• Password Manager
  • User self-service for password resets and account unlocks
  • Password synchronization between enterprise systems and multiple AD domains
  • User interfaces for Microsoft SharePoint, Outlook Web Access, and the Windows Logon screen
  • Profile Manager
  • User self-service for their personal directory information with approval workflows
  • Directory information synchronization between enterprise systems and multiple AD domains
  • Improves the quality of data by providing dropdown lists and enforcing rule-based value generation
  • Provisioning Manager
  • Automated role-based user provisioning and de-provisioning for a broad range of enterprise systems and directories
  • Monitors enterprise systems providing true bi-directional communication of events and changes
  • Self-registration workflows enable users to securely add themselves to directories without administrative intervention
  • Role Enforcers
  • Enables the discovery, administration, auditing, and enforcement of a single role-based authorization model across all resources and systems
  • Role Enforcer modules leverages EmpowerID's flexible Role-Based Access Control (RBAC) to lower costs, reduce errors, and improve security
  • Modules available for: Microsoft SharePoint, Windows File Shares, Windows Print Shares, Microsoft Exchange, Active Directory and LDAP Groups, and Custom Applications
  • ILM Connect
  • Replaces complex provisioning code in ILM Management Agents with visually designed Windows Workflow Foundation workflows
  • Role-Based Entitlement Management for ILM to answer and enforce "who has access to what, why, and for how long?"
  • Increases ILM compliance with enterprise-wide reporting, automated attestation, and separation of duties enforcement
  • Connect Modules
  • Enable EmpowerID's workflow-based provisioning for a variety of directories, operating systems and applications
  • Provide password and profile information synchronization for a wide variety of platforms
  • Connect modules available for: Active Directory, LDAP, Linux/Unix, MySQL, Microsoft SQL, Oracle, Custom Applications, SAP, Midrange (AS/400), Microsoft Identity Lifecycle Manager, and custom applications
  • BPM Studio
  • Visual designer for the EmpowerID Business Process Management Server
  • Allows users to extend out of the box workflows or create entirely new ones
  • Drag and drop designer and property mapper with rich library of shapes
  • Identity Lifecycle Management
  • Automated role-based user provisioning and retirement
  • Password synchronization & self-service reset
  • Directory information synchronization & self-service
  • Delegated identity administration
  • Automated attestation & continuous compliance enforcement
  • Role-Based Entitlement Management
  • Unifies visibility, audit, and enforcement over all enterprise systems with a flexible Role-Based Access Control (RBAC) system
  • Centralizes the control of access and the enforcement of policies for users based on their specific role and location in the organization
  • Covers a broad range of IT systems including: Microsoft SharePoint, Active Directory & LDAP Groups, Windows File Shares, Windows Print Shares, Microsoft Exchange, and Custom Applications
  • Resource Lifecycle Management
  • EmpowerID's automated, self-documenting and auditable workflow processes manage the entire lifecycle of your enterprise resources
  • Full lifecycle management including: provisioning, inventorying, enforcement, management, certification and retirement
  • Lifecycle Management for Windows File Shares, Windows Print Shares, Microsoft Exchange, Active Directory & LDAP Groups, and custom applications
  • Sharepoint Extranet Directory
  • Automated workflow-based user self-registration and site access requests
  • Maintains SharePoint extranet user accounts in EmpowerID
  • Inherent security, routing, approvals, and reporting
  • Role-based delegation with workflow approvals and reporting
  • Self-service password change, forgotten password reset, and account unlock
  • User profile self-service with workflow approvals
  • Business Process Management
  • First Identity and Role-Based Entitlement Management platform built on a Business Process Management Platform (BPM)
  • Complex workflows offer comprehensive security "baked in", eliminating the vulnerabilities created by traditional workflow applications
  • Friendly workflow designer coupled with a huge library of shapes makes IT organizations more agile and SOA-compliant
  • Business Process Management
  • First Identity and Role-Based Entitlement Management platform built on a Business Process Management Platform (BPM)
  • Complex workflows offer comprehensive security "baked in", eliminating the vulnerabilities created by traditional workflow applications
  • Friendly workflow designer coupled with a huge library of shapes makes IT organizations more agile and SOA-compliant
  • Microsoft PowerShell
  • Visually design business processes by dragging and dropping PowerShell shapes and the pipeline connections between them
  • Controlled delegation of PowerShell driven workflows on a role-based access control platform
  • Automate complex systems management tasks across remote machines with detailed logging and reporting
  • Role-Based Access Control
  • Enables immediate non-disruptive roll out of a role-based entitlement management model
  • Assignment based upon what a person does and where they work dramatically reduces "role bloat"
  • Resource Role definitions ensure consistency and accurate reporting of actual access rights
  • Metadirectory
  • Provides a rich and extensible schema enabling attribute synchronization and live data access for a diverse range of directories and application servers such as Active Directory, LDAP, SharePoint Profiles, Unix/Linux, and database applications.
  • An extensive role-based access control metadirectory that models the real world with People, Accounts, Roles, Business Locations, Directories, Resource Systems, Resources, Applications, and Policies
  • Allows developers to move security code out of their applications and into a central authorization system
  • Active Directory
  • Manage Active Directory using Microsoft's most advanced technologies: .NET 3.5, System Directory Services Protocols programming layer, ASP.NET Membership & Role Provider, Windows Workflow Foundation, Windows Communication Foundation, and PowerShell
  • Active Directory management including: user provisioning, password management, information management, corporate white pages, and delegated user and group administration
  • Workflow and role automation for delegated administration and self-service for Active Directory and Exchange, including support for Resource Forests

Customers       Company       Support       Contact
EmpowerID Role Enforcer for Groups
Role-Based Lifecycle Management and Permissions Enforcement for Groups

Groups are currently the most widely adopted method of managing application and resource security, however 70% of organizations do not have a reliable group management solution. Gaining control over group membership is an essential first step in any enterprise compliance initiative. EmpowerID Role Enforcer for Groups securely automates the entire lifecycle of managing groups: their initial creation or discovery through self-service; their delegated administration; and their eventual retirement from use.

EmpowerID Role Enforcer for Groups automates and simplifies the complex process of provisioning, managing, and de-provisioning groups in multi-directory environments throughout their entire lifecycle with detailed compliance tracking. Role Enforcer for Groups inventories your enterprise directories and automatically discovers and monitors these protected resources for changes. EmpowerID leverages its workflow and Role-Based Access Control (RBAC) framework to automate group permissions assignment and membership management through RBAC policies and user initiated workflow requests.

EmpowerID's RBAC technology allows dynamic management of group membership by maintaining groups based upon roles and rules derived from your directory data. When user information changes via request-driven workflows or from changes in external directories, EmpowerID automatically updates the membership and native permissions of distribution lists and security groups. EmpowerID's powerful Metadirectory provides rich reporting of group membership, and how users were added to groups, whether by: RBAC policies related to job function and location; an approved workflow request; or a direct assignment of their user accounts to groups outside of EmpowerID. EmpowerID makes a giant step forward in AD enterprise security by allowing the continuous enforcement of Group membership and permissions based on RBAC policies. EmpowerID even gives business users the ability to manage Group membership from within Microsoft Outlook.

The key issue in any strategy for centralizing the management of application and resource permissions using AD or LDAP groups is the absence of any auditable linkage between the group and the application. As a result, AD and LDAP Groups can quickly become a black hole for compliance initiatives. Organizations will often use complex group naming standards in an attempt to "relate" groups to the resources they protect, but this is not secure or auditable. EmpowerID addresses this need by extending the capabilities of AD and LDAP groups with Entitlement Management, which is external fine grain authorization for applications and resources.

EmpowerID's RBAC Metadirectory is a complete Entitlement Management platform allowing protected Resources to be defined and Groups to be used as relational roles conferring specific resource permissions and controlling application operations. EmpowerID makes possible the attestation of any rights granted to any resource.

Key Features:
  • Friendly web-based and rich Windows Presentation Foundation (WPF) user interfaces allow non-technical business users to participate in self-service and delegated administration of groups
  • Flexible and friendly workflows automate new group requests with automatic rights-based approval routing and notifications
  • Easy to use self-service workflows automate join and leave group requests with rights-based approval routing and notifications
  • Role and location-based dynamic group membership policies automatically maintain membership based upon information in connected directories
  • Time-based group membership automatically expires access
  • Monitoring and inventory of directories detects changes, discovers new groups, and can roll back unauthorized changes
  • Support for assigning native group permissions enables business users to manage group membership from within Microsoft Outlook
  • Promotion of groups as relational RBAC roles allows 360 degree visibility over the resources they protect and the rights they grant

EmpowerID Role Enforcer for Groups provides organizations with centralized workflow and role-driven automation of the entire group lifecycle management and enables groups to be a strategic part of any initiative focused on security, centralized authorization, or compliance.

























Download Free Trial!
Schedule Live Demo!
Try Now Online!
Read the TDNF Blog!


Compare EmpowerID!