• Password Manager
  • User self-service for password resets and account unlocks
  • Password synchronization between enterprise systems and multiple AD domains
  • User interfaces for Microsoft SharePoint, Outlook Web Access, and the Windows Logon screen
  • Profile Manager
  • User self-service for their personal directory information with approval workflows
  • Directory information synchronization between enterprise systems and multiple AD domains
  • Improves the quality of data by providing dropdown lists and enforcing rule-based value generation
  • Provisioning Manager
  • Automated role-based user provisioning and de-provisioning for a broad range of enterprise systems and directories
  • Monitors enterprise systems providing true bi-directional communication of events and changes
  • Self-registration workflows enable users to securely add themselves to directories without administrative intervention
  • Role Enforcers
  • Enables the discovery, administration, auditing, and enforcement of a single role-based authorization model across all resources and systems
  • Role Enforcer modules leverages EmpowerID's flexible Role-Based Access Control (RBAC) to lower costs, reduce errors, and improve security
  • Modules available for: Microsoft SharePoint, Windows File Shares, Windows Print Shares, Microsoft Exchange, Active Directory and LDAP Groups, and Custom Applications
  • ILM Connect
  • Replaces complex provisioning code in ILM Management Agents with visually designed Windows Workflow Foundation workflows
  • Role-Based Entitlement Management for ILM to answer and enforce "who has access to what, why, and for how long?"
  • Increases ILM compliance with enterprise-wide reporting, automated attestation, and separation of duties enforcement
  • Connect Modules
  • Enable EmpowerID's workflow-based provisioning for a variety of directories, operating systems and applications
  • Provide password and profile information synchronization for a wide variety of platforms
  • Connect modules available for: Active Directory, LDAP, Linux/Unix, MySQL, Microsoft SQL, Oracle, Custom Applications, SAP, Midrange (AS/400), Microsoft Identity Lifecycle Manager, and custom applications
  • BPM Studio
  • Visual designer for the EmpowerID Business Process Management Server
  • Allows users to extend out of the box workflows or create entirely new ones
  • Drag and drop designer and property mapper with rich library of shapes
  • Identity Lifecycle Management
  • Automated role-based user provisioning and retirement
  • Password synchronization & self-service reset
  • Directory information synchronization & self-service
  • Delegated identity administration
  • Automated attestation & continuous compliance enforcement
  • Role-Based Entitlement Management
  • Unifies visibility, audit, and enforcement over all enterprise systems with a flexible Role-Based Access Control (RBAC) system
  • Centralizes the control of access and the enforcement of policies for users based on their specific role and location in the organization
  • Covers a broad range of IT systems including: Microsoft SharePoint, Active Directory & LDAP Groups, Windows File Shares, Windows Print Shares, Microsoft Exchange, and Custom Applications
  • Resource Lifecycle Management
  • EmpowerID's automated, self-documenting and auditable workflow processes manage the entire lifecycle of your enterprise resources
  • Full lifecycle management including: provisioning, inventorying, enforcement, management, certification and retirement
  • Lifecycle Management for Windows File Shares, Windows Print Shares, Microsoft Exchange, Active Directory & LDAP Groups, and custom applications
  • Sharepoint Extranet Directory
  • Automated workflow-based user self-registration and site access requests
  • Maintains SharePoint extranet user accounts in EmpowerID
  • Inherent security, routing, approvals, and reporting
  • Role-based delegation with workflow approvals and reporting
  • Self-service password change, forgotten password reset, and account unlock
  • User profile self-service with workflow approvals
  • Business Process Management
  • First Identity and Role-Based Entitlement Management platform built on a Business Process Management Platform (BPM)
  • Complex workflows offer comprehensive security "baked in", eliminating the vulnerabilities created by traditional workflow applications
  • Friendly workflow designer coupled with a huge library of shapes makes IT organizations more agile and SOA-compliant
  • Business Process Management
  • First Identity and Role-Based Entitlement Management platform built on a Business Process Management Platform (BPM)
  • Complex workflows offer comprehensive security "baked in", eliminating the vulnerabilities created by traditional workflow applications
  • Friendly workflow designer coupled with a huge library of shapes makes IT organizations more agile and SOA-compliant
  • Microsoft PowerShell
  • Visually design business processes by dragging and dropping PowerShell shapes and the pipeline connections between them
  • Controlled delegation of PowerShell driven workflows on a role-based access control platform
  • Automate complex systems management tasks across remote machines with detailed logging and reporting
  • Role-Based Access Control
  • Enables immediate non-disruptive roll out of a role-based entitlement management model
  • Assignment based upon what a person does and where they work dramatically reduces "role bloat"
  • Resource Role definitions ensure consistency and accurate reporting of actual access rights
  • Metadirectory
  • Provides a rich and extensible schema enabling attribute synchronization and live data access for a diverse range of directories and application servers such as Active Directory, LDAP, SharePoint Profiles, Unix/Linux, and database applications.
  • An extensive role-based access control metadirectory that models the real world with People, Accounts, Roles, Business Locations, Directories, Resource Systems, Resources, Applications, and Policies
  • Allows developers to move security code out of their applications and into a central authorization system
  • Active Directory
  • Manage Active Directory using Microsoft's most advanced technologies: .NET 3.5, System Directory Services Protocols programming layer, ASP.NET Membership & Role Provider, Windows Workflow Foundation, Windows Communication Foundation, and PowerShell
  • Active Directory management including: user provisioning, password management, information management, corporate white pages, and delegated user and group administration
  • Workflow and role automation for delegated administration and self-service for Active Directory and Exchange, including support for Resource Forests

Customers       Company       Support       Contact
EmpowerID Role Enforcer for Users
Role-Based Lifecycle Management and Permissions Enforcement for User Accounts
EmpowerID Role Enforcer

EmpowerID Role Enforcer for Users automates the entire process of provisioning, management and de-provisioning of user accounts across your multiple directories, based upon pre-defined role-based policies. EmpowerID's unique Role-Based Access Control (RBAC) Metadirectory technology allows organizations to establish policies based upon a person's job function and location that will determine the user accounts to be created in various enterprise directories. These user accounts are managed as "Resource Entitlements" which are automatically provisioned, moved, and de-provisioned throughout the employee's lifecycle in an organization. These RBAC policies eliminate the threat of privilege accumulation over time as an employee changes status within an organization.

In an EmpowerID RBAC-automated enterprise, new hires, transfers, and terminations can be initiated via friendly Windows Workflow Foundation processes by business users, or externally in an HR system monitored by EmpowerID. EmpowerID provides complete identity lifecycle management by monitoring your enterprise directories for new account creation, password changes, attribute changes, and account deletions. Newly detected accounts or account changes are fully tracked and logged for compliance reporting and can be configured to trigger workflow processes. Flexible attribute flow rules determine which enterprise directories are authoritative for specific directory attributes and which directories are subscribed to receive these changes. A full change history of each attribute, with before and after values is maintained for detailed change tracking and auditing.

EmpowerID Role Enforcer modules cover a broad range of IT systems and resources including:
  • Automated inventory of user identities from a wide variety of directory technologies
  • Automated role-based user provisioning, moves, changes and de-provisioning of user accounts, initiated via workflow requests or changes in a monitored HR system
  • Deleted user account recovery and associated Exchange mailboxes
  • Flexible provisioning and account joining rules in workflow processes for new account discovery evaluation
  • Self-service account registration requests with workflow approvals
  • Flexible attribute flow rules to synchronize updated information between directories
  • Policy-based attribute value assignment by geography, department, job function and other business-specific groupings
  • Delegated identity administration via web interfaces and rich Windows Presentation Foundation clients

EmpowerID Role Enforcer for Users provides organizations with centralized workflow and role-driven automation of the entire identity lifecycle. EmpowerID ensures that security policies are consistently applied, prevents the accumulation of privileges, and provides a secure and auditable platform for compliance efforts.

























Download Free Trial!
Schedule Live Demo!
Try Now Online!
Read the TDNF Blog!


Compare EmpowerID!