SOLUTIONS

Identity and Access Management: Easily Add Access Controls to Your IDM System

By implementing an identity management system, you've taken a major step toward automating user provisioning. However, for effective security, you also need granular access management, especially for privileged users who require root and other functional accounts to administer servers, applications and databases. By combining identity and access management, you will be able to automatically enforce authorization and authentication and even control what commands the administrator can execute without sharing privileged passwords. As well, when you remove a user from your IDM system, their user accounts will be automatically removed from across all of your Windows, Unix, Linux, and virtual servers to significantly reduce the risk of a data breach.

FoxT ServerControl provides a seamless way to add fine-grained access controls and privileged access management to your identity management processes. It also lets you proactively enforce both contextual authentication and granular authorization policies to strengthen security. If you are using Oracle Identity Manager, FoxT has a validated connector, the Oracle Identity Manager Interface that makes it very easy to add and synchronize robust access control enforcement with your identity management processes. For other IDM solutions, you can use the FoxT Web Services Interface to create the connection between your IDM system and FoxT's privileged access management capabilities. Using either of these approaches you can:

  • Define fine-grained access policies and correlate these with identities defined in the IDM solution
  • Automatically provision each instance of the user account across diverse servers and domains and effectively manage the state change of those accounts
  • Enforce authorization and authentication through assignment of roles to groups of users
  • Automatically control privileged and functional account delegation with sharing passwords
  • Reset and synchronize the password for a single account across servers and domains with one function call
  • Consolidate detailed user access activity data including session logs for automated audit and compliance reporting
  • Easily re-validate actual current deployed state of user accounts for accurate recertification of account status

 Warning

Javascript is currently disabled. For full functionality of this site it is necessary to enable JavaScript. Here are the instructions how to enable JavaScript in your web browser .

 Warning

You are using an outdated browser. Sorry, this web site doesn't support Internet Explorer 6. To get the best possible experience using our website we recommend that you upgrade to a newer version or other web browser. A list of the most popular web browsers can be found below. It is completely free for download: