EmpowerID - Combining Intelligence with Web and SAML SSO

Posted by Chris Hayes on Wed, Apr 01, 2015

RBAC ABAC SSO resized 600

Everyone's heard of Single Sign On or SSO.  By helping your end users get through their day, it allows them to first validate their enterprise identity and then seamlessly get into all of their enterprise applications.

The ugly secret of the SSO landscape is the lack of any real access control.  If you need to provide access to an application like Salesforce you have to add them into an Active Directory group.  That is simply not something that scales and will instantly become an administrative burden.  Let's not even get into what happens when that person moves to a new department, are you really going and removing them from the groups they shouldn't have access to anymore?

EmpowerID has created the world's first integrated Role Based Access Control (RBAC) and SSO mechanism that allows you to assign resources like salesforce.com to a business role not a group.  This gives you unprecedented flexibility to assign resources to things like SharePoint, Salesforce or whatever the application is.

BusinessRole

With EmpowerID you can assign resources to specific roles, like the example above where bank tellers in will be part of different active director groups but they can all be assigned the "Teller Business Role" and as such be allowed to access common resources for that role.  We've made it simple for you as an administrator too, manage these rules right through the EmpowerID WebAdmin console like you see below.

Easily assign a resource to a role

Reach out and we can walk you through how to add intelligence into your SSO engine today.

Request a Demo

Tags: WS-Fed, RBAC, Federation, Access Governance, SSO