Identity management is a prerequisite for offering personalized access to services such as web applications, e-mail accounts, file shares, or cloud services. For companies and institutions to provide personalized access to such services, identity data must be readily available and consistent. This is true not only for user-related identity data but also for the identity data of applications and devices that form, for instance, the basis of the functionalities of modern identity federation protocols such as OAuth and OpenID Connect.
In infrastructures that have evolved over time, however, identity management is often not consistent. This results in a number of challenges and pain points:
- Laborious, error-prone processes for the management of electronic identities, permissions, and credentials
- Redundant identity data (e.g., multiple identities per user, inconsistent permissions)
- Decentralized management of user permissions with ambiguous authorization structures
- No central overview of user permissions
- Failure or difficulty to fulfill compliance regulations (e.g., segregation of duties)
- Considerable effort caused by the manual creation of audit reports and evaluations
- Usability issues due to the lack of single sign-on
- High response times in case of security incidents
- Difficulties to integrate external identities (e.g., for identity federation or cloud service integration)
- High operation costs due to redundancy and laborious processes
A NEVIS-based identity management solution can overcome these challenges by...
- ... modelling, standardizing and automating identity management processes.
- ... eliminating media disruptions in identity management processes to reduce the amount of manual intervention necessary.
- ... enabling consolidation of user accounts to eliminate redundant accounts.
- ... introducing automated data provisioning to eliminate data inconsistencies.
- ... introducing a consistent user authorization model that enables central management and assignment of user permissions and adherence to compliance guidelines (e.g., segregation of duties).
- ... enabling automated generation of reports in a centrally managed database.
- ... increasing user satisfaction by introducing single sign-on and centralized password management.
- ... supporting simple integration of external identities (identity federation, integration of cloud services).
- ... cutting down on operation costs by simplifying processes and reducing redundancy.