Access Management

A variety of applications and access needs?

Organisations often have both internal and external information systems and applications. In addition to own employees, there might be users from subcontractors and partners. This adds up to numerous ways of accessing the applications needed in your organisation. Making it secure yet easy for the end users may sound like an impossible task.

All applications at your reach, easily and securely!

Luckily, your organisation is not the first one to face these problems. Access management solutions are a way to provide end users a centralised and secure passage to all the applications they need. Strong authentication methods and several ways to pass on the identity information to applications make this possible. As an example, Access Management solutions provide new business possibilities by allowing trusted partners to access predefined applications and information systems in your organisation.

Interoperability with existing solutions

Any standard HTTP application can be integrated into the access management system, even without modifications to the application code.

Federation protocols, e.g. SAML and WS-Federation, are also supported. The federated approach provides your employees a secure, single sign-on access to services of other organisations – or allows your partners to access your services.

Also, your organisation’s existing user databases, such as Novell eDirectory or Microsoft Active Directory, can be used as an identity storage for the Access Management solution. If you already have an Identity Management solution implemented, it can be seamlessly integrated as well.

This is how Access Management works

This is what happens in an Access Management system when an end user needs to access applications.

  1. Initiation traffic is directed to an Access Control Server.
  2. Identity Server is triggered to authenticate the user.
  3. The Identity Server performs the authentication and caches the identity information retrieved from a User Directory.
  4. The Identity Server relays the authorisation and identity information to the Access Control Server.
  5. The Access Control Server relays the identity information needed by each system using various identity injection methods. The authorisation decision is done either on Access Control Server or by the applications based on the provided identity information.
  6. The end user can access the authorised applications while the Access Control Server acts as a HTTP proxy. The whole process is transparent to the user.

Remote worker's access

Not all employees work from within the confines of the office’s local network. Access to resources should be independent of a their location. Access Management provides the same secure access and user experience whether the employees are accessing resources from your office or remotely, such as their homes or an airport terminal.

Ease of access

If your organisation is like most, you have multiple applications that require user login. Multiple logins typically means multiple passwords. And multiple passwords mean forgotten passwords.

With Access Management serving as the front-end authentication, you can deploy standards-based Web single sign-on. This means your employees, partners, and customers only need to remember one password or login routine to access all the corporate and Web-based applications they are authorised to use.

By simplifying the use and management of passwords, Access Management reduces the amount of help desk calls, provides better user experience and helps in getting rid of vulnerable written password reminders.