IdentityManager

IdentityManager

Home>Products>IdentityManager

Modern Authentication Made Easy

Employees and contractors generally access enterprise applications and third-party software like Salesforce and Google with usernames and passwords. The problem is, passwords are not very secure. They can be lost, stolen, or hacked with algorithms, which puts users, resources, and data at risk. Cybercrime doesn’t occur only on the dark web. Although IT professionals have taken steps to migrate users to high-assurance identity credentials such as Public Key Infrastructure (PKI)-based tokens, a large percentage of enterprise applications and an even larger percentage of external resources or services still rely on usernames and passwords. With a new push to zero trust, the time to enable applications to support multi-factor authentication is here. Reengineering each application to support modern authenticators is not a scalable approach. Instead, an authentication gateway, as prescribed by OMB Memo 22-09, future-proofs the application against the rapid pace of change driven by the current evolution of digital authenticators. IdentityManager functions as an authentication gateway that hosts a digital wallet of credentials for the user. It allows the application to set the minimum strength of authentication. The user can then mix and match their credentials in any way they choose from any of their devices.

IdentityManager takes passwords completely out of the equation and allows employees and contractors to access both enterprise and third-party applications and software with whatever strong credentials they have been issued. Additionally, the platform lets organizations’ system administrators differentiate authentication strength policy based on user roles. IdentityManager then ensures that the authentication policy is met as it automatically and seamlessly validates users.

The platform is flexible and secure. It works with any Internet-facing web application that supports OpenID Connect/OAuth2, and it validates a variety of strong authenticators, including PIV, Derived PIV, PIV-I, CAC, OTP to mobile, and FIDO-2. As an operator of a bridge certification authority (CA) cross-certified with the Federal Bridge, CertiPath has vast experience in supporting all types of Public Key Infrastructure authentication. The company dug deeply into OAuth2, OpenID Connect, FIDO, and FIDO2 and realized that what was missing was a way to tie those landscapes and tools together. IdentityManager was created to fulfill that need. Strong authentication has never before been so easy. It is now a service with IdentityManager.

Can We Make PKI Authentication Better? You Bet!

IdentityManager leverages TrustMonitor®, which helps maintain network security by continuously monitoring PKI distribution points in any given trust fabric. In real time, TrustMonitor verifies the validity and integrity of CAs and the status of Certificate Revocation Lists and Online Certificate Status Protocol responders. It safeguards certificate relationships and ensures that CAs are available to provide current and accurate validation information.