Avatier Identity Enforcer securely enables end users, or their managers, to customize employee access while its dynamically generated approval workflow provides the controls necessary to satisfy internal auditors and external regulators.
Identity Enforcer's self-service model organizes roles, privileges and assets to mirror business processes. This simple navigation model enables business line or IT managers to fine tune Avatier's unique roles via drag and drop selection of even fine-grained permissions. End-users utilize this same structure to select the resources necessary to perform their assigned tasks while the programming-free workflow engine, automatically generates the required approval process. The result is a flexible provisioning system that is deployed rapidly and seamlessly evolves with the business.
Additional Information, Benefits, Features, Design Advantages AND Integrated Identity Management
Reduce Costs: Simplified deployment methodology and maintenance combine with user self-service to dramatically reduce the cost of identity management operations.
Increase Business Efficiency:Self-service request process and automated workflow streamline provisioning and free IT resources for higher-value tasks.
Enhance Information Access: Accelerate employee access to critical information via self-service selection and automated execution of approval and provisioning.
Facilitate Security Compliance: Approval workflow and separation of duties controls ensure privileges are granted per corporate policies and external regulations such as SOX, GLB, HIPAA, etc. Comprehensive logging, alerting and reporting (scheduled and upon request) provide required audit trails.
Hierarchical Business Services Repository™: Hierarchical representation of available resources simplifies user navigation and provides a visual model of approval relationships.All Identity Enforcer administrative and end-user tasks are performed via a simple, easy-to-navigate web UI. No programming is required.
Hybrid Roles™: Combine enterprise roles with individual assets and privileges in a flexible model that can be maintained by business or IT managers as the organization evolves.All Identity Enforcer administrative and end-user tasks are performed via a simple, easy-to-navigate web UI. No programming is required.
Identiflow Approval Workflow: Identity-optimized workflow is dynamically generated (no programming required) based on the Hierarchical Business Service Repository and organizational structure. Workflow is automatically updated with changes to the repository.All Identity Enforcer administrative and end-user tasks are performed via a simple, easy-to-navigate web UI. No programming is required.
Sarbanes-Oxley Separation of Duties (SoD): Applies pre-configured and user-defined conflict rules to ensure that privileges conform to regulatory and internal standards. Approved exceptions are captured for audit review.All Identity Enforcer administrative and end-user tasks are performed via a simple, easy-to-navigate web UI. No programming is required.
Comprehensive Logging and Reporting: All transactions are logged to provide a complete audit trail. Real-time and scheduled reports are available to support operations, management and auditing.All Identity Enforcer administrative and end-user tasks are performed via a simple, easy-to-navigate web UI. No programming is required.
Web-based User Interface: All Identity Enforcer administrative and end-user tasks are performed via a simple, easy-to-navigate web UI. No programming is required.
Identity Enforcer is based on the Avatier Identity Management Server architecture so it shares the same ease of deployment, simplified operation and multi-lingual support as the other user provisioning and password management modules in the Avatier Identity Management Suite. All user and administrative operations are performed with a familiar web-based user interface.
Identity Enforcer also integrates seamlessly with Account Creator and Account Terminator to provide fully automated employee lifecycle provisioning and deprovisioning. As new employees are hired Account Creator's HR Integration automatically detects the change and creates user accounts and privileges based on enterprise roles (using job code, job title, etc.). With Identity Enforcer, the employees (or their managers) can customize their identities via selection of additional assets, privileges and roles required for their specific job assignments. Upon termination, Account Terminator will automatically remove access or delete accounts to ensure compliance with corporate policy and regulations.
Avatier's enterprise password reset help desk console has several key features necessary for large organizations.
Delegated Access to Cross-Platform Password Reset & Account Unlock: Leverages your existing Microsoft groups and user accounts to delegate cross platform password reset and account unlock access to Help Desk individuals.
Displays Real-time Cross Platform Account Status: Help Desk personnel can obtain real-time account status on any platform, for any user. Status includes: Account Disabled, Account Lockout Status, Password Expiration Date, Password Age, Full Name and more.
Guarantees End-User Identity: The Help Desk module can be configured to not allow password reset until the end-user's identity has been confirmed. It can also be configured to manage non-enrolled accounts.
Real-time Audit Trail of End User Activity: Help desk personnel have access to view all prior end user self-service and help desk activity. This allows help desk personnel to quickly analyze any issues with the customer as it is occurring.
Exclude Individuals or Groups from Help Desk Management: Select specific users or groups to be excluded from Help Desk management.
Centralized Auditing and Real-time Event Logging: Who, what, when, and where are stored in a central SQL database. Built in filtering and sorting on any field or timeframe and displayed in real-time through a web interface. The reports can be exported to Excel or Text files.