Into Identity Management -IAM / IDaaS

IDaaS identity as a service, with the cloud computing developed new software as a service.

What is identity management?

IAM / IDaaS (Identity Access Management / Identity as a Service), usually on behalf of a service or platform through user roles or access control, identification of individual identity, and then control their access to system resources, the guardian of individual and organizational data .

Identity management is important for enterprise security, can significantly improve business efficiency through unified login system, mainly from the following two aspects:

• Users do not need to remember and maintain different user name and password;
• To protect the company and its users against data leakage risks;

According to a 2015 market research data, data leakage caused by the loss cost an average of 30 million yuan. Through multi-factor authentication, monitoring weak passwords, big data analytics and other security technologies, a good identity management system can provide very secure protection of these resources, but also can promote enterprise data sharing, improve business efficiency.

Identity management solutions can bring significant value to all types of businesses. In addition, use may also be provided a special embodiment in B2B, B2C, B2E, IoT different scenarios.

• B2B: providing federated identity management among enterprises, such as allowing enterprises to use their existing user systems, seamless third-party SaaS applications procurement, supply chain partners docking system on the downstream business.
• B2C: enterprise through micro letter, microblogging, QQ, 163, Github, etc. to provide consumers with a social certification (or other more third-party identity provider).
• B2E: enterprises to provide single sign-on to their employees, simplify management and eliminate hidden dangers;
• IoT: physical interconnection between networked devices;

Development and changes in the digital environment very rapidly, personal smartphones and tablets everywhere, more and more enterprises have gradually become digital and cloud computing.

With the digitization process and cloud computing, enterprise information security and border dimension, more solid, more complex, from the time, is no longer eight hours, but 7 * 24 non-stop 365 days a year services, but also no longer limited by physical location. Business needs while protecting the identity of a security in a variety of devices, platforms, but also to make the data easier to share scene. Over the past few years, identity management concepts such as multi-factor authentication (MFA), no password and a single source of identity verification in solving management problems of modern distributed environment, has come to the forefront of the times.

Multi-factor authentication using a separate authentication phase to provide two (or more) login procedure. No password can use SMS, e-mail verification code, fingerprint recognition, face recognition and other biometric technology to authenticate users.

• A trend driven IAM / IDaaS popularity is more and more based applications (SaaS) cloud. Cloud service providers such as Ali cloud and Amazon Web Services (AWS), using a remote server to provide users with computing power and storage capacity. The IAM / IDaaS is an important part of the use of SaaS. IAM / IDaaS limit access to restricted resources, provide for monitoring and ensuring security method.
• Another key demand-driven IAM market is that users need to be able, any device access applications from anywhere. With the expansion of personal computing, companies need the ability to provide secure access to their users, in order to confirm the identity of the user to log in all the different environments to ensure business data safety.

Meet your needs from developed to IDaaS

All usage scenarios

• You need standards-based solutions for identity authentication, such as OpenID Connect, SAML, WS-Federation or OAuth;
• Your users can through various identity providers: identity authentication (such as micro letter, QQ), but the lack of a complete service platform or to integrate these associations between them account identity;
• Your application distributed in different domains, and requires the user to log in on each domain, independent of each other;
• You need to make the best developers to build core business applications, rather than spending time on building and maintaining identity management and authentication;
• Your company encountered any type of data leak, or you are concerned about data leakage.
• You are asked to implement an industry standard certification, but you never thought about these issues, or have experience in this area.

B2B

• Your partner requires the use of their corporate users log in to your system. - support you need in addition to username / password option, but also support enterprise-level joint landing, as well as many other types of authentication procedures (such as Active Directory, LDAP, SAML).
  You will not want to delegate user management to the IT services sector.

B2C

• Your main user data from the user's direct inquiry forms or surveys. You can easily extract third-party data about your users, will help you better understand your customers, and then to increase revenue by selling and targeted marketing.
• If you sell products to consumers, you do not provide a simple one-click login to support different social identities registered, which means the loss of customers.
• The number of users increases, you are faced with performance problems.

B2E

• You need a different level of access authorization and management staff.
• When employees join or leave your organization, you need to be able to easily configure and cancel user access.

Consider buying a commercial identity management solutions

There are many compelling reasons, choose to buy identity management solutions, both B2B, B2C or B2E scenarios. Some reasons are as follows:

All users scenes

• Lower costs: the implementation of a third-party identity management solution is very simple, to enable the deployment of powerful functions like a switch just as simple. Hundreds of valuable development time to re-focus on writing business logic instead of spending time to build identity authentication system. Many safety testing time for the development of identity systems can be used in the core of the application. Integration and mapping of the different sources of identity, time consuming and painful. By IAM solutions that work has been completed ahead of schedule, and provide SDK for the popular development stack, to further reduce the extra coding required for integration. The company's research and development team can focus on configuration rather than address these issues through a set of IAM software development and customization.
• Improve security: use a third-party identity management solutions can enhance the security of stored data. IAM solution complies with security policy compliance and safety certification. IAM solutions assume security responsibilities to protect user data storage and transmission. In addition, IAM solution provides a unified authentication, in order to avoid the user by having to remember multiple login credentials, while bad practice to reuse the same password.

B2B

• Increase business agility: identity management solution provides a powerful cartel certification. It supports a variety of enterprise connectivity, such as Microsoft Active Directory, LDAP, ADFS, SAML, and other third-party Apps. Also provides single sign-on function, to solve the user to remember another user name or password troubles, which enhances the convenience of access, reducing customer churn.
• Reduce sales cycle or an employee entry: Federated identity allows different companies to use their own user system or service, while ensuring to meet the safety requirements. This promotes faster sales cycle and customer conversion. Customers do not need to introduce new, unfamiliar login or allow them to remember another password. They can use their existing enterprise single sign-on user systems. (For example, a user authentication protocol supports a variety of standard SaaS software vendors, SaaS and is not supported by the software vendors, the former more competitive.)

B2C

• Increase the conversion rate of customers: by providing customers with a unified, user-friendly identity system, regardless of any browser or device that can provide end users across all application-consistent, non-discriminatory registration and login experience.
• Identity management solutions to collect more data about user identities in different platforms. So companies can use the data to promote the effective marketing and sales opportunities.
• IAM solution provides an intuitive interface to log to optimize registration and login, you can reduce the design requirements and marketing resources. Support different third-party login program, can be dispersed as many authentication requests, so as to maintain high performance and availability of applications.

B2E

• Single sign-on (SSO): IAM solution provides single sign-on allows users to log in only once by using multiple third-party systems. Whether local or cloud applications, SSO allows users to log in once and access any application without second prompt for credentials. SSO can be used for landing within the enterprise ERP, CRM, OA, Office 365 and other applications.
• Management authorization levels: identity management solution provides different levels of access easy way to control the user. When employees join the company or promotion, you can easily assign and change in a different application of permissions. Companies when employees leave can easily cancel, revoke access to all the different platforms.

Assess key elements of an IAM solution

When selecting identity management solutions, you should carefully consider several factors:

• Deployment: your identity management solution should be able to choose to deploy to the cloud, or your own data center.
• Ease of Integration: One of the many advantages of using IAM solution is to shorten development time. Looking for ways to provide various SDK, complete documentation, and configuration solutions enable manufacturers simple, powerful API and functionality.
• Support multiple identity providers plan: good identity management solutions should support almost all popular sources of identity. This includes Microsoft Active Directory, ADFS, LDAP, Office 365, Apps and SAML solutions. For consumers, also includes support for any support for custom databases, social identity provider (such as Weibo, QQ, micro letters, etc.) and no password solutions such as SMS, email, and Touch ID and the like.
• Scalability: Your business will continue to grow, so your identity management should also continue to grow. Your IAM should allow you to easily customize authentication and authorization. Ideally, you should be able to control panel to customize products according to the need, without having to contact support staff or purchase plug-ins. Your IAM solution should also allow you to extend its functionality, such as import / export user data, easy integration with other applications, authorize or execute custom scripts to extend the functionality of the base product.
• First-class safety features: Your provider should IAM international security experts to evaluate, and comply with SAML, OAuth, WS-Federation standards, as well as OpenID Connect, SOC2, HIPAA and so on. Hack check important functions to protect against threats and data leakage, such as weak passwords detection and anti-brute.
• Ease Migration: should support into and out of identity management solutions without limitation. Ensure suppliers prevent the migration of the system users. The solution also supports any user connected to your system has been used, and should not require the user to manually reset their passwords when migrating to the new solution.
• Fast support security experts / customer service: your IAM customer support team should have a team of experts ready to assist 24 hours a day to respond to any challenge. The team should include senior developers, and has extensive practical experience in the implementation of IAM solutions engineering team.

to sum up

In short, you choose the IAM solution should be able to identity management systems and business from a risk point barrier, into a positive, can promote the growth of important functions. Use Authing, you can implement IAM within a few days, and the use of the simplest, most comprehensive, most modern and scalable IAM solutions to enhance business efficiency.

Authing can help you manage the user's identity. As a security expert, we constructed an identity as a Service (IDaaS) platform, which is designed taking into account the most advanced security.

Authing enterprise identity management platform provides customers with many features and benefits, including:

• Companies need to be able to configure and implement joint logon and single sign-on;
• Powerful configuration platform, to minimize coding difficulty;
• Authing support enterprise-level authentication including Active Directory, LDAP, ADFS, SAML, OIDC and so on.
• Authing support landed with all major social networking software, including QQ, micro letter, GITHUB and so on.
• Authing provided outside the traditional username and password authentication is also enhanced security features (such as multi-factor authentication), password detection, anomaly detection and strong Hack protection.
• Without forcing a password reset, users can easily migrate from the existing system.
• Authing provides audit and review based on the analysis of the identity of the organization to ensure compliance and increase sales opportunities.
• Companies can use fine-grained permissions and powerful custom roles function to easily manage user access rules.
• Authing delegated administration allows companies to fine-grained access management, resource visibility, management and external staff.
• Use Authing, the developer takes less than half an hour to set up a robust and customizable to support mainstream technology stack identity management systems.

If you want to get more information, please visit Identity Management: https://authing.cn, micro-channel public number : Authing.

What is Authing?

Authing provide professional identity authentication and authorization services.
We provide developers and businesses to ensure application security required for authentication modules, allowing developers do not need to become security experts.
You can use any platform to access Authing (whether old or newly developed application can be applied), and you can also customize the application's login (eg: email / password, SMS / authentication code, scan code login, etc.).
You can use your technology, to choose our SDK or call the relevant API to access your application. When a user initiates a request for authorization, Authing will help you to authenticate their identity and return the necessary user information to your application.

<Div align = center> Authing position of application interaction </ div>

• Official website: http://authing.cn
• Small Log: https://wxapp.authing.cn/ # /
• Warehouse: Welcome Star, welcome PR
  • https://gitee.com/Authi_ng
  • https://github.com/authing
• Demo：
  • https://sample.authing.cn
  • https://github.com/Authing/qrcode-sample
• Documentation: https://docs.authing.cn/authing/

Welcome concern Authing Technology Column