Webinar Series: AD Consolidation Through Virtualization, Part 2: Authorization, Groups
Enabling Optimal Group Management with a Federated Identity Service
Join us for our new webinar on how RadiantOne FID’s unique tools enable flexible new group definition and remapping of existing groups in environments where identity from multiple silos needs to be consolidated.
The requirement for a fully integrated view of user identities is growing by the day. It encompasses everything from supporting faster authentication for “legacy/home grown” WAM/Portal SSO solutions, to the latest standard based “identity providers” (OAuth, OpenId Connect, SAML 2.0, etc.), including advanced services such as cloud SSO and syncing. And the push for an integrated identity service—on premises or in the cloud—goes beyond authentication to authorization as well. With user information distributed in many diverse data stores (LDAP directories, SQL databases, APIs and web services), attributes and groups information are also tied to those specific stores. So federating identity will also require consolidating/remapping attributes and groups across this unified view of user identity.
Managing groups and attributes in a consolidated / federated identity environment
Although ABAC and the trend toward externalizing authorization are growing stronger by the day, groups are still the work-horse for authorization. The challenge is that group definition is closely linked to the definition of an existing identity store. In consolidating your identity stores, and unifying them, you will face the challenge of group migration; this entails the process of remapping (or “translation of”) existing groups from their original local format, to the new “addressing scheme” of the global store. Without the support of advanced tools, building and managing groups for your access management is a burdensome, never-ending process that often calls for compromises in either security or agility. Enterprises often end up facing lose-lose choices between tight group management that sacrifices flexibility, and looser fixes that can leave gaping security holes.
Join us on Thursday, February 8, to learn how RadiantOne FID, our federated identity service based on virtualization, delivers a complete profile containing all of a user’s attributes from the many data sources and leverages this image along with the right integration tools to remap or define the new groups you need in this unified environment.
- Preserves, migrates, and remaps existing groups from existing identity stores
When it’s time to retire older identity sources, you don’t want to scrap all the work you’ve put into setting up your existing groups. RadiantOne virtualizes existing groups, transferring them into the global list so that they can continue to serve your applications without interruption.
- Creates new and more flexible groups across the unified identity systems
RadiantOne integrates identity data from across scattered data sources to create a global list of users, allowing for enterprise-wide group creation and management. It greatly simplifies incorporating new user populations, whether from Mergers and Acquisitions, partners or new hires, and facilitates changes in group membership.
- Auto-generates groups and roles or dynamic attributes for more advanced authorization in real-time based on attributes
RadiantOne can dynamically create groups based on the attributes of your users.
Let us show you how to reduce these group management headaches and make authorization more agile with RadiantOne FID.
When: Thursday, February 8, 2018.