Access Management & SSO
Access Management is the process by which companies enforce control of systems at a granular level for both internal and external users, ensuring that users will only have access to the resources to which they are entitled (when Access Management is used specifically for web-based systems, it is often referred to as Web Access Management). When combined with SSO (single sign-on) users are able to easily navigate between resources without having to enter a login and password multiple times, thus enhancing security and reducing the complexity of maintaining multiple sets of account information. Enabling Access Management & SSO infrastructure and policies is critical from the perspective of both user experience and compliance.
Examples of Access Management and SSO in action include:
- Requiring users to change their passwords every 6 weeks
- Establishing a policy that only users in the "beta" group will be granted access to the beta web application
- Enabling users to seamlessly move from the PeopleSoft HR application to Salesforce.com without requiring an additional login
- Using access tokens as an additional security measure
- Locking out a user after 3 failed login attempts
- Creating a report of failed login attempts over the past week
Access Management & SSO Tools
Some of the enterprise level tools used to enforce Access Management and SSO include:
- CA SiteMinder
- RSA Access Manager
- Oracle Access Manager (OAM)
- Sun OpenSSO Enterprise (formerly Sun Access Manager)
Do you have additional questions about Access Management & SSO? Contact us or join our SSOhelp community!