Identity Management Features
(1)Core ID-Synch® features include:
- Automatic Propagation of Changes from Authoritative to Target Systems
(2)ID-Synch monitors one or more systems of record, such as HR or a corporate directory, for changes. Events such as hires, moves and terminations are transformed into administrative updates, such as creating new users, changing user attributes or disabling existing users and applied to managed systems.
Automatic change propagation leverages existing business processes (in HR or payroll for example) to automate predictable systems administration tasks. Automated administration eliminates unnecessary manual work, hastens productivity for new users and ensures that access is promptly deactivated for terminated users.
- Self-service Authorization workflow for Change Requests
(3)Users are empowered to submit requests for new, changed or terminated systems access or to change their personal profile information. For example, a manager may submit a request for new accounts for a new hire or contractors may request additional system access for themselves.
Requests are automatically validated, filled out with extra attributes such as login ID or directory OU and routed to the appropriate authorizers. Authorizers are assigned based on the resources requested or the identity of the requester.
Authorizers review open requests and may approve or reject them.
Approved requests are automatically applied to managed systems by ID-Synch.
In many organizations, most of the cost and delay of access management is due to entry, routing and approvals of change requests. ID-Synch streamlines requests with easy input and parallel routing, to significantly reduce the delay between first input of a request and its fulfillment.
Rapid access provisioning improves user productivity: new hires no longer spend days or weeks waiting for access before they can start work. Managers spend less time filling in and tracking paper requests.
- Consolidated and Delegated User Administration
(4)Security administrators can log into an ID-Synch web user interface, from which they can create new accounts; delete, enable, disable, rename or update existing accounts; and manage the membership of users in security groups and distribution lists.
Local IT resources and managers can be assigned the right to manage some users on some systems, so they can get faster service without direct involvement from security administrators.
Simplified management of users across systems, plus the ability to delegate some work to local IT resources, reduces the workload for security administrators.
- Consolidated Reporting and Auditing
(5)ID-Synch collects, correlates and manages information about user access to every enterprise system, including each user's multiple login IDs, last login dates and specific security entitlements. This data is directly available for reporting and audit using either canned reports built into the ID-Synch administrative web GUI or by exporting data for use with third party reporting and analytical tools.
ID-Synch user profile data can be used to review and adjust user access to enterprise systems. This is useful for finding and cleaning up excessive access privileges that users accumulate over time.
ID-Synch can manage users on a variety of systems in a typical enterprise network. A comperehensive list of built-in systems support is available here.