Identity Plus is a born-in-cloud multi-tenant solution for Identity Governance and Administration. Built on Ilantus’ 18 odd years of experience implementing over 500 IGA instances across multiple technologies, Identity plus is the true synthesis of mature IGA customer requirements. Put simply, Identity Plus takes care of technology-heavy lifting, while customers can focus on business-related deployments.
- Tailor-made for mature IGA businesses with ready integrations to access management solutions.
- Pure cloud deployment eliminates any disruption to business-as-usual. Emphasis on configuration rather than customization.
- Quick applications onboarding.
- Intelligent IGA that enables users with data-driven, decision-making guidance
Multi-Tenancy IGA in the Cloud
Identity Plus is multi-tenant SaaS IAM solution that runs different instances for multiple-tenants, thereby securing confidential data for each tenant. Apart from the Identity plus application, each customer also shares a multi-tenant database.
Benefits of Identity plus multi-tenant model.
- Helps make your IAM purchase cost-effective
- Improves the efficiency of maintenance, updates, and upgrades
- Maximizes the use of the resources
- The client’s business is not affected by frequent upgrades
- Highly flexible, scalable and delivers high performance
Role-based Account and Entitlements Provisioning
Accommodate various scenarios that come up during a user’s lifecycle within an organization.
Identity Plus creates accounts, assigns entitlements based on user attributes and roles and grants access to users based on role memberships. Administrators can create static/dynamic roles.
Rule based Role assignments
Create rules based on different user attributes and scenarios so that users may automatically be assigned to specific roles when added to Identity Plus or when any of the existing users’ attributes are changed.
Enable necessary accesses to different systems and applications to be automatically granted to new users based on preconfigured rules.
Transfers and Promotions
Automatically adjust user access across business apps and entitlements based on promotions and transfers. This includes both providing access to set of accesses and removing the older accesses are required.
Access Requests – Accounts and Entitlements
Users can request access to any on-boarded application as well as request additional entitlements within an already provisioned application. When requests need more than one review to approve access, Identity Plus can enable Multi-Level Approval Workflows. Then, upon approval, Identity Plus automatically provisions the access to the user.
Multi-level approval workflow
Empower admins to configure multi-level approval workflows for access requests such that multiple authorities can review the request before access is granted. Admins can choose a user’s manager or any other role as the approving authority at each level of the workflow. Upon approval, access is provisioned automatically.
Manager Initiated Access Request
You can equip managers to request access or request the termination of an application or entitlement on behalf of its direct reports. These requests also follow a pre-configured multilevel approval workflow before the request is fulfilled.
Many users need access to an application only for a specific project and for a limited time. You can enable users to request access for short duration ensures that a provisioned account or entitlement will be revoked once a specified period is complete. The product also allows users to request for an extension of access.
Not only is timely access important for new users, but also is the timely removal of accesses. When a user leaves an organization, you can immediately remove all the user’s business application accesses. This automated feature supports statutory and regulatory compliance, ensures effective security and removes the burden of manual de-provisioning.
Suspension and Restoration
You can automatically suspend or deletes users who are marked as Suspended in the integrated SoT – CSV, Enterprise Directory or HRMS.
When someone leaves an organization, Identity plus automatically revokes their accesses across all business apps. This enforces Statutory and Regulatory compliance and ensures that user licenses are utilized appropriately.
Provide an easy way to manage and run access certification campaigns (review and recertification) across the organization. The solution can configure multilevel review campaigns that can be scheduled to run on a regular basis, thus automating a major regulatory and compliance activity.
Orphan Account Management
Identity Plus detects orphan accounts across business apps and allows the admin to delete the account or assign it to a current user within the organization.
Multi-level access review campaign
Allow admins to configure multi-level review campaign such that multiple authorities can review the accesses before it is certified. It also allows to easily configure the kind of accesses that need to be reviewed by each level of the reviewer.
Scheduled Access Recertifications Campaigns
Identity Plus allows admins to configure periodic review campaigns based on the criticality of the apps so it is triggered automatically at regular intervals
Auto-fulfilment of recertification
Once the review campaign is completed, Identity Plus can provide a summary of accesses that need to be revoked or it can automatically remove the access for accesses that have been certified to be removed.
Unified Identity Store
Identity Plus has an in-built Identity Store that acts as the central directory of all users and roles created in the product or any other source. This allows the solution to scale quickly. It also allows organizations to access all functionalities of Identity Plus even if it is not using an Active Directory.
Identity Plus makes eliminates multiple passwords and simplifies password management significantly. Users create the unified Identity Plus password which syncs with all onboarded applications. Users can then login with this one password to open all applications.
Reverse Password Sync from AD
Password changed on the Active Directory is used to synchronize all the other application passwords for that user.
Integration with Active Directory, HRMS and CSV
Instead of onboarding users from multiple Systems of Truth (SoT), Identity Plus integrates these systems (AD, HRMS, CSV) into the Identity Plus Identity Store.
Organizations can use the product to easily onboard users and manage users as well as groups from this one SoT.
Identity Plus also allows multiple directory domains within the same tenant instance of the solution.
Administrators can configure different features required for different domains.
Self-service Password Change
Enable users to change their primary passwords. If authentication is delegated to the Active Directory, a change to the password within the solution changes the Active Directory Password as well.
Self-service Password Reset and Unlock
Allow users to reset forgotten passwords or to unlock their accounts without assistance from a helpdesk. This can be done through verification with alternate factors such as security questions, Email OTPs, SMS OTPs, and Soft Tokens
Dashboard and Reporting
Identity Plus provides an intuitive dashboard to view common events such as:
- Tasks – Approval Task, Review Tasks, Pending Activation
- Pending Account Activations
- Status Of Directory Agents
- Status Of CSV/AD/SOT Import Operations
- Status Of Various Provisioning Operations
You can also avail a variety of pre-configured reports ready for audits and Statutory and Regulatory compliance. These reports can be downloaded in PDF or XLS formats.
Analytics and Visualization
Identity plus has incorporated the best in class data analytics and visualization engine that helps organizations migrate from basic IAM automation to dynamic risk calculated intelligent decision making. It delivers advanced intelligence dashboards as well as intuitive analytics reports based on the data collected and available in IAM.
Based on real-time identity and access data analysis, it provides intelligent insights to make better IAM decisions on ULM activities, Access Request, Access Approval, and Access Certifications. It provides Analytics-driven security solutions with plenty of visualization including bar charts, pie charts, line charts and combination of these charts
Integration with Access Management tools.
Identity plus easily integrates with Access Management solutions (SSO) such as Ilantus SSO, as well as access solutions such as ISAM, Okta and others. It allows users to easily and securely sign-on to your enterprise applications. Integration with Access Management tools helps end-users strike a balance between daily use and security with integrated access management control.