other healthcare systems using standards such as SAML, and providing an Identity and Access infrastructure for health care portals
• A flexible authentication and authorization engine which can be used to manage who can access a patient’s information
• An Identity assurance framework to allow for on-boarding of users in a secure manager
• An Access Governance framework to control how access is granted and managed
• A flexible Self-Service functionality which reduces operational costs

The post OpenIAM helps improve patient privacy and collaboration between healthcare providers and patients appeared first on OpenIAM - Identity and Access Management.

CORTLANDT MANOR, NY JUNE 21, 2016: OpenIAM, a top Open Source Identity and Access Management vendor, has bolstered security at organizations while increasing employee productivity through its automated Self-Service Portal. In lieu of calls to the help desk due to forgotten passwords, which often results in long periods of downtime, users can quickly and securely reset their login credentials and resume being operational.

Employees have numerous options that are fast, secure and convenient when it comes to resetting their passwords through the OpenIAM Self-Service Portal. For instance, there are challenge response questions that can be customized so that users can reset their credentials by providing answers only they would know. Additionally, employees can create a new password using a One Time Token that is securely sent to their mobile device. All of this translates into no downtime due to forgotten passwords.

“There is an increased security risk during the call to the help desk as the agent assisting the user may not adequately screen the user before changing their password. This leaves valuable company resources potentially open to attack. OpenIAM’s fully automated Self Service portal reduces this risk,” said Ameet Shah, Chief Marketing Officer of OpenIAM.

OpenIAM offers one of the most comprehensive Self Service portals currently available that allows you to reset your password securely and quickly. Downtime due to forgotten passwords is eliminated and productivity is resumed. This feature provides the following capabilities:

• Web-based challenge-response using security questions
• One Time Token via SMS/Text to reset a password in case the user forgot their questions
• Windows credential provider to unlock a user’s account in case they locked themselves out of their windows desktop
• Self Service change password functionality
• Active Directory password filter that allows users to change their password in Windows and have it synched back to IDM

The Self Service portal is one of the many features of the OpenIAM Identity and Access Governance platform that is in use in deployments around the globe.

The post OpenIAM’s Self-Service Portal Strengthens Security and Increases Productivity appeared first on OpenIAM - Identity and Access Management.

Many of you know that we have been working on a major release called v4. It’s the largest release we have done in 3 years and is the next generation of our IAM platform.

v4 has been in the works for about 18 months -- it's packed with new features and architectural improvements which allow:

• Ease of use for end users
• Greatly improved performance and scalability
• New features for Identity Governance
• Features to support consumer identity

This blog will introduce you to what’s coming in v4 and a new update will be provided every week.

The post Version 4 Preview appeared first on OpenIAM - Identity and Access Management.

In version 4 of the OpenIAM suite, the UI has been overhauled to provide end users with the following benefits:

• Responsive design which will work on both desktop and mobile devices
• Ease of use improvements for both end-users and admins

The following provides a glimpse at some of the improvements.

Login Page

Forgot Password

Self-service -- Welcome Page

Self-service -- Common Use Header

Some operations are used by end users more extensively than others. To simplify the effort to use these operations and to reduce the learning curve for new users, these operations have been moved to the header. These operations include:

• SSO
• Directory lookup
• Change password
• In-box
• Create request

Self-service SSO Launch Pad

V4 moves the SSO launch pad to the header so that users can always access their application launch pad in one click

Self-service Shopping Cart

In v4, Users can collect the entitlements that they want to request access for into an e-commerce style shopping cart and the submit them together.

Admin Interface -- Simple Search

V4 Introduces the concept of a simple search and an Advanced search. Simple search is always visible in the header bar and Admins can search for Users, Organization objects, Groups, and Roles. Simple search allows users to search for text value across several attributes without having to specify the value. For example, you can search for “smith” and it will check for users with the lastname, first name, and loginid with the value of “smith”.

If users need more options, they can click on the “Advanced Search” option to search by a broad range of attributes.

Admin Interface -- Advanced Search

Each type of Object has its own set options for the advanced search. The screenshot below shows the advanced search for users and search results

Admin Interface -- Workflow Monitoring

Workflows are an important part of the identity governance solution and v4 allows users and admins to monitor workflows and their status.

The post UI Improvements for v4 appeared first on OpenIAM - Identity and Access Management.

This month, OpenIAM was featured in the technology magazine CIO Review.

The post OpenIAM Profiled in CIO Review appeared first on OpenIAM - Identity and Access Management.

Cortlandt Manor, NY: OpenIAM announces version 3.5 of the Identity and Access Governance solution. The new release improves upon the previous version by offering better performance and scalability, improved flexibility, and better tools for operational support.

Some of the new features and improvements include:

• Improved Role Based Access Control Model: Customers may need to run two versions of an application in parallel. Data Model Versioning ensures that changes in one version are not rolled out to users of another version, and allows customers to have fine-tuned control over the process.
• Distributed Connector Architecture: This change in connector architecture allows for far greater performance, scalability and options for cloud and on-premise deployments.
• User Management: Better operational tools that simplify tasks such as renaming of users (in the event of changes in marital status, for example), as well as expanded UI support for logging/resending of emails.
• Message Queue Management: Operational tools that allow administrators to have greater visibility into the OpenIAM message queue where they can see the number of messages in progress, success/failures, and the option to retry fail messages.

A full list of the new features to look forward to in version 3.5 can be found on our wiki.

The post v3.5 of the OpenIAM Identity and Access Governance Suite Gets Rolled Out appeared first on OpenIAM - Identity and Access Management.

Many of our Identity Management customers have a Microsoft Environment which consists of Microsoft Active Directory and complementary components such as Microsoft Exchange, Lync, SQL server, etc. Many of these customers have, or are in the process of adopting Microsoft’s Office 365 platform (O365). Adopting O365 allows companies to move some of the components to the cloud.

Microsoft provides a technology called DirSync (which is currently being replaced by Azure Connect), which allows you to sync accounts in AD to the cloud platform so that users have a single identity between the cloud and on-premise world.

By itself this functionality does not go far enough to address the needs of larger customers who need to manage thousands of users, integrate various other technologies and conform to corporate policies. Some of the challenges are listed below. You will find that some of these issues may not be relevant to your environment as this will depend on the components of the Microsoft stack which are being used and how the synchronization between AD and O365 has been enabled.

For new users (Joiners) and existing users, consider:

• Activesync accounts from on-premise AD to O365 Tenant
• Mailbox
• Does the user get an on-premise mailbox or one in the cloud?
• If on-premise, do we still want to synch to the cloud as a backup mailbox?
• Being able to switch existing users from on-premise to cloud
• Resource mailboxes (Room, Equipment, etc) on-premise or in the cloud
• Creating a secondary mailbox in the cloud for users who may have a primary mailbox on-premise
• Show in Global Address List (GAL) or not?
• On-premise home folder vs OneDrive for Business or both
• Office365 Subscription Management
• If you pick an E3 subscription, should you be entitled to all the functionality in an E3 subscription?
• Are there other O365 services like CRM Online which are available to some users?
• Mobile Device Management - On-premise vs Intune (Cloud)

To enable deprovisioning users (Leavers), consider:

• Disabling the account in Active Directory
• If on-premise mailbox, then disable the mailbox per polices
• If it’s a cloud mail then set cloud-related policies such as the retention period
• Disabling from the GAL

If this process is not governed by a flexible automated solution, then the administrative overhead must also be factored in which will be both time consuming and potentially error prone.

The rest of this article describes how the OpenIAM Identity manager was used to address these challenges at a large customer. In this case, the organization:

• Has users which are geographically distributed
• Was moving from exchange online to O365, but both environments had to be supported
• Needed to support both automated provisioning and deprovisioning from a source system to manage users from the UI

Architecture

As indicated earlier, when companies adopt O365, they have a choice:

• They can manage the two environments separately and use some other technology besides DirSync to sync accounts
• Use DirSync or Azure Connect to sync the identities between the on-premise and cloud environments

For companies which have a significant number of users and investment in developing a robust on-premise solution, using the DirSync technology makes sense as a starting point. This decision was made and implemented before deciding to leverage the existing enterprise IdM solution to gain control over the challenges listed above. The resulting architecture is shown below.

Solution

In the architecture above users can be created, updated, or terminated from three different locations:

• HR system which will be processed by the automated provisioning functionality
• Administration interface where admins can create, update or terminate users
• End User who may make changes in their service

Assuming that we have a new user in the HR system, then that event will be sent to IdM and passed to the provisioning service where the following will occur:

• Provision the account in AD
• Determine if the person gets an on premise mailbox or cloud mailbox.
• If it’s a cloud mailbox, then set the following attributes in AD so that DirSync knows that this user needs a cloud account
• DirSync will then run at regular intervals and we will see the user

After DirSync runs, you will see the user in the O365 Admin console. However, the user will not be licensed.

To automate this functionality, the OpenIAM O365 Licensing utility was enabled to run right after the DirSync process. The license utility would use the entitlement information associated with the user to do the following:

• Add the appropriate type of O365 subscription - E1, E3, E5, etc.
• Activate the specific functionality within the subscription type based on a person’s entitlements

When events are triggered from the HR system, all of the above functionality is handled through business rules and powershell connectors.

For administrators, the objective was to provide an all inclusive interface where administrators could seamlessly manage both the on-premise infrastructure and the cloud infrastructure without accessing the O365 admin portal.
To achieve this, parts of the user interface were extended so that admin and helpdesk users could:

• Select if a person should get a cloud mailbox or an on-premise mailbox. We can see this from the screenshot below that shows the mailbox drop down with options for Cloud and various size of on-premise mailbox.
• Option to sync on-premise accounts to the cloud
• Enable OneDrive For Business (OFB) if needed
• Publish to the GAL

• If a cloud mailbox was selected, then you should select the options in O365 which are to be enabled which is shown in the screenshot below.

Other extensions were added to enable switching between on-prem and cloud accounts for existing users as well as adding secondary mailboxes.

Leavers

Just as we added functionality to simplify the creation and management of users, the leavers process was also extended. Initially, the leavers process was only focused on the on-premise environment where:

• The account is first disabled and then policies are set in Exchange for the mailbox to start archiving, change the quota, etc.
• After a period of X days, the account is fully deleted

After O365 was added, the leaver process was extended to:

• Disable the account
• Determine if we have a cloud or on-premise account. If it’s on-premise, then use the on-premise rules. If it’s a cloud user, then set retention policies, etc
• After a period of X days, the leaver process will revoke the O365 licenses so that the licenses are freed up. This is after an “in-place hold” or “litigation hold” has been successfully created for the mailbox. An in-place hold provides the ability to preserve the contents of the mailbox. Since the time needed to apply an in-place hold may vary due to the size of the mailbox, OpenIAM waits for the process to complete before revoking the licenses.
• Delete the accounts.

Conclusion

As you can see, managing a hybrid On-Premise and Cloud environment poses some challenges. To overcome these challenges, organizations need to define policies and procedures which align to their business objectives. As a next step, tools can be deployed to provide a consistent way for admins and helpdesk staff to manage the environment without burdening them with additional overhead.

The post Managing Active Directory and Office365 through OpenIAM appeared first on OpenIAM - Identity and Access Management.