Breaking through information silos
Building a human-centered identity security governance system
<  CHALLENGE  >

Bamboocloud Unified Identity Management 

helps your organization easily handle the following challenges


  • Increasing number of users and applications

    Increasing number of users and applications
    Along with the organization's information construction, the number of applications and user types is increasing.
  • Account management process is not unified

    Account management process is not unified
    Each application administrator independently manages the operation of adding, deleting, changing and checking the application accounts.
  • Long account application process

    Long account application process
    It takes 3-5 working days from employee entering to account and permission opening, which affects office efficiency.
  • Various password rules for each application

    Various password rules for each application
    Various password complexity rules for each application, no password complexity requirements.
  • Waste of resources

    Waste of resources
    When a new business system is built, if no suitable system is found for reuse, a new user management system has to be built, resulting in a waste of IT resources due to repeated construction.
  • Lack of unified management norms

    Lack of unified management norms
    Lack of a unified specification for application account management and application integration.
<  what  >

is unified identity management?

Realize best practices related to identity management, which can extend identity rights management to various types of users as well as application systems, including in-enterprise applications, mobile apps, SaaS tools, etc., without breaking security. It opens up information silos, builds a human-centered identity security governance system, realizes unified risk control and compliance audit of user access behavior in different latitudes for internal personnel, outsourcers, partners, and public users, as well as realizes electronic identity can effectively improve the process efficiency, realize the automated control of account authority creation and disabling, and avoid the backdoor caused by human misoperation. 




<  OVERVIEW  >

Diagram of Solution Overviw

Unified identity management(diagram of solution overview).png

Solution Architecture

Bamboocloud IAM obtains authoritative organization and user data from the upstream data source HR system, and allows administrators to import it or users to enter it through self-registration, thus forming information system organization and user master data. According to the user's organization, department, position, etc., IAM automatically assigns the corresponding account number and permissions to users, and synchronizes these accounts and permissions to OA, mail, user directory and other applications in real time. Realize automation of application account management and efficient transfer of identity.

Unified Identity Management.jpg

Rapid Integration

Through an open and standard identity integration interface, the platform can quickly integrate with the target application system.

Unified Identity Management(Rapid Integration).jpg

<  Application Scenario  >

  • Personnel master data

    Personnel master data

    Person, organization and authority are unified data source by IAM.
  • Efficient identity circulation, Account management automation

    Efficient identity circulation, Account management automation

    By obtaining authoritative organization and user data from the upstream data source HR system, corresponding application accounts and permissions are automatically assigned to users.
  • Identity view

    Identity view

    The isolated and scattered identity lack the unified identity view.
<  ADVANTAGE  >

  • Establishing the organization and user master data.


  • Automatic account synchronization, automatically add, update, invoke, forbidden, and delete application accounts.


  • Integrating different types of users into the unified management.


  • Automated management of the full lifecycle of application accounts.


  • Identifying high-risk accounts such as duplicate accounts and orphan accounts in the application.


  • Identitying data compliance audit and providing user statistics, account statistics and account compliance audit reports


  • Unified password policy

    Unified management process

    Unified access specification


  • Supporting for Docker deployment, microservices and cloud deployment.