Deliver convenience to users—with security assured.
IdentityIQ Access Manager empowers users with single sign-on (SSO) to cloud and web applications from any device—at work, home or on the go. And it enables IT to effectively apply security policy, detect violations and ensure regulatory compliance. Application usage visibility also helps monitor monthly subscription expenses by promptly deprovisioning unused or unauthorized cloud application accounts.
SINGLE SIGN-ON (SSO)
IdentityIQ Access Manager eliminates the need for users to remember and enter multiple user names and passwords delivering a consistent, convenient SSO experience for applications enterprise-wide.
- Provides seamless SSO to all internal web apps via a reverse-proxy virtual appliance server and to third-party software-as-a-service (SaaS) applications that support federation standards
- Enables convenient SSO from mobile devices using the same security and credentials as from the desktop
STRONG AUTHENTICATION AND POLICY-BASED CONTROLS
Access Manager leverages enterprise-wide policy and control information to make access management decisions smarter. Critical information such as high-risk users or highly sensitive access permissions enable Access Manager to enforce strong authentication where needed.
- Enforces strong authentication to apps based on identity risk, such as role membership, privileged account ownership, or risk score
- Provides strong authentication via a one-time password (OTP) sent to a user’s phone or knowledge-based authentication (KBA) consisting of challenge/response questions
- Supports integration with third-party strong authentication tools, such as smartcards or OTP tokens
SYNCHRONIZED SSO AND PROVISIONING
An intuitive, self-service storefront gives users a single, convenient place to find and request access to a broad catalog of business and personal applications—available to them on any device.
- Provisions access to applications based using the same policies and approval processes as for other IT services
- Identify unused or unauthorized accounts and reports them back to the appropriate business sponsor for removal and potential cost savings