Identity and Access Management

At WinMagic data protection is our strong suit and we often talk about it on this blog. At the same time it’s good to remember that ensuring security of data at rest using encryption and strong key management are just two important aspects of the larger picture of data security. In my next few posts I’d like to expand on other challenges an enterprise faces as part of the larger picture, the solutions and technologies that address those challenges and their potential links to encryption and key management.

One area which has been experiencing particular growth is Federated Identity Management. The most basic scenario where Federated Identity is applied is in organizations, which over time either due to organic growth or through mergers and acquisitions, have developed silos of identity. Yet the users across these silos need access to centralized IT resources. Two recently popular scenarios are consequences of phenomenal adoption of cloud and mobile in enterprises. Firstly, mobile users need to authenticate and access enterprise resources from a wide variety of platforms and applications. They also often reside outside of corporate IT network, which results in additional complexity of authenticating to the network and then gaining authorization to access particular resources within. The second scenario involves cloud-based services. As more and more enterprises move to the cloud, a larger portion of users will be logging in to externally hosted services. Some examples include Microsoft Office 365, Salesforce, Google Apps for Enterprise, Dropbox, WebEx, etc. Partnerships are another example where Federated Identity can resolve the challenge of disparate identity systems for enterprise IT.

Gartner defines Federated Identity Management as follows:

Federated Identity Management enables identity information to be developed and shared among several entities and across trust domains. Tools and standards permit identity attributes to be transferred from one trusted identifying and authenticating entity to another for authentication, authorization and other purposes, thus providing “single sign-on” convenience and efficiencies to identified individuals, identity providers and relying parties.

In this definition, Single Sign-On or SSO is listed as one benefit (or service) provided as part of the larger Federated Identity solution. It’s good to make that distinction since SSO is often mistaken for Federated Identity even though the latter encompasses a much broader set of services, tools, policies and processes. This white paper by Layer 7 goes more in depth if you are interested.

One of the more popular features of our product is our Pre-boot networking feature called PBConnex. It provides a means of authenticating user credentials against SecureDoc Enterprise Server (SES) and Active Directory (AD) before the operating system loads, hence pre-boot. Access to devices is originally defined by the SES Administrator, but can be maintained by the Active Directory Administrator. We even inherit SES administrator roles from Active Directory. Therefore, instead of SES acting as an independent silo of identity it joins the larger enterprise identity system. If your Active Directory is part of a Federated Identity system, SES will consequently become an identity client of that system. It’s a big IT cost saver, which at the same time provides a great and secure user experience.

Previous Post
Interop 2014 – Viva Las Vegas
Next Post
Keeping up with Healthcare Security

Related Posts

Hidden Benefits of Encryption for Legal Services

Lately we have noticed a growing interest for encryption and data security in the legal services industry. Legal services face a similar challenge as other verticals with the need to protect corporate assets being shared through multiple devices and portals.…
Read more

Strength in Sharing at the FS-ISAC Summit

WinMagic was a sponsor at the annual Financial Services Information Sharing and Analysis Center Summit at the Marriott Sawgrass in Ponte Vedra, Florida last week. This popular three day event introduced engaging, thought-leadership presentations and networking opportunities with representatives from…

An offer you can’t refuse

This post is going to be a lot of shameless self-promotion for WinMagic but it’s something we think is important as it’s tied directly to the recent launch of SecureDoc 6.1. (more…)

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.