Cloud-based Identity and Access Management (IAM)
Entrust Identity as a Service (IDaaS) enables trusted identities for workforces, consumers, and citizens so they can engage securely and seamlessly with your organisation. The Intelligent IAM platform lets you implement a Zero Trust approach, providing user authentication, authorisation, and access control to the right resources anytime anywhere.
93% of Entrust’s customers state that they would recommend Entrust Identity to others. 91% rate Entrust Identity’s after purchase support as valuable to their organisation.
One Platform for All IAM Needs
Best-in-class multi-factor authentication (MFA)
- Support for an unrivalled number of authenticators and use cases.
High assurance credential-based access
- Option to use digital certificates for a higher level of security via mobile app or hard token/USB key.
Single sign-on (SSO)
- One set of credentials to securely access any app (cloud or on-premises), while also making it easy for IT teams to securely manage user credentials. Entrust Identity as a Service federates with cloud apps via standards like SAML and OIDC.
- Credential-based/FIDO-compliant passwordless access with SSO for high assurance workforce use cases. Passwordless options for consumers including using smartphone biometrics or FIDO tokens with BYODS.
- Unify user registration via IDaaS and/or third-party identity providers (IDPs) including social logins to simplify authentication and authorisation across multiple IDPs. This is especially critical in hybrid/multi-cloud environments.
Authorisation and access management
- Leverage build-in role-based access control (RBAC) to apply privileges that conform to a person’s role versus establishing and managing user permissions individually. Map directory groups (AB or any LDAP source) to roles easily to ensure secure access to any of your privilege cloud applications.
- Secure your digital ecosystem with OAuth 2.0/2.1 contextual authorisation and access controls and integrated OIDC-based user authentication.
Embedded device app authentication and authorisation
- Provide input-constrained devices with IDaaS’ device authorisation flow so they can be easily authenticated and authorised.
Adaptive risk-based access and authentication
- Apply contextual authentication with a step-up user challenge only when conditions warrant, like a user logging in for the first time from a new device, or at an abnormal time of day or from a different geolocation.
Email and file encryption, document signing
- Enterprise mobility management (EMM) vendor integrations including Microsoft, IBM, MobileIron and VMware support secure workplace communications with email encryption, file encryption, and document signing.
- Optional integration to support self-service digital identity verification for fast, secure remote onboarding of consumers, citizens, or employees.
Fraud detection and prevention
- Non-intrusively detect user behavioural and environment anomalies while protecting consumers from credential-stealing attacks, impersonation attacks, and computer/session takeover attacks.
- Ensure secure access to consumer and partner portals
Self-service password resets
- Have users securely reset their own passwords, meaning no downtime and no IT overhead.
Off-the-shelf integrations, APIs, and developer toolkits
- Take advantage of SAML and OIDC for identity federation, RESTful APIs, and a comprehensive life of available integrations. Embed digital identity directly into your applications and brand as your own if desired with our mobile DSK. Develop your own passwordless and document signing applications with our mobile smart credential (MSC) SDK.
Available as a managed service
- Opt to deploy IDaaS in the cloud yourself or as a managed service by working with one of our certified Managed Service Provider (MSP) partners.
Article Credit: https://www.entrust.com/-/media/documentation/datasheets/entrust-identity-as-a-service-ss.pdf