ForgeRock Identity Management

Securing The Modern Enterprise

Global organizations spend too much of their limited time and security dollars shoring up their perimeter security defenses – defenses that have virtually disappeared during the current pandemic. While this is an area that should not be neglected, it isn't addressing the most problematic area of today's threat landscape: securing the remote workforce. The phrase "negligent employees or contractors and third parties" tells us that these are not malicious insiders who are copying digital records late at night in order to sell them. Today's data breaches result from someone who had access to data that they shouldn't have had access to or because an account was compromised through a phishing attack or some other type of social engineering. What are global organizations to do?

ForgeRock Identity Management (IDM) is a modern identity management solution that allows you to accelerate secure workforce access, increase operational efficiencies, and mitigate security risks.

What is ForgeRock Identity Management?

Why ForgeRock Identity Management?

In today's digital world, global organizations are securing and managing multiple types of digital identities – whether they are employees, contractors, partners, customers, devices, or things. All of these identities need to be created and managed so they have the right level of access to applications, systems, and resources at the right time. Users and customers are provisioned and de-provisioned as identities are added, moved, or removed in order to ensure that accounts are not orphaned and credentials are properly disabled. To properly secure and manage these digital identities at scale, global organizations need to fully automate their identity processes.

ForgeRock Identity Management is a modern identity management solution that fully automates the entire identity lifecycle management process. This automated approach enables organizations to create new user or customer accounts, provision new application or system access, and deprovision user and customer accounts and supporting credentials from target applications and resources.

ForgeRock Identity Management Benefits

Accelerate Secure Workforce Access

Automate employee access to business systems and applications on day one
Automate employee access to business systems and applications when they move to a new position or department
Automate single sign-on authentication to business systems and applications

Boost Business Operational Efficiency

Automate employee account creation and removal
Enable automated self-service password reset
Automate business processes with workflow-driven provisioning activities

Enhance Security and Reduce Risks

Automate employee entitlement and role assignments
Enable password synchronization across all systems, applications, and data stores
Continuously identify and monitor for high-risk users (example: segregation of duties checks)

ForgeRock Identity Management Features

media:acquia_dam_asset:8f7dfaa8-b23f-4ced-a7a2-93f020cee0a1

Gestion du cycle de vie des identités

ForgeRock Identity Management (IDM) solution provides comprehensive lifecycle management capabilities for any identity – customer, workforce, and thing. This is activated from the day a new customer is acquired and activated, an employee or contractor is onboarded, or a device is registered. Each identity requires accounts with different levels of privileges across a wide range of systems to perform their duties or access new digital services. ForgeRock Identity Management allows you to centrally define policies that govern access and provides a single view into all those accounts and managed identities. With identity lifecycle management, you can fully automate this process, eliminating error-prone manual processes. It provides a consistent and efficient way to create, modify, and remove accounts while ensuring a high level of security.

media:acquia_dam_asset:5ba3462f-b4a4-485d-8c71-96b999be0526

Gestion des mots de passe

ForgeRock fournit une approche unifiée de la gestion des mots de passe, dont l'objectif est de garantir que les contrôles adéquats sont appliqués partout, à tous les utilisateurs, appareils et objets. Grâce à ForgeRock, les entreprises peuvent définir une règle cohérente en matière de mots de passe, appliquer les droits d'accès liés aux mots de passe et à des conditions qui peuvent spécifier, entre autres, le niveau de force, l'ancienneté, la réutilisation et la validation des attributs. Dans le cadre d'une gestion flexible des mots de passe, les administrateurs peuvent créer et administrer des règles qui permettent aux utilisateurs de réinitialiser et de modifier leurs mots de passe eux-mêmes. Avec ForgeRock, les entreprises peuvent concevoir des parcours de réinitialisation de mot de passe grâce aux arborescences en glisser-déposer de l'outil d'accès intelligent. L'interface utilisateur très intuitive offre une expérience fluide, de la réinitialisation du mot de passe aux flux d'authentification. Cette approche unique fusionne la réinitialisation des mots de passe et l'authentification en un seul flux, offrant une expérience utilisateur inégalée qui permet de réduire le taux d'abandon.

media:acquia_dam_asset:c7133ddf-ddd2-4cb3-bcb9-b22ba6873a77

Extensive Data Model

ForgeRock IDM’s extensible data model gives you the flexibility to manage multiple identity types, including: customers, partners, workforce, citizens, machines, devices,application programming interfaces (APIs) for bots, applications, microservices, and more. Combined with a highly intuitive UI, administrators can visually define policies based on the contextual relationships between any persons, non-persons, services, and things. This intelligence-based approach allows you to automate identity orchestration across the entire identity lifecycle.

media:acquia_dam_asset:2a71b82d-d32d-4aea-b1da-e27d84a26240

Synchronisation et réconciliation

ForgeRock Identity Management's synchronization and reconciliation service gives you the ability to synchronize data in real time and schedule the reconciliation of identity data as needed. With capabilities like delivery guarantee, on-demand and scheduled resource comparisons, and discovery of new, changed, deleted, or orphaned accounts, ForgeRock Identity Management ensures that consistent user identity information is available across the entire identity infrastructure. This enables you to provide a consistent, personalized experience to your users. Tying synchronization and reconciliation with business process workflows and rules allows for appropriate reviews and administrative actions.

media:acquia_dam_asset:d6ecf09d-8a86-40df-850b-b291316082e6

Visualisation des relations d'identité

ForgeRock Identity Management is the only modern identity platform that offers identity relationship visualization. At ForgeRock, we understand the importance of context and relationship information, along with user identity, in making security decisions. ForgeRock IDM offers the unique capability to visualize the identity relationships of any user or thing under management. Identity relationship visualization helps you understand the attributes, roles, and relationships among different users, as well as any given user and all their devices. This enables you to quickly detect anomalies, so you can quickly eliminate potential issues before they turn into security problems.

media:acquia_dam_asset:c65154c9-b37a-4837-9bdd-b29bc6e46208

Workflow

ForgeRock provides you with an out-of-the-box workflow engine that adheres to the Business Processes Modeling Notation 2.0 (BPMN 2.0) standard. Use any BPMN graphical editor to quickly and easily create new workflows or edit existing workflows that are delivered as part of the solution, and/or integrate simple or complex workflow operations during the entire identity lifecycle. By providing workflow-driven provisioning activities, such as user requests, account creation, updates, or deletions, you can efficiently handle approvals, manage escalations, perform preventive maintenance, and directly integrate with ticketing and help desk systems.