Omada Identity Suite - Adaptable Identity Management and Access Governance
Complete control of who has access to what is an essential discipline in today's increasingly complex IT environments that span across 'on premise' and cloud applications. Due to business demands for agile use of new business applications, IT departments are facing growing challenges granting secure and timely access, in compliance with strict requirements to ensure that controls and processes are in place to protect IP and information. To address these challenges in an increasingly agile and dynamic business environment, organizations require a strong and adaptable business-centric solution for continuous governance of data and efficient compliance control.
Adaptable Identity Governance and Management
Many businesses today are operating in a climate of strict compliance and experience an increased need for enterprise effectiveness. Change is happening rapidly driven by new business development, re-organizations, divestures, acquisitions, and not least end-user demands such as access to cloud applications and bring-your-own-device support. Without a comprehensive and adaptable identity governance and management solution, managing access rights for the employees, consultants, and business partners across complex IT environments with multiple systems, applications, and platforms, is a costly and resource intensive task for the IT administration. Often, processes related to identity management are handled manually making it difficult to issue employees and contractors with correct and timely access. As a consequence, organizations face reduced effectiveness, compliance deficiencies, the risk of failing security audits, and illicit user access to critical systems and data.
Adaptable and Business-centric Solution
Omada Identity Suite provides a comprehensive integrated identity management and access governance solution. Omada's solution empowers enterprises to manage identities across heterogeneous IT-systems and is acclaimed for its business-centric approach and high adaptability. The flexibility of the solution allows a high degree of customization, enabling enterprises to meet business specific requirements. This approach reduces the need for custom development, decreasing deployment time, so ROI is achieved fast.
The business-centric solution includes packaged workflows for compliance reporting, attestation and re-certification, user provisioning, and IT resource lifecycle management for efficient management of employees' access rights, compliance control, and reduction of user management costs.
Omada Identity Suite includes an identity data warehouse and standard components for consistent and scalable automated processes to execute workflows, report on information, and integration to target and source systems. The packaged workflows and components are combined in solution packages for the most common identity management needs, so organizations can start small addressing the most crucial identity management needs fast, and quickly adapt and grow over time, so large-scale identity management projects can be implemented in well-defined phases.
The Business Value
Identity governance and management solutions improve efficiency, security, and compliance. Automated processes reduce the need for manual tasks, and when access is assigned based on business policies, compliance is improved. With Omada's identity governance and management solution organizations gain full control and overview of access rights ensuring that users have correct and valid access.
Omada Identity Suite is designed to manage identity and access related challenges common to most organizations. The suite offers end-to-end integrated identity governance and compliance as well as identity lifecycle management for efficient onboarding, off-boarding, and transferring employees, with management and provisioning of the associated IT entitlements.
Identity and access management
The solution includes best-practice pre-packaged workflows for automating time consuming tasks such as employee on-/ offboarding and change, self-service access management, password reset, and other processes. The modular approach speeds up time-to-value, while it reduces risks associated with the typical custom development, as well as extensive planning and implementation cycles.
Identity governance and compliance
The solution provides cutting-edge business intelligence functionality. At the core of the solution is an identity data warehouse that provides importing and cleaning of data, and supports varying reporting requirements. In addition, the solution offers a set of pre-packaged processes for attestation, re-attestation, closed-loop auditing, multi-level segregation of duties (SOD), and policy enforcements.
Identity Governance and Administration
Omada's Identity and Access Governance solution has its roots in Omada's best-practice experience developed over a decade implementing some of the world's largest identity solutions - providing scalability and high performance.
The governance solution is designed to support large dynamic environments with a large number of systems to accommodate high scalability requirements owing to hundreds of millions of records. The solution correlates and rectifies vast amounts of data across all systems and handles the relevant business processes such as periodic or event driven attestation to continuously keep data approved, valid, and at a high quality. Omada's identity governance solution is the first solution to take advantage of Microsoft's Business Intelligence (BI) platform to deliver high performance identity and access governance that supports changes over time. Along with its user friendly GUI and business-centric governance approach, Omada's solution takes identity and access governance to new levels.
Management Dashboards
Compliance dashboards monitor the overall compliance across audited on-premise and cloud-based systems in a unified view. Predefined dashboards provide analytics and reporting for historical development in identities, accounts, resource assignments, and systems based on data collected in a data warehouse, and provide a complete overview with compliance relevant statistics.
Access Request Self-Service Portal
Replace labor-intensive and inefficient manual requests, by unifying your access request process. The solution delivers access request self-service processes and a user friendly portal interface straight to the business or end user.
Policy Management
Constraint policies (SoD) can be used to detect toxic combinations of resources assigned to persons/identities at a role or an identity level.
Reporting
Built in analytics and reporting features deliver real identity intelligence insight and efficiently answer the basic questions of 'who has access to what', and who granted that access.
- Multiple standard auditor reports
- Graph type navigation – from report to report
- Report content is dependent on report viewer's role such as manager, system owner, resource owner, auditor
- SSRS extensibility
- Historical reporting concepts: Point-in-time, in period, log
Attestation
Attestation enables organizations to perform regular attestation surveys for validation and approval of the current state of identities, account ownership, and resource assignments. The solution features multiple and configurable survey types such as user entitlements survey, accounts survey, permission entitlements survey, permissions survey, business description survey.
Data Warehouse
Data is easily gathered from all systems you wish to be in control of – on-premise, cloud-based, hosted, or outsourced – using predefined extensible data collectors for the collection and import of identity and access data from systems, directories, and databases like Active Directory, SharePoint, MS SQL Server, SAP, and RACF. Data is available for historical log, reporting, attestation, and validation against policy.
A Comprehensive Solution for Enterprise Effectiveness, Compliance, and Security
Omada's Identity and Access Management offers enterprise class end-to-end user provisioning and access management, and is based on a set of packaged processes for both identity and access management and IT resource lifecycle management.
Adaptable Standard Processes
Omada's identity lifecycle management workflows and components offers packaged processes for common identity access management tasks that easily adapt to specific needs or can be extended to additional company or project specific requirements.
This includes out-of-the-box support for:
- Identity lifecycle management: Staff and contractor onboarding, offboarding, or transfer/change
- Segregation of duties: Proactive SOD lifecycle management as part of the identity management process checked on the role or the identity level
- Self-service portal: Easy to use business centric request and approval portal
- On-demand attestation and re-attestation: Proactive SOD lifecycle management as part of the identity management and governance processes
- Password reset: Self-service password reset processes
- Custom workflows: Custom workflows to accommodate for additional business specific requirements
- IT resource lifecycle management
IT Resource Lifecycle Management
Users want access to the resources (i.e. applications, user permissions, assets) that they require to fulfill their job function. Often, for IT that translates into a complex set of user access permissions that spans across multiple applications, which typically contains limited or no business context. As a result, user access administration becomes increasingly complex expanding the gap between the business and the IT administration.
Essentially, IT Resource Lifecycle Management creates logical applications that the business can read and understand. Workflow processes provide automation that handles access privilege changes in the underlying IT infrastructure. The workflow innovatively handles situations where access to applications is partly managed within the applications themselves and partly in enterprise wide identity stores such as Active Directory or LDAP.
Omada's IT Resource Lifecycle Management module enables the definition of IT resources (such as business applications) devoid of technical terms for the business to easily understand and utilize during typical processes (e.g. self-service, attestation, and auditor/compliance reporting).
Flexible workflows are used to collaboratively gather all details related to an IT resource: Which permissions are needed for access (e.g. AD Groups, SAP roles), where the resource can be used (e.g. self-service, attestation, projects), description of the resource in business language, and resource ownership.
Having well defined and managed IT resources is valuable to the business. For example, when an end user requests access to the "Finance System" - instead of being presented with a list of permissions, associated AD groups, etc., the user simply requests access to the "Finance System" and the solution takes care of finding the correct access relevant to the user's business context (e.g. project, hierarchy, job function).
Powerful Execution Engines
Once the processes and workflows are in place, these are efficiently and consistently executed by the certification; business process; and role and policy engines that resides on top of the industry standard Omada transaction SQL server database.
Integration across Heterogeneous Environments
The identity data integration and provisioning is handled with standard interfaces including Omada Management Agents, Microsoft FIM Sync and Enterprise Service Busses (ESB) for integration to systems like Active Directory, e-mail applications, SAP and other packaged and bespoke applications and systems.
Solution Overview
Meet the demands of the business and ensure secure, efficient, and compliant identity management
Collaborative and Adaptable Solution
Omada Identity Suite is a collaborative solution that unifies business and IT related identity needs towards greater compliance and more efficient identity management. Omada's approach to identity management is designed to improve both compliance and efficiency in the organization, regardless of where in the process the identity management project is initiated.
With Omada's adaptable approach the solution focuses on business needs. Organizations may choose to implement a governance solution for one system, but introduce identity management or resource lifecycle management for another, letting the most pressing concern drive the project, one step at a time until you have identity management under control.
Packaged Workflows for High Adaptability
The packaged functionality and the business adaptability of the Omada Identity Suite that allows a high degree of customization, enables organizations to quickly meet business specific requirements. The solution consists of a set of pre-packaged best-practice business workflows, strong execution engines, and provides versatile integration to target systems and applications.
The pre-packaged business processes are executed consistently and efficiently via the process, re-certification, and policy engines. Data is stored in a business intelligence native identity data warehouse and in a transactional database connected to one-another for maximum integration of both governance and identity management.
Application and data integration for reading, cleansing, and re-writing of new roles and permissions is done flexibly via standard synchronization and data-integration interfaces including Microsoft SQL Server Integration Services; FIM Sync, Enterprise Service Bus (ESB), and Omada provisioning framework.
Feature | Benefit |
Integrated Identity Management and Access Governance | Comprehensive solution that tightly integrates governance and identity management tasks. |
Dynamic IT and business adaptable platform | Transparently manage and bridge IT and business needs supporting a flexible and changing organization. Including packaged workflows and a unique flexible data model. |
Translate IT identity management to business terms for self-service | Identities, systems, and applications are onboarded as virtual resources that enable IT to present the business with access management self-service portals and attestations based on how the business sees it. |
Easy integration of disparate data from many sources | Quickly consolidate and rectify inconsistent data and attain a rich, normalized dataset in analytics format for analysis, reporting, and mining. |
Business intelligence platform for collecting, storing, and analyzing compliance data over time | Multi-snapshot data for flexible governance reporting. Pared with the adaptable platform, users can spot most relevant clusters for automatic provisioning based on user profiles and easy identification of outliers even in very large data sets. |
Pre-built compliance reporting and automated attestation | Out of the box best practice reporting provides useful compliance information; pre-built integrated automated attestation as well as segregation of duties (SOD) management at both role and identity levels. |
Pre-built processes for onboarding, changing, and offboarding users, contractors, and applications | Rapidly controlled automation of on- / offboard and change of employees and contractors. Innovative IT resource lifecycle management combines applications and systems into individual business centric virtual, business centric resources for easy self-service. |
Flexible data-, object, and workflow model | Enable projects to start small with phase driven implementation where each phase can be scoped when needed and dynamically implemented. |
Omada is a market leading provider of solutions and services for identity and access management and identity and access governance. Omada's adaptable solution enables organizations to achieve sustainable compliance, reduce risk exposure, and maximize efficiency in dynamic business and IT environments. The award-winning solution efficiently manages and controls users' access rights to applications and data - reducing IT costs and resource intensive administration processes.
Omada is recognized as a trusted advisor and has provided advanced identity solutions for organizations with some of the largest and most complex IT infrastructures in the world.
A key partner in the identity and access management field Omada is a Microsoft Gold Certified Partner. Furthermore, Omada is a certified SAP Service Partner. Omada is also the global winner of the 2008, 2009, and 2011 Microsoft Identity and Security Partner of the Year award. Established in 2000, Omada has operations in North America and Europe, delivering solutions directly and via a network of skilled partners and system integrators.