Computer Associates International Inc has combined its own host access control and user provisioning technology with the web single sign-on systems it acquired a year ago with the takeover of Netegrity, to produce an ID management suite that is said to be good for managing the identities of employees, partners and customers, as well as secure ‘headless users’ or web services.
The new Identity Manager release 8 product is designed to provision, enforce and audit an organization’s use of identities that secure access to enterprise infrastructure, databases and application resources.
The combination of the IdentityMinder technology from Netegrity and products from CA’s own eTrust stable has been augmented with a series of connectors that allow for data bridges that span across into existing LDAP, ERP, email, HR, AD or NOS directories that store information on user rights and access privileges.
This is the first CA security product to make use of the CA integration platform and the common workflow engine that facilitates Toby Weiss CA’s general manager for security management said. It is designed to encompass the whole user universe, from those identities inside an organization to remote users that are external and web-based. Regardless of the type of user, identities can be controlled from one place and from a single point management console.
The addition of business driven entitlement features lets certain identity administration and management tasks to be delegated across the enterprise to trusted business users, who can then be tasked with signing-off on the access rights and privileges that should be assigned to their staffs.
Enhanced self-service applications is another feature of the new release that should reduce the overhead of ID management schemes by letting users manage their own password reset requests. It is said that up to half of all the helpdesk calls that are made are about password queries.
CA said the system can be tuned to accommodate two-factor authentication, if necessary, and can be set up to work with either hard or soft token systems. It will also produce the reports that are now becoming necessary to meet regulatory and compliance mandates, by documenting that identity controls are in place and are working as intended.
CA paid $340m net of cash for Netegrity in November 2004, picking up a $100m business and some market leading web single sign-on security technology that has help round out is own identity and access management programs. The Waltham, Massachusetts-based vendor was also a significant player in the provisioning market, with a partner network of 75 systems integrators and 2,000 third-party consultants.