One of the first truly remarkable multi-tenanted IGA product is doing wonders for customers.

If you are struggling with a traditional IGA product like CA, Oracle or IBM then Identity Plus is the solution for you. Also, if you never invested in IGA solution because you feared its complexity and investment then you finally have an option.

Identity Plus is a true enterprise-class, multi-tenanted IGA solution that doesn’t cost a fortune.

Multi-Tenancy IGA in the Cloud

Identity Plus is a highly scalable and multi-tenanted Identity Governance and Administration platform hosted on cloud.

Customer can subscribe to the platform over the cloud and start using it with minimal intervention from the implementation team.

Role-based Account and Entitlements Provisioning

Identity Plus accommodates various scenarios that come up during a user’s lifecycle within an organization.

Identity Plus creates accounts, assigns entitlements based on user attributes and roles and grants access to users based on role memberships. Administrators can create static/dynamic roles.

Rule based Role assignments

Create rules based on different user attributes and scenarios so that users may automatically be assigned to specific roles when added to Identity Plus or when any of the existing users’ attributes are changed.

Birth-right Provisioning

Identity plus enables the necessary accesses to different systems and applications to be automatically granted to new users based on preconfigured rules.

Transfers and Promotions

Identity plus automatically adjusts user access across business apps and entitlements based on promotions and transfers. This includes both providing access to set of accesses and removing the older accesses are required.

Access Requests – Accounts and Entitlements

Identity Plus is a user friendly request tool. Users can request access to any onboarded application as well as request additional entitlements within an already provisioned application. When requests need more than one review to approve access, Identity Plus can enable Multi-Level Approval Workflows. Then, upon approval, Identity Plus automatically provisions the access to the user.

Multi-level approval workflow

Identity Plus allows admins to configure multi-level approval workflows for access requests such that multiple authorities can review the request before access is granted. Admins can choose a user’s manager or any other role as the approving authority at each level of the workflow. Upon approval, access is provisioned automatically.

Manager Initiated Access Request

Identity plus allows managers to request access or request the termination of an application or entitlement on behalf of its direct reports. These requests also follow a pre-configured multilevel approval workflow before the request is fulfilled.

Time bound access

Many users need access to an application only for a specific project and for a limited time. Identity Plus allows user to request access for short duration ensures that a provisioned account or entitlement will be revoked once a specified period is complete. It also allows users to request for an extension of access.

Auto De-Provisioning

Not only is timely access important for new users, so is the timely removal of accesses. When a user leaves an organization, Identity Plus can immediately remove all the user’s business application accesses. This automated feature supports statutory and regulatory compliance, ensures effective security and removes the burden of manual de-provisioning.

Suspension and Restoration

Identity Plus automatically suspends or deletes users who are marked as Suspended in the integrated SoT – CSV, Enterprise Directory or HRMS.

Deprovisioning/Termination

When someone leaves an organization, Identity plus automatically revokes their accesses across all business apps. This enforces Statutory and Regulatory compliance and ensure that user licenses are utilized appropriately.

Access Certification

Identity Plus provides an easy way to manage and run access certification campaigns (review and recertification) across the organization. Identity Plus can configure multilevel review campaigns that can be scheduled to run on a regular basis thus automating a major regulatory and compliance activity.

Orphan Account Management

Most organizations have accesses granted to an ex-employee that is yet to be removed from the applications. Such accounts are a security risk and a cost to the organization. Identity Plus detects orphan accounts across business apps and allows the admin to delete the account or assign it to a current user within the organization.

Multi-level access review campaign

Identity Plus allows admins to configure multi-level review campaign such that multiple authorities can review the accesses before it is certified. It also allows to easily configure the kind of accesses that need to be reviewed by each level of reviewer.

Scheduled Access Recertifications Campaigns

Identity Plus allows admins to configure periodic review campaigns based on the criticality of the apps so it is triggered automatically at regular intervals.

Auto-fulfilment of recertification

Once the review campaign is completed, Identity Plus can provide a summary of accesses that need to be revoked or it can automatically remove the access for accesses that have been certified to be removed.

Unified Identity Store

Identity Plus has a built-in Identity Store that acts as the central directory of all users and roles created in Identity Plus or in any other source. This allows the solution to be massively scalable. It also allows organizations to access all functionalities of Identity Plus even if it is not using an Active Directory.

Password Synchronization

Identity Plus makes remembering passwords to all business applications a snap because  it eliminates multiple passwords. Users create an Identity Plus password which syncs with all onboarded applications. Users log in with the Identity Plus password to open all applications.

There are some who are uneasy using only one password.

They feel that one password is a risk – easier to crack one password than many passwords.

But what is the real risk – a single complex password or multiple weak passwords?

When users need to use many passwords, they tend to make them easy to remember. Easy passwords are weak passwords. Weak passwords are a security risk. Using a single password ensures the use of strong passwords. Now remembering strong passwords is easier because users only need to remember one. Security increases and poor memory techniques such as writing down passwords is eliminated. All this made possible with Identity Plus Password Sync.

Reverse Password Sync from AD

Password changed on the Active Directory is used to synchronize all the other application passwords for that user.

Integration with Active Directory, HRMS and CSV

Instead of onboarding users from  multiple Systems of Truth (SoT), Identity Plus integrates these systems (AD, HRMS, CSV) into the Identity Plus Identity Store.  Organizations can use Identity Plus to easily onboard users and manage users and groups from this one SoT.

Identity Plus also allows multiple directory domains within the same tenant instance of the solution.

Administrators can configure different features required for different domains.

Self-service Password Change

Identity Plus allows users to change their primary passwords. If authentication is delegated to the Active Directory, a change to the password within the solution changes the Active Directory Password as well.

Self-service Password Reset and Unlock

Identity Plus allows users to reset forgotten passwords or to unlock their accounts without assistance from a helpdesk. This can be done through verification with alternate factors such as security questions, Email OTPs, SMS OTPs and Soft Tokens

Dashboard and Reporting

Identity Plus provides an intuitive dashboard to view common events such as:

  • Tasks – Approval Task, Review Tasks, Pending Activation
  • Pending Account Activations
  • Status Of Directory Agents
  • Status Of CSV/AD/SOT Import Operations
  • Status Of Various Provisioning Operations

Identity Plus also provides a variety of pre-configured reports ready for audits and Statutory and Regulatory compliance. These reports can be downloaded in PDF or XLS formats.

Dashboard
Reports

Integration with Access Management

With Identity Plus, organizations can experience seamless Identity and Access Management.  The solution easily integrates with Access Management  solutions (SSO) like Ilantus SSO and Third-Party solutions such as Okta.

Differentiators

Integrate with Access Management Systems

Integrate with leading access management systems like Okta.

Multi-Tenancy

Create multiple instances of Identity Plus for different divisions, departments or organizations within the business. Each instance can be managed independently of the others.

Password Management

Experience ‘one-password across all apps’ when Identity Plus syncs password changes in real-time with all your apps. Reset AD password right from the Identity Plus solution.

Quick Implementation

Time is costly when it comes to getting a solution up and running. Waiting over a week for an implementation to go live can affect business operations. While other solutions need time to deploy, Identity Plus can be live in an afternoon.

Achieve a Sustainable Identity and Access Management Program

Enable users to quickly and easily connect to applications and empower administrators to easily manage policies, certification campaigns and system maintenance without costly customized coding.

Speed Deployment at Lower Cost

Identity Plus uses a configuration deployment approach. It reduces the time and cost it takes to get this Identity Governance and Administration solution up and running. Once deployed, the solution lowers ongoing maintenance costs, ultimately reducing overall time to value.

Benefits

Experience a true cloud IGA solution that simplifies governance, automates provisioning and ensures compliance. User accesses are controlled from end to end with Ilantus Identity Plus.

  • Meets all IAM needs in one solution
  • Flexibility to decentralize IAM operations
  • Easy integration with existing solutions
  • Day One solution access with a pool of pre-built connectors
  • Superior user experience with speedy access
  • User friendly access across all devices
  • Improved security with one password
  • Compatible with all browsers for efficient browser preference