Identity Expertise
Infinitum’s team has extensive experience in designing and delivering complex, global-scale identity & access management systems across a variety of sectors. Our current areas of focus include:
Federated Single Sign-On
Single Sign-On has become very much a commodity deployment, and Infinitum has a raft of experience in rapid deployments of CA SiteMinder, Sun OpenSSO, IBM Tivoli Access Manager and others. We can work with your application teams to reduce the number of logins to your applications and consolidate users into fewer repositories.
In today’s connected world, most organisations are also keen to integrate their local login system with that of business partners or service providers. We have provided expertise at all levels to deliver standards-based federation (using SAML, OpenID or other relevant technologies) to service providers such as Google Apps and Salesforce.com, or to your business partners.
Identity Lifecycle Management
Infinitum understands that your business has a continual pressure to improve operational efficiency, and to effectively manage the access rights of your users. The combined challenges of reduced productivity through ineffective request processes, and ‘permissions creep’ or excessive access are topics we have addressed with our clients through deployment of an identity lifecycle management solution.
By deploying an identity lifecycle solution, you can benefit from:
- Increased efficiency and user productivity through automated request workflow and provisioning
- Reduced costs for your helpdesk and from automated reporting/auditing
- Enhanced security and regulatory compliance through the enforcement of segregation of duty policies, automated deprovisioning and orphaned account management
Governance, Risk & Compliance
With experience in financial services and telecoms organisations, our team has delivered a variety of solutions in the GRC area. Specifically, we have worked to deliver consolidated logging/auditing solutions, SOX-compliant reporting and segregation of duty policy enforcement.
We can deliver solutions to you across the breadth of compliance and risk management, from a one-off assessment or complete policy enforcement and management architectures.
Identity as a Service
Infinitum are recognised by our clients as experts in delivering service-based architecture. In today’s world, it makes little sense to deploy proprietary identity solutions; instead these should be standards-based and aligned to your organisation’s SOA deployment. In doing so, authentication, authorisation and entitlement/attribute services can be easily referenced through web services from any of your applications.
In addition, identity services can be provided ‘in the cloud’, managed by a third party provider. You still maintain full control of your data, hosting it within your organization if you choose to do so. Infinitum has a number of providers who can provide this service.
Context-aware access control
We are beginning to see demand from our clients for context-aware access control. Working with organisations to move away from simple group-based permissions, we understand that role-based access doesn’t give the full picture.
To gain the largest business benefits and effective security management, we can work with you to deliver access control that is context-aware, taking into account not just the business role of the user, but also the time, location and security context.
As an example, our consultants have delivered an access control solution into a large financial services organisation that dynamically requests different strengths of authentication depending on the location of the user – integrated Windows authentication inside the company network, but two-factor authentication when connecting remotely.
