Features of IBM Security Verify for Workforce IAM
Log in with federated single sign-on
Eliminate username and password hassles and sign into all your applications with a single set of login credentials, leveraging on-premises directory tools like Active Directory and LDAP. Deliver one-click access to applications from a unified launchpad using thousands of out-of-the-box SaaS connectors or templates for SAML 2.0 or OpenID Connect applications.
Enhance security with multi-factor authentication
Protect accounts with an additional security layer and meet compliance mandates with a common approach to MFA across applications, VPN, Windows desktops, and Linux. Infuse multiple modern user authentication options per resource, like SMS/email one-time passwords, IBM Verify app push notifications, fingerprint, QR codes, FIDO2, and more.
Identify and mitigate access risks with identity analytics
Add risk awareness with a holistic view of identity lifecycle risk including decision support in the form of risk scores for users, applications, and entitlements, accompanied by recommended mitigation actions powered by machine learning.
Adapt for context using continuous access control
Allow streamlined access to low-risk users and either block or challenge access in higher-risk conditions with continuous, contextual authentication and adaptive access. Organizations can use a simple policy editor to apply AI-informed access policies to prompt for MFA based on behavioral biometrics, device fingerprint, geolocation, and more.
Enable user provisioning and lifecycle management
Enable automatic provisioning and deprovisioning for applications with SCIM and provide users with self-service options to request access to applications and reset and manage their own passwords.
Automate recertification campaigns
Streamline joiner-mover-leaver provisioning processes, and implement a periodic recertification cadence for higher risk applications to meet compliance mandates.
Extend SSO to UEM with IBM Security MaaS360 integration
Deliver seamless SSO, and verify users and devices with compliance-based conditional access, for all apps and unified endpoint management (UEM)-enrolled devices.
Extend workflows with QRadar and Resilient integration
Infuse identity as a central pillar of any zero trust strategy by integrating with threat management and incident response. Stream Verify event data to QRadar to identify and analyze threat anomalies. Send Verify anomalies and other events to Resilient to take action, such as automatically resetting a password or removing an entitlement. Out-of-the-box integration makes both workflows simple.
Protect on-premises applications from the cloud
Bridge the gap in your IAM infrastructure and simplify your migration to a cloud-based identity provider with a lightweight application gateway that extends access control to on-premises web applications.
Troubleshoot events with custom activity reports
Investigate trends and troubleshoot suspicious events with user and application activity reports, from a global overview down to individual parameters from a single login.
Empower managers to control access with delegation
Reduce time and skill dependencies on IT. Delegate the responsibility of application ownership to line of business managers, empowering them to provide their employees with faster access to applications.
How customers use it
-
Assess full user context with Adaptive Access
Problem
Balancing security with user experience, allowing frictionless access to low-risk users.
Solution
Take context into account by infusing risk evaluation into access policy decisions. Protect against higher-risk conditions without burdening low-risk users.
-
Monitor identity lifecycle risk with Identity Analytics
Problem
Understanding key risk areas in an IAM environment and what to do about them.
Solution
Scan for top risks across users and applications and leverage recommended mitigation actions powered by machine learning.
-
Automate access recertification campaigns
Problem
Auditing to ensure access levels remain appropriate over time adds effort and is difficult to keep up-to-date to maintain compliance.
Solution
Take an automated approach and set up as many periodic recertification campaigns as you need, at any cadence.
-
Simplify the provisioning process
Problem
Onboarding employees can be difficult, and IT has too many application access requests to sort through.
Solution
An application catalog and access request interface that lets you provision access to applications faster.
-
Investigate authentication events
Problem
Lack of insight into user trends, suspicious events, and authentication challenges.
Solution
Dive into user and application reports to identify authentication patterns and investigate suspicious events. Dig into specific users to investigate common issues like SSO activity, account lockouts, login failures, or credential resets.
You may also be interested in
IBM Security Verify Access
Secure and simple user access management for employees and consumers.
IBM Security Verify Privilege Vault
Password vaulting, auditing, and privileged access control for the enterprise, available both on-premises or in the cloud.
IBM Security Identity Governance & Intelligence (IGI)
Provisioning, auditing, and reporting on user access and activity through lifecycle, compliance and analytics capabilities.
IBM Security Verify for Consumer IAM
Frictionless access, privacy and consent tracking, and progressive profiling for external users.