top of page
Single Sign-On.jpg

Role based Identity Management

Identities are usually born in the HR system or recruitment system. From there, Identities are reconciled in the Identity Management system (Okta, for example).

User activation and profile enrichment is done in the IAM system. By being an employee, every user gets access to several systems (Office 365, Slack, etc.) known as Birth Right Provisioning.

Depending on the user's role, the user is provisioned to an Engineering System (AWS) or Finance system either on-prem or in the cloud.

Adaptive Authentication & SSO

Adaptive Authentication & SSO

Once the user is provisioned to various applications, the system should follow the "Trust but Verify" model.


For every application, the user has to authentication with a valid token. Every access is monitored, and any deviation from the typical user access pattern triggers Advanced Authentication.


IT Governance & Compliance

With a centralized system to gate access to every application, you can track and control every access to data. That results in better visibility and control.


You can generate "who has access to what" and "who accessed what data and from where" reports. Those reports are mandatory for SOX and HIPPA Compliance.


The centralized system can help you terminate access to data when the user is removed from the HR system, again improving security and compliance.

bottom of page