Solutions
-
Background
Market competition is fierce, the manufacturing enterprises need to continuously improve manufacturing technology and system equipment in order to survive in the fierce competition of the market; business transformation is urgent, the field of manufacturing needs to accelerate technological innovation, manufacturing equipment is developing in the direction of flexibility, automation, intelligence and efficiency.
-
Value
In the information age of deep integration of science and technology and industry, driven by the new industrial form of digitalization, networking and intelligence, the industrial Internet is booming. The essence of manufacturing is the deep integration of industrialization and informatization. In this process, it is particularly important to ensure enterprise information security and strengthen risk prevention. The core of the Internet is "interaction", which connects people and things with each other in a way that all things are interconnected, and realizes their collaboration and interaction. Identity, as the new boundary of information security, is the prerequisite and necessary condition for all core elements to interact safely. -
Solution
For the end-to-end security of the industrial Internet, Bamboocloud provides enterprises with automated control for the entire life cycle of user electronic identity through an intelligent identity management platform, establishes a risk prevention mechanism that combines a fusion authentication framework and a risk engine, enhances the rapid response of enterprise information systems to business changes and innovations, supports the transformation and upgrading of organizational change and development.
-
Cases
Haier, Bull Group, Foton, Weichai and Shougang joined hands with Bamboocloud to build an intelligent identity security management platform, break through the isolated island of identity data, realize centralized control of identity data, and escort intelligent manufacturing.
Sore Points
-
No user lifecycle management
01/The scenarios of internal staff, external staff, and overseas staff onboarding, leaving, transferring, and rehiring are done manually by each system administrator, and non-automated operations are risky.
-
Single authentication method and difficult to expand
02/The systems mostly use static passwords, without a unified authentication policy, and lack a secure single sign-on mechanism.
-
No unified management specification
03/1. Decentralized account management of each application system, independent management of the group and branches, lack of uniform account naming norms and password policies.
2. Each system independently stores identity data, and each system maintains multiple sets of organizations, which may lead to data inconsistency.
-
No unified audit log records
04/Without a centralized user view, it is impossible to display and analyze users' daily access behavior and user management behavior in a unified way.
IAM can effectively solve pain points
Bamboocloud IAM provides user management, authentication management, authority management and audit management; HR, as the main authoritative data source, regularly synchronizes the user data of the headquarters to Bamboocloud IAM, and actively pushes and periodically recycles the user data with the downstream system; SAML protocol is adopted to achieve federal authentication for downstream local application systems and IAM platforms of branches, and OAuth protocol is adopted to achieve federal authentication for Saas applications and mobile applications.
Values
-
Enhance the security of information assets
1.User identity management throughout the whole process, to avoid artificial leakage of information, zombie account generation, etc.
2. Establish permission compliance management mechanism to ensure minimal and reasonable empowerment
3. Establish real-name authentication and other methods to prevent identity fraud and theft
-
Strengthen the core business system permission control
Strengthen the permission control of core business systems, and make clear hierarchical authorization and permission approval for all kinds of permissions, which can not only avoid the abuse of permissions brought by human operations, but also carry out real-time auditing and post-event traceability.
-
Enhance core system access security
Realize biometric identification such as face, fingerprint and voice print to enhance the security of access, and realize Ukey locking window system. Secure access to core business data by enhancing the identity verification strength of the core application system.
-
Audit all operations with traces
It can record the important operations of each user (user login, user logout, adding, modifying, deleting key data), and generate statistical, query, analysis and audit reports on the log audit data.
Integrated Apps
Bamboocloud has integrated many application systems in the manufacturing industry, including SAP, PTC, Windchill, warehouse management and other business systems, and implemented dozens of connectors to quickly realize application docking.
