• Save
User Manager
Upcoming SlideShare
Loading in...5
×
 

User Manager

on

  • 17,021 views

Web site overview of EmpowerID User Manager module

Web site overview of EmpowerID User Manager module

Statistics

Views

Total Views
17,021
Views on SlideShare
840
Embed Views
16,181

Actions

Likes
0
Downloads
1
Comments
0

27 Embeds 16,181

http://www.thedotnetfactory.com 6365
http://www.empowerid.com 5716
http://www.identitymanagement.com 3628
http://localhost:33148 116
http://localhost 72
http://www2.thedotnetfactory.com 67
http://thedotnetfactory.com 52
http://identitymanagement.com 44
http://mvchost 29
http://empowerid.com 19
http://translate.googleusercontent.com 13
http://www.empowerid.eu 11
http://www.empowerid.nl 11
http://empowerid.local 11
http://empowerid.dystrick.com 6
http://dotnetworkflow.com 6
http://demoservertest.empowerid.com 3
http://wikki.empowerid.com 2
http://ww.thedotnetfactory.com 2
https://www.linkedin.com 1
http://extranet.empowerid.com 1
http://webcache.googleusercontent.com 1
http://www.wiki.empowerid.com 1
http://support.thedotnetfactory.com 1
http://www.roleenforcer.com 1
http://www.demo.empowerid.com 1
http://ben.thedotnetfactory.internal 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

User Manager User Manager Presentation Transcript

  • A New Breed Of Identity ManagementFrom Code to Visual Process Management
    EmpowerID WF Process
    Traditional Identity Management
    Copyright © 2011. Dot Net Workflow is a trademark of The Dot Net Factory, LLC. |www.TheDotNetFactory.com
    1
  • User Manager: Role-Based User Provisioning and Delegated Administration
  • Introducing User ManagerWorkflow Automation of User Lifecycle Management
    According to the Gartner Group, organizations can save 300% with automated user provisioning
    The Challenge
    During good and bad economic times there is an increase in employee turnover. Provisioning user accounts and granting access across multiple systems is a costly and time consuming process. Quickly and efficiently deprovisioning access when and employee leaves the organization is even more time consuming and error prone, often exposing an organization to security vulnerabilities.
    EmpowerID Solution
    User Manager is a workflow and role-based solution that automates provisioning access for new employees and deprovisioning access when they change positions or leave the organization.
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    3
  • A request is submitted as a ticket to the helpdesk requesting accounts and access for the new employee
    The helpdesk has a large backlog of tickets which delays creation of the accounts and postpones employee productivity
    common ratio for large companies – 1 helpdesk admin/6000 users!
    In the meantime, the user cannot access resources they need to perform their job – e.g. email, file shares, printers, etc...
    The helpdesk must search in each system to verify name uniqueness
    Eventually the accounts are created and access is granted
    Process Challenges:
    Manual provisioning requires the involvement of multiple IT staff and a high level of organizational knowledge
    IT is unable to detect security changes in AD and other systems
    No automated removal of application and system access
    Lack of a good audit trail to attest to why access was granted and who approved
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    4
    When Will I Get Access?
    Typical Process Before EmpowerID
  • 5
    Provisioning
    Routine UserAdministration
    Change
    Locations
    New Project
    Forgot
    Password
    Relationship
    Ends
    Password
    Expires
    PasswordManagement
    Deprovisioning
    Relationship Begins
    Promotion
    USERLIFECYCLE
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    Identity Lifecycle ManagementManage the Lifecycle of a Person and Their Accounts
  • Identity Lifecycle ManagementManage the Lifecycle of a Person and Their Accounts
    • Discovers and links a person’s user accounts in all systems
    • Automates provisioning and deprovisioning with workflow
    • Synchronizes user information between systems and provides self-service edit
    • Synchronizes passwords and enables self-service reset and unlock (Password Manager)
    • Self-service new account registration workflows with approvals
    • Delegates role-based administration of people and their accounts
    • Achieves continuous compliance through constant enforcement of policies
    Person
    6
  • Automates provisioning, moving, and deprovisioning of user accounts and resources based upon the roles of the user
    • Role membership can be automated based upon mappings to existing authoritative systems, by rules, or assigned via workflows with approvals
    • Examples of Resource Entitlements:
    Accounts in connected systems
    Exchange Mailboxes
    Home Folders
    etc…
    • Resource Entitlements are automatically re-calculated and provisioned, moved or deprovisioned when a Person’s roles change
    • Automated deprovisoning of user accounts prevents accumulation of privileges over time and ensures that access is revoked when an employee leaves the organization
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    7
    Resource Entitlements
    Automatic Provisioning and Deprovisioning of Accounts and Resources
  • Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    8
    Resource EntitlementsRole-Based Resource Provisioning and Deprovisioning
    Resource Entitlements for Contractors in New York
    Resource Entitlements are policies that automate provisioning, moving, disabling, and deprovisioning resources automatically based upon user Role and Location changes.
    Automating the initial provisioning of resources when a new Person is created as well as their ongoing management.
    Resource Entitlements for Standard Employees in Sydney
  • Attribute values such as job title, address, company, department, and others can be applied via Role and Location-based policies
    As users change role or location, these policy-based values are applied and synchronized to connected directories based upon pre-established flow rules
    Policy-based assignment can dramatically reduce the amount of effort spent manually entering and keeping directory information accurate
    Accurate information increases the value of your corporate directory as a collaboration tool
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    9
    Role-Based Attribute Value Assignment
    Automate maintenance of accurate directory information
  • Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    10
    Policy-Based Attribute ValuesRole-Based Attribute Assignment
    Policy-Based Attributes for Contractors in New York
    Policy-based attribute values are policies that automate the maintenance of any directory values that can be defined by Role and Location.
    Any attribute value of a Person can be assigned by policy and maintained automatically when Role or Location changes. Attribute values will update connected directories based upon attribute flow rules.
    Policy-Based Attributes for Standard Employees in Sydney
  • EmpowerID Group Manager automates the management of group membership
    Group membership is controlled as an RBAC right permitting advanced delegation rules which automate group membership based upon the Role and Location of the Person
    • Group membership is automatically re-calculated and enforced when a Person’s roles change
    • All changes to group membership are logged and tracked - both changes made within EmpowerID and in the native directory
    • Automated role-based group management prevents the accumulation of group membership over time
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    11
    Role-Based Dynamic Group Membership
    Automate maintenance of group membership
    • Multi-directory web-based corporate white pages with rich Metadirectory schema
    • Enable user profile self-service across multiple directories with workflow approvals
    • Automatically detect and synchronize directory changes using flexible attribute flow rules
    • User interfaces for SharePoint, Windows WPF, and the web
    • Only white pages solution built on the Windows Workflow Foundation
    • Role-based security for fine-grained control over visibility even in multi-organization configurations
    MetadirectoryWeb-Based Corporate White Pages & Self-Service
    12
  • User Experience: Resource ManagerIndustry’s Only Unified Management Console
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    13
  • User Experience: Service Catalog
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    14
  • User Experience: My Workspace
    Copyright © 2011. empowerID is a trademark of The Dot Net Factory, LLC. |www.empowerid.com
    15