Today, business success is dependant on fast and easy access to information. However, the internet-enabled rise of e-business has dramatically increased the scope and number of an organization’s constituencies, making information management, user management, and security management complex and expensive.

Industry experts say that companies spend $100 a year per employee alone on manually creating and resetting passwords. Meanwhile the average company has over 100 different directories in which identity information is stored. IBM estimates that up to 60 per cent of company access profiles are orphaned accounts (for example employees who have left the company or changed jobs) creating serious security gaps. Third, many companies face pressure to grow their top line revenues – particularly online – while keeping a lid on costs. In trying to do more with fewer resources, companies are facing the issues of high costs, business inefficiencies, and security exposures.

Identity and Access Management systems provide a more efficient and cost-effective way to give more users with access to more information and applications than ever before. In addition, the technology incorporates features to track and report on access activities, providing ongoing protection against security breaches as well as tangible information that can be used to demonstrate compliance with new laws. In essence these tools structure the four A’s – authentication, authorization, administration and audit.

Indigo helps organizations with architecture, design and implementation of Identity and Access Management solutions. Our expertise spans the leading platforms including solutions from Sun, IBM, Netegrity, and Oblix. Indigo has successfully implemented the following components of the Identity & Access Management infrastructure:

• Directory Services - Standards-based directories such as LDAP form the foundation of the Identity & Access Management infrastructure to serve as a repository for user, group, role, and entitlements.
• Access Management – Unified and standards-based security services such as Authentication and Authorization provide a mechanism to centralize security policies across heterogeneous applications and platforms.
• Provisioning - Streamline the process of creating and managing the life cycle of user identities across multiple repositories.
• Single Sign-on (SSO) Solutions – Allows a user to authenticate once and gain access to multiple services without having to login again. An enhanced version of this technique allows for Cross-Domain-Single-Sign-On (CDSSO), whereby a user logged into your site can gain access to personalized service at a partner site without requiring authentication.
• Federation Management – As a core part of the Liberty Alliance Project (LAP), it is composed of a set of tools and processes that implement the Liberty Identity Federation Framework (ID-FF). ID-FF is a set of protocols, bindings and profiles that provides a solution for identity federation, cross-domain authentication and session management. These definitions can be used to create a brand new identity management system or develop one in conjunction with legacy systems. The ID-FF is designed to work with heterogeneous platforms, all types of networking devices (including personal computers, mobile phones, and PDAs), and other emerging technologies.