ICAM/IGA IN THE CLOUD

manageID® is the complete identity, access management, and governance solution which securely controls digital personas, credentials, and access entitlements associated with every organizational identity. manageID® enables securely authenticated access to information resources and physical assets, all from an integrated service that makes it easy to provision and manage information.
manageID® will help your organization:

  • Focus on Your Business
  • Optimize Manpower
  • Achieve Business Agility
  • Enhance Security Posture
  • Expedite Cloud Adoption
  • Leverage Investment

IDENTITY MANAGEMENT

manageID® provides comprehensive identity management capabilities for your organization’s IAM requirements.


IDENTITY
PROVISIONING

Our solution delivers the flexibility of multiple methods for identity creation. manageID® has built-in support for HR driven, sponsor initiated, self-service, API, and JIT/Claim-based initial provisioning of digital identities, and supports provisioning of identities within downstream systems.


IDENTITY
ASSURANCE

Our solution supports NIST 800-63A Identity Assurance Levels (IAL) 1 - 3 and meets assurance requirements for various types of identities. It allows for the capture/collection of demographic and biometric identity attributes to support any organization specific requirements.


STANDARD
CONNECTORS

Leverage identity data and attributes from any data source such as HR (PeopleSoft, Workday etc.), Active Directory/LDAP, SQL, etc. with built-in interfaces. Use built-in APIs for any custom integration with data sources. Concurrently connect with multiple data sources to meet organizational integration requirements.


COLLABORATIVE
WORKFLOW

Leverage built-in workflow capabilities and templates to quickly configure support for any identity management related business processes. Support workflows for various types of identity (constituents) managed within the solution.


RULES
ENGINE

Automate the identity and lifecycle management processes via business rules that can be configured to meet organization specific requirements for automation. Rules are configured by business domain users and do not require any custom development and scripting support from technical staff.


IDENTITY DATA
MANAGEMENT

Connect with multiple data sources and downstream systems to create/update identity data attributes based on organization specific configurations. Promote the solution to become the authoritative data source for defined attributes and support identity data de-duplication/reconciliation based on pre-defined sets of attributes.

CREDENTIAL MANAGEMENT

manageID® supports the creation and lifecycle management of credentials assigned to a digital identity. Each identity can be assigned multiple credentials based on the needs of the organization.


USER ID / PASSWORD

Create and manage user ID/password-based credentials in Active Directory and other LDAP compliant directories, and enforce password policies for an organization.


DIGITAL CERTIFICATES / PIV-C

Generate, encode, and issue PKI technologybased credentials such as PIV and PIV-C tokens, as well as user and device certificates. Connect with industry leading PKI platforms and services via vendor-approved built-in connectors.


HARDWARE TOKENS

Utilize built-in connectors to industry leading hardware token systems that offer OTP/Oauth functionality. Our solution includes comprehensive capabilities to manage token stock and enables or disable access, based on assignment and lifecycle stages.


PHYSICAL ACCESS CONTROL CARDS

Integrate with leading Physical Access Control Systems (PACS) to provision identity and enable physical access via assignment of access levels. Automate the initial provisioning and lifecycle management of the PACS credential. Support various data formats for PACS credentials such as Proximity, DESFire EV1, EV2, SEOS, etc.


MOBILE / DERIVED CREDENTIALS

Issue and manage PKI technology-based strong credentials derived on mobile devices associated with users. The derived credentials can be used to authenticate and allow access to information assets, and can be derived onto non-mobile devices such as TPM chips on Windows machines.


THIRD PARTY AUTHENTICATION SERVICE

Use built-in connectors with several third-party authentication products and services to provision and manage credentials within the application. Our solution can co-exist with existing products and services that may be in use within an organization.


ACCESS MANAGEMENT

Manage access to all organizational information resources and physical assets via built-in access entitlement management capabilities. An organization can manage any number of external systems and physical access systems to control access for all types of users.

  • Support NIST 800-63B-based Authentication Assurance Levels (AAL) 1-3.
  • Leverage our solution to configure and enforce organizational access policies.
  • Manage multiple external relying systems for enabling access entitlements. Utilize built-in connectors for several relying systems for access assignment updates.
  • Includes workflow for access request and approval with configurable levels of automation based on organization specific needs.
  • Automate account and access provisioning in downstream systems and services.
  • Enable authentication and authorization services via built-in MFA/SSO component, or integration with existing product and services. Support NIST 800-63B based Authentication Assurance Levels (AAL) 1-3.

LIFECYCLE MANAGEMENT

manageID® includes functionality to control the entire lifecycle for an identity as it progresses, from establishing the identity to termination and archival of the identity record. During this process , the solution orchestrates the relationships between identities, and all of the linked, underlying credentials and access.

  • Policy-based lifecycle actions for identity, credential, and access attribute updates.
  • Solution provides a person-centric view of the digital identity, credentials, and access entitlements.
  • Self-service, helpdesk, and admin functionality for lifecycle management of the identities credentials, and access.

GOVERNANCE

manageID® includes built-in functionality to configure and implement identity and access governance processes. The configuration and transactional audit data regarding identity access entitlements and relying systems is leveraged for this purpose.

  • Configure business processes for access attestation/ certification in support of organizational risk management processes.
  • Create and deliver person, application (software or hardware relying system), or (sub-)organization-based attestation reports.
  • Automate workflows for attestation processes including task assignments, etc.
  • Automate access lifecycle updates based on business rules configured for the organization.

KEY BENEFITS

manageID® ICAM/IGA provides a collection of business, functional, technical, and security benefi ts for any organization, bred from CITI’s comprehensive business practices based in identity, credential, and access activities over the past 15 years. The modular architecture and high level of configuration makes the manageID® solution ideal for any organization. The benefits listed are common amongst all organizations that have chosen to use manageID® to revamp their ICAM/IGA implementation.

Enhanced User Experience

The manageID® solution provides an enhanced user experience which allows the user to:
  • Access a self-service portal to reset passwords, change security questions, recover accounts, and request further access.
  • Access custom login page based on organizational assignment.
  • View a custom user dashboard to access applications and resources based on organizational assignments.
  • View online help tips for user functionalities.

Enhanced Admin Capability

The manageID® solution enables system administrators to meet organizational needs for solution management and access control:
  • Access to built-in integrations with external systems via UI-based configuration, minimizing expensive customizations.
  • Provide comprehensive and granular access control (via user/ role management), and flexible authentication options.
  • Control permissions to identity/access data based on organizational security policies.
  • Enable de-centralized access approval processes, customized for specific organizational hierarchies.
  • Configure organizational structure-based workflows for identity onboarding and access control.
  • Perform all configurations via a web-based interface, making custom code and scripting seen in legacy IAM systems completely unnecessary.
  • Configure multiple custom login pages based on the organization’s needs.
  • Configure custom user dashboards to access applications and resources based on the organization’s needs.

Enhanced Security Posture

The manageID® solution helps organizations enhance their information security management and business risk posture. Features that deliver a high level of security assurance include:
  • Creating and enabling the use of strong (PKI) credentials for user authentication.
  • Providing authorized users with a comprehensive auditing platform for reporting and analysis.
  • Real-time visibility into organizational access entitlements including lifecycle updates.
  • Minimizing risk associated with manual enforcement of policies related to account and access provisioning/de-provisioning.
  • Support for regulatory compliance and industry vertical specific security requirements.
  • Compliance with NIST security guidelines, ISO 20000 and ISO 27000 based processes and procedures for a high level of security assurance.

Business Benefits

The manageID® solution from the offset offers several business benefits which include:
  • Offloading identity, credential, and access management to experts to focus on core business capabilities, transferring business and security risk.
  • Minimizing startup costs by providing subscription-based modular pricing per functionality.
  • Reducing manpower requirements to provision and support identity, credential, and access management capabilities.
  • Adapting to changing business and regulatory environments, e.g. acquisitions, change in regulations, etc.
  • Supporting business initiatives to modernize IT and adopt cloud services.
  • Minimizing rip-and-replace methodology and gradually migrate to this solution.

CONTACT

manageID® is here to simplify your organization's identity and access management requirements. Contact us today to schedule a meeting.

info@manageID-us.com

or fill out the form below
manageID
Enter Image Text:

We thank you for your time spent on this quick review of our solution highlights. Our experienced team is available to discuss with you regarding your organization's identity, credential, access, lifecycle management, and governance related challenges.


Creative Information Technology, Inc.

7799 Leesburg Pike, Suite 500 North
Falls Church, VA 22043, USA
+1 (703) 483-4300
www.citi-us.com