-
Identity information silos
The application exists identity information silos, making it difficult to correlate users' real identities, and cannot be unified, real-time, and effectively supervised with security risks.
-
Increasing number of user types
In addition to internal employees, external collaborators, vendors, partners, temporary staff and other types of users also need to be included in the unified management of the enterprise.
-
Difficult application integration
Application integration methods in different technology platforms of enterprises differ greatly, and identity governance is difficult and long-period.
INTRODUCTION
BIMBIM, as an enterprise-level platform system software, takes digital identity as the connection point, opens up information silos, establishes automated control mechanisms for users' whole life cycle digital identity and account permissions, provides uniform specifications and unified standards for secure access to different types of application systems, and establishes a credible and authoritative master data center for organizations; provides a global view of application systems and user permissions.
BIM provides full life cycle closed-loop management of users' electronic identity, realizing centralized storage of user information and centralized management of users' accounts in various application systems. Through the provisioning engine, the platform provides real-time synchronization of data such as organization and hierarchy, application account and data dictionary for the application systems. The platform creates a main account for each user and associates the user's account with each application it. Users can maintain personal information, view personal entitlements and submit applications for accounts and entitlements on the platform. After approval by workflow, the platform automatically opens accounts or entitlements for users.
FEATURES
BIM-
Identity centralized storage
Establish a unified identity information base, and sort, clean, map and store all kinds of user identity data and application account data according to unified standards and specifications. -
User lifecycle management
The opening, changing, authorizing, enabling, disabling and deleting of various user accounts are managed on a unified platform, and are automatically synchronized to various application systems in real time.
-
Identity recovery and synchronization
Support the integration of multiple identity data sources, such as HR, AD, MDM, etc., to realize automatic recovery; Rich connector library, a large number of commercial software 0 development synchronous integration; Support multiple integration methods. -
Account identification service
Regularly check the account status in various applications of enterprises, identify risk accounts such as zombie accounts, orphan accounts and duplicate accounts, and give timely warning.d duplicate accounts, and give timely warning. -
Process automation
The platform has a built-in workload engine, which provides rich development and process design tools. -
Organizational management strategy
Support multi-dimensional organization, virtual organization and user-defined organization; Support hierarchical and decentralized management, and hierarchical and independent management mode of groups and branches.
APPLICATION SCENARIOS
BIM-
Organization and user management
Manage the main organization and user of the enterprise, maintain user ID, password, name, phone, email and other basic attributes. Manage the organization to which the user organizations, user positions and other attributes related to account permissions.
-
Application organization and account management
Manage the organization and account data in the target application system.
-
Application Resource Management
Manage the target application resources of the access platform, such as application roles, application and group data.
-
User self-service
Users apply for master accounts, application accounts or application permissions independently through self-service. Permissions are automatically obtained after workflow approval. Users can also maintain personal information, view their own permissions and access tracks, change passwords, and self-recovery of forgotten passwords.
-
Workflow Management
It has a feature-rich workflow engine with built-in secondary and tertiary approval processes, and also supports customized workflows. The workflow works on the main user and organization, application account, application permissions and other objects.
-
Audit and Reporting Management
Provide organizational data statistics. Provide user data statistics by organization and type, etc. Provide application account statistics reports, including orphan accounts in the application that cannot be associated to the main account, and private violation accounts in the application, etc.
ARCHITECTURE
BIMThe identity management engine is the core of BIM platform, and the supply engine is responsible for synchronizing the addition, modification and deletion of institutions and accounts to the application system; The recovery engine is responsible for obtaining basic information of institutions and users from upstream data sources, or reversely obtaining information of institutions and accounts from applications for consistency check; Processing user account application and approval process in workflow engine; Handle built-in or customized reports in the report engine; Scheduling engine handles scheduled tasks.
ADVANTAGES
BIM-
Full lifecycle automation management
Quickly connects various upstream and downstream application systems, automates user lifecycle management through process integration, identity mapping and synchronization, and greatly improves the efficiency of identity management.
-
Full user type coverage
Incorporates various types of enterprise users into a unified management scope can expand user types and customize management policies to meet the expanding needs of enterprise user latitude.
-
Rapid Business Adaptation
It provides powerful policy configuration and process design capabilities to quickly adapt to enterprise management policies and regulatory requirements for users, organizations, applications, permissions, etc.