Compact Identity

Access Management

 SSO to any app

Seamless SSO with ‘no app left behind’, including on-premise and thick-client apps. Web apps, federated, non-federated, thick-client, legacy or custom-built apps –  will all l be included in your SSO environment. Mobile apps and IOT devices are supported too.

ZZ
App Store

Database of commonly used apps, pre-configured, and ready to download. Custom or homegrown apps can be integrated easily.

ZZ
Browser Preference

Experience superior optimization when each app launches in the browser that is specified for it during set-up.

Browser preference
ZZ
Shared App Login

Save money by sharing app licenses. Compact Identity can allow multiple persons to use a single license during different sessions, and yet protect the app password from all the users. Accountability for all users of a license through audits is also supported.

Cloud ID store
ZZ
Universal Directory

If your business wants to save on AD licenses by only creating AD accounts where they are really required, or doesn’t feel the need for an AD at all, our integrated Universal Directory stores and handles all identities in your IT environment.

  • Secure SSO to web, federated, thick client, mobile app and IoT devices
  • Readily available – large number of pre-configured apps on our cloud Appstore
  • Mobile SSO- enables single sign-on from all devices
  • Browser preference for SSO – optimizes app performace by automatically opening in the preferred browser
  • Shared application login

 Password Synchronization

Eliminate time-wastage and avoid confusion when passwords that are changed or reset within Compact Identity, or within apps, are synced with one other.

  • Forward Password Sync: Password changes in Compact Identity are synced with your AD
  • Reverse Password Sync: AD password changes are synced with Compact Identity
Helpdesk Assisted Password Reset

Empower your helpdesk to perform password resets from their end, utilizing the Compact Identity interface.

  • Self-service – Password Reset / Account Unlock
  • Password Sync- Have just one password even for apps that do not integrate with AD
  • Reverse Password Sync- Have all passwords synced, even if directly updated in AD & not in Compact Identity
  • Helpdesk Assisted Password Reset- Let the password management system work for the help desk, if needed
  • Password Reset from Windows Login with MFA- Enjoy an exceptional user experience

Identity Governance

Access Request

  • Self-service Access Request – To roles, apps, entitlements (supported with analytics and system suggestions) and request for any attribute to reduce risks
  • Multi-level approvals- Get set with multiple levels to approve a high-risk access
  • Manager approval – Supported by analytics and risk metrics, enable managers to take right decisions by providing required information on the fly
  • Delegated approval- Allow managers to delegate if not confident in taking decision

Access Certification

A safe business not only utilizes a secure access provisioning system but reviews access rights regularly. Our solution automates user access reviews and, if configured, revokes accesses that are no longer suitable, or, pushes notifications to various target systems for managers to review.

  • Access Review/Certification – Regularly monitor ‘who has access to what’
  • Multi-level review- Reassess the appropriateness of accesses at specified intervals
  • Auto Fulfilment- Ensures that all access that are no longer required are terminated
  • Orphan Account Identification and Management- Identify orphan accounts to reduce risk and increase compliance
  • Orphan Account Identification and Management- Identify orphan accounts to reduce risk and increase compliance
  • Compliance Reports- Automated and customizable to suit your needs

Orphan Account Management

Sometimes accounts can become ‘orphaned’ when they no longer have a valid user. Such accounts present a critical security risk because they can be used and accessed without any person being accountable for actions performed within these accounts. Compact Identity detects orphan accounts and enables admins to delete them. This automation also saves your business money by freeing up licenses.

Segregation of Duties

It is a security risk if a person who has entitlements to modify critical data, such as writing company cheques, also somehow gains entitlement to cashing company cheques. Hence, a system of Segregation of Duties must be in place to prevent such mishaps. With Compact Identity, you can

  • Define policies for toxic combinations of access rights
  • Simplify ways to set up SOD rules
  • Figure out access violations before granting
  • Bypassing SoD recommendations requires reasons to be given by the approving party which are then documented and auditable.
  • Enforce regular SOD policy reviews

Identity Administration

Self Service Access Request

 Employees often need to access new roles, apps or entitlements as they grow in their jobs, and their projects become more complex. Compact Identity lets them request this on the go.

Multi-Level Request Approvals

A single person approving an app, role or entitlement request works for most low-risk apps. But, what happens when access to an app also exposes a user to sensitive data or enables them to make high-impact decisions? In such situations, approval from multiple concerned parties is best. Compact identity allows you to configure multi-level workflows for an app to be approved.

Manager Approval

Managers can handle access requests intelligently with support from analytics and risk metrics that are inherent in Compact Identity.

Birthright Provisioning:

Save time and money and avoid confusion when our solution automatically creates user accounts with entitlements for new employees in target applications.

Promotions and Transfers

Promotions and transfers maximize a business’ employee investments. But, this comes with overhead. Our solution automatically manages access rights when an employee changes jobs within your company and thereby increases agility.

Enterprise Mobility Management

With corporate staff using mobile devices for work on-the-go these days, it is critical that the company data is secure. Compact Identity monitors and controls data on corporate devices, locks apps and data on lost devices, and erases corporate information when employees quit or are terminated.

  • SSO to mobile applications including OAuth & Open ID
  •   Auto install/uninstall apps when access rights are granted or revoked
  •   Control corporate data on registered devices
  • Lock apps and data when devices are lost
  • Erase corporate information as soon as employees depart

Deprovisioning

Protect your business and comply with statutory regulations when our solution automatically disables access to roles, apps, and entitlements  as an employee quits or is terminated

  • Birthright provisioning- Improve internal SLAs, reduce unproductive time for new hires, improve new employee satisfaction.
    • Automate user onboarding
    • Account and Entitlement creation
  • Instant access to birthright apps
    • Auto adjust accesses as and when a user’s role change (Promotions/Transfers)
    •  Disableusers’ accounts and revoke access permissions on a user’s last working day-
  • Reduce security risk
  • Reduce license costs
    • Enable policy-based account suspension and restoration
    • Delegate admin access supported

IoT Management

  • Manage login to IoT devices
  • Create, suspend, delete IoT user access
  • Supports all protocols: HTTP, XMPP, Web Socket, MQTT

Privilege Access Management

High-level accounts with entitlements to critical functions such as writing cheques for large amounts require a different level of security. PAM is a luxury IAM offering from select vendors, but, in truth, it is critical to your business’ security. Compact Identity includes PAM in its base offering at no extra charge.

  • Live session recording and monitoring
  • Access Request and Approval workflow
  • Comprehensive reporting
  • MFA

Endpoint Management

  • Manage access to endpoint devices
  • Centralized management with cloud Identity Store
  • Cloud-based policy enforcement for remote devices
  • Prevent data breaches and unauthorized access with MFA

3rd Party Integrations

  • OOTB integration to Microsoft Azure Access Management- add to your Microsoft access management all IGA features
  • Integration with 3rd Party AM, IGA and PAM solutions
  • Integration to leading endpoint management technologies to optimize security
  • Integration with security tools such as SIEM, UEBA

Analytics and Business Intelligence

Gain a multidimensional view of identity data in your company with Compact Identity’s advanced data mining and analytics.

  • Advanced Data Mining and Analytics
    • Provides business context to information
    • Multidimensional views of identity data
    • Provides comprehensive user administration and governance information
  • Customizable Dashboards
    • For IT Security, IT Admin, Application Owners, Managers and any other role
    • Monitor and manage what you need to

API Management

  • Utilize Compact Identity functions like authentication for your own services
  • Manage all APIs securely and easily.
  • Source of authentication to 3rd party applications
  • OAuth ready – applications like Azure AD can SSO to Compact Identity
  •     API’s supported
    • Add User
    • Edit User
    • Suspend User
    • Restore User
    • Delete User
Multi-Factor Authentication
  • Integrated authentication mechanisms
  • Email OTP
  • SMS OTP
  • Challenge-Response
  • Biometric
  • Soft token
  • FIDO2 tokens
  • Mobile Biometric & Microsoft Hello
  • Automate MFA with integrated Adaptive Authentication

Consolidated Access View

In today’s IT security environment, knowledge is power, and organized knowledge is ideal. Our dashboard’s consolidated view shows individual and aggregate identity, and related access, information and statistics in the most concise and accessible way. The dashboard can be customized to different ‘user personas’ such as IT Admins, App Owners, IT Security, etc.