Improve end-user productivity and secures access to the cloud, mobile, and on-premises apps via SSO, user provisioning, and multi-factor authentication.
Why Identity Services are Important:
There’s no question the Cloud has made it easier for companies and people to do business, make connections and overcome physical and geographical limitations when it comes to communicating with websites and applications.
But for every avenue of success and opportunity that’s been opened by the internet, there’s a back alley or side street dedicated to cyber-attacks like identity theft.
Employing Identity-as-a-Service (IDaas) solutions makes it easier for companies to avoid those back alleys and side streets all the while effortlessly controlling access and managing user experience across multiple devices while staying secure and keeping identities safe.
We chose Centrify’s Identity Services because they excel at keeping identities secure.
How Centrify Identity Services is Different:
A good IDaaS solution provides three essential functions:
Identity governance and administration (“IGA”) — this includes the ability to provision identities held by the service to target applications
Access — this includes user authentication, single sign-on (SSO), and authorization enforcement.
Intelligence — this includes logging events and providing reporting that can answer questions such as “who accessed what, and when?
Centrify’s Identity Service platform is one of the most comprehensive and features rich solutions we’ve ever seen and here’s why:
Single Sign-on (SSO) for Cloud and Mobile apps — One-click access to your cloud, mobile, and on-premises apps. No more forgotten passwords, no more user confusion. SSO for Cloud and Mobile apps supports internal users (employees, contractors) and external users (partners, customers).
Automated Account Management — From the day they start to the day they depart, manage employees’ access to all their apps from any source: Active Directory, LDAP, Cloud Directory or external identity. Create accounts, automate app requests with workflows and revoke access from all devices when necessary — from a central control point.
App Data Protection — Leverage your users’ mobile devices as a second factor for app authentication. SMS, email, voice or secure OTP — implement MFA without the hassle. Centrify Identity Service provides context-aware, step-up authentication based on per-app policy. Without the hassle for your users
Integrated Mobile Device and App Management — Identity-based policy is the lifeblood of BYOD. Secure and manage the devices used to access cloud and mobile apps through fully-integrated mobile device and app management capabilities. Push apps, policy, certificates and more — and pull it all back when devices are lost or stolen.
Identity-Based Security and Management for Macs — Join Macs to Active Directory, and provide SSO to your Mac users. Leverage Active Directory Group Policy to manage Macs just like Windows machines.
Lock and wipe remote Macs, and control FileVault2 encryption. Apply granular OS X policies. Leverage identity to securely manage Macs in your business.
How Centrify Identity Services Manages Users:
Centrify breaks down users into two categories internal users (employees and contractors) and external users (customers and business partners) and allows for feature-rich customizations.Employees and Contractors:
- Control access to cloud and mobile apps and manage the devices used to access them
- Improve security by eliminating passwords that are easily cracked, recycled or improperly stored
- Keep sensitive directory info where you want it: on-site in LDAP or Active Directory, in the cloud or any combination.
- Create comprehensive user access policies that span across apps and devices
- Enforce more in-depth security with per-app policies and context-aware multi-factor authentication
- Manage and control application provisioning and entitlements
- Secure your BYOD initiatives through integrated, cloud-based mobile device management (MDM)
Customers and Business Partners:
- Enable social login from Facebook, Google, LinkedIn and Microsoft
- Provide SSO across disparate tools, sites, apps or services
- Give users a consistent login experience across your brand.
- Speed on-boarding for new customer accounts
- Free developers from the hassle of identity/user management
- Use secure standards like SAML and OpenID Connect.
- Eliminate standalone silos of identity o reduce IT overhead
- Give partners secure access to just the resources you allow
- Let your partners manage their own employee identities.
- Implement access to policies that meet your needs, without having to maintain partner policy
- Enable simple multi-factor authentication for partners as needed, without investing in additional infrastructure
- Avoid complex implementations and risky firewall changes
- Simplify app access with single sign-on for employees, business partners, and customers:
- Automated Account Management - Save time by automatically creating or updating user accounts across apps
- Improve efficiency by deploying the right apps the first time, with SSO
- Improve security with automatic user provisioning and role-based permissions within apps
- See who has access to which apps, how they received access, and when changes occurred.
- Manage the app request, approval, and provisioning process with automated workflows
- Prevent unauthorized access by automatically revoking access to all apps at once
- Protect App Data - Protect the entire enterprise — on-premises apps, cloud apps, VPNs, endpoints, and more
- Gain granular control with discrete per-app policy, global policy or combinations
- Select from a broad range of authentication methods
- Get adaptive MFA based on risk — automated policy only challenges for MFA when user behavior is outside of what's considered normal.
- Improve user experience without compromising security, thanks to flexible authentication policies
- Ensure adoption of uncomplicated, user-friendly experience
- Integrated Mobile Device and App Management
- Combine device status and identity for smarter, context-based access
- Enable secure BYOD, with simple device enrollment and integrated single sign-on to business apps
- Ensure your data is safe with full Enterprise Mobility Management (EMM) including remote lock and wipe capability across devices
- Eliminate help desk calls with a simple user portal to add new devices and locate, lock or wipe existing ones
- Reduce complexity with a single console to manage apps and devices
- Simplify management with a single source of identity for mobile and app access policy
- Identity-Based Security and Management for Macs
- Full control over access to corporate resources and apps
- Policy enforcement for both BYOD and corporate Macs and mobile device
- Robust Mac smart card support
- Single managed identity for users that leverage existing infrastructure.
- Reduced IT costs through user self-service and a single toolset
- Management and security for Macs — just like PCs