New Identity Automation Tool Enables Self-Service ID, Access Management

Identity Automation has introduced an update of its business and enterprise identity and access management software to enable workers to manage access tools without having to bother the IT department. Version 2.4.0 of its Access Request Management System (ARMS) adds a form-based application for single sign-on (SSO) access to network resources.

Identity Automation seeks to provide secure identity and access management to an organization while, at the same time, providing an intuitive and easy-to-use interface so that administrators and end users can use ARMS without the need to involve their IT staff. The ARMS application is based on a data management tool called the Data Synchronization System, says James Litton, CEO of Identity Automation, which makes building the identity and access management systems easy.

"It's written in a way that you don’t have to be a developer to use the tool. That’s really different than our competitors," Litton says, adding that Identity Automation's competitors include Oracle, IBM and Microsoft. "Because they don’t really have to be a developer, per se, that is a way of really shortening down the amount of time that it takes before they use the tool."

The account management module in ARMS 2.4.0 allows end users to recall and change their passwords, just as a consumer might change a password on his or her bank website after they answer a few questions, such as providing their mother’s maiden name or the make and model of their first car. Not only is this process simpler, it can improve security over a situation where someone impersonating an employee calls the company’s IT help desk and asks to change a password, Litton says.

Another module handles access management to protected Web applications. Previous access management technology uses the secure access markup language (SAML) programming standard--also known as security assertion markup language. But not every application out there is SAML-capable, Litton says. The new version of ARMS adds a single sign-on capability that enables a user to automatically form fill the credentials for the user into any Web application, even those that are not SAML-aware.

Automated identity and access management is of value to small and large organizations alike, Litton says. Smaller organizations that previously didn’t feel the need to add such security now find themselves subject to new security compliance regulations but don’t have a large IT staff, so they need this automated solution. On the other hand, large Fortune 1000 enterprises may already be subject to compliance and want to have some control over end user access to network resources. However, they may also want to automate some of these processes for efficiency’s sake.

ARMS 2.4.0 also delivers mobile functionality for end users to change passwords when they are away from their desktop computer. The feature is enabled on Apple iPhones, Google Android devices, RIM BlackBerry smartphones and mobile devices running the Microsoft Windows Phone 7 operating system.

See more on this topic by subscribing to Network Computing Pro Reports Strategy: Malware War (free, registration required).