EUM™ lets you define the ground rules for your user management needs, and then let's you put your Enterprise User Management™ on auto pilot - requiring only minimal intervention even when managing many thousands of users. You start by defining criteria based groups and the permissions that members of these groups will have in your applications. For example, you can define a group as follows: Location = 'USA' and Department = 'Finance'. Next you specify the permissions that members of this group will have in your applications. People who have attributes which match the group's criteria will automatically become members of the group, they will be granted a user account if they don't already have one and will get applications permissions as defined by the group.
The User Lifecycle begins when a user registers online or when EUM™ automatically creates user accounts from your TRM™ (Tracker Total Relationship Management) contacts which fit your criteria based groups. When a user's attributes change, EUM™ automatically updates their group membership, taking them in and out of groups automatically. The user account lifecycle ends when the user is no longer a member of any group, in which case EUM™ can either automatically lock or de-provision the user account.
In addition to automatically creating EUM™ user accounts, the system can also automatically provision and continuously synchronize user accounts, groups and group membership in various backend systems including LDAP directories such as Microsoft Active Directory, E-Mail systems including distribution groups and members, ERP systems and more.
EUM™ is designed to protect any type of software system, web based or otherwise. You define your system in EUM™ by providing basic attributes such as system name and description along with a list of permissions that your system supports. EUM™ then allows you to record user and group permissions to the defined system and automatically ties in logging, auditing and reporting. Corporate Central applications including WAG™, TRM™, Cloud Portal™ and EUM™ itself are automatically available in EUM™ with their associated permissions.
Automatic Criteria Based Groups greatly simplify user access control and allow permissions to be managed based upon user profiles which are comprised from a series of dynamic user attributes (i.e. Division, Department, Job Title, Job Grade, Geographic Location).
Once you define EUM™ criteria based groups, the system automatically
maintains user-group membership and associated resource access.
For example as employees are hired, change roles or retire - they are automatically assigned to the appropriate criteria based groups. Administrators need only define groups and their permissions.
The EUM™ Logon Service lets you integrate your app with Corporate Central. When a user tries to login through your logon page, they provide the necessary credentials – Username and Password. Your logon page adds a globally unique system id assigned to you by EUM™ and submits a request to the EUM™ Logon Service which authenticates the user. In a successful authentication, the EUM™ Logon Service returns an array of one or more effective Permissions that the requestor has to your system. 3 lines of code, that’s all it takes to enable any of your apps to authenticate via the EUM™ logon service.
Enjoy the benefits of automatic account provisioning by setting up criteria based groups in EUM™ , then start entering contacts into TRM™ , either manually or setup continuous real-time differential synchronization from any of your data sources into TRM™ . Configure TRM™ to continuously sync with your HR system for example - and any time an employee record is entered, modified or deleted in HR - the change is immediately reflected in TRM™ . EUM™ monitors these changes and creates a new user account when a new employee is added in HR. If the employee record is removed from HR, EUM™ will disable or de-commission the user account. Of course, you can have TRM™ synch-in from any of your data sources (not just HR) such as data sources for customers, vendors, partners, suppliers and so on, and you will get the same great results.
Enterprise User Management™ implements an open Web Services design architecture to easily integrate with internally developed and 3rd party solutions while minimizing use of specific APIs
on both ends, thereby promoting significant decoupling and dynamic binding of components. This in turn enables and drives service-oriented architectural approach.
Enterprise User Management™ is often implemented with large scale corporate directories where you can synchronize User Accounts, Groups and Group Membership defined and maintained in EUM™ , and the other way around!. Companies have integrated Enterprise User Management™ with many LDAP compliant directories as well as many non-LDAP directories, custom directories, and data sources.
Automatic Directory Synchronization works with many LDAP (Lightweight Directory Access Protocol) directory services including Microsoft Active Directory, Microsoft Exchange for automated mailbox provisioning, Lotus Notes, OpenLDAP, X.500 Directories .
Whatever type of integration need or initiative you have, EUM™ can handle it all.
With EUM™ you can easily delegate specific administrative tasks with precise resolution to specific web applications or systems and specific permissions levels. This level of resolution enables the definition of powerful delegation matrices
using EUM™ drill down web based user interface.
EUM™ is designed to centralize and automate user access to applications and data for all internal and external users. To accomplish this, EUM™ securely integrates
and synchronizes with systems, contact sources, directories and more to provide complete control over all user management.
The ground rules are defined and integrated once and thereafter users are automatically maintained with their identities, groups
and group membership through profile based automation and directory automation.
Administrators need only define the ground rules and handle exceptions.
EUM™ automatically logs detailed audit trail records including all user activity and resource access from system and module level down to the record and field level. This includes for example the record, field, date, time and IP addresses
of user resource access requests including whether it was a successful or failed logon request.
Account creation, modification, password changes, resources accessed, account lockouts and much more are part of the logging mechanism. The
built in reporting facility includes sophisticated reporting on many combinations of parameters including user and group attributes, resources and permissions.
EUM™ is an essential tool in auditing and establishes compliance for system
access as defined by Sarbanes Oxley and HIPAA.
Since many EUM™ customers are from the financials industry, its security has been scrutinized on an ongoing basis and EUM™ puts in your hands over a decade of security expertise running large scale web applications in the wild.
Running large
scale web application introduces us to the daunting task of enforcing policies. Administrators must be given a solution that is both resilient to attacks and protective of data confidentiality, integrity, and availability.
EUM™ implements
powerful full featured policy management including sophisticated options for password, security, monitoring, policing, auditing, logging and reporting. These features deliver significant tools for maintaining compliance with regulatory
authorities.
© 2012 - Corporate Central. All Rights Reserved
Buy Corporate Central Clothing
