website header 2_edited_edited.png

Identity Data Store &
Virtual Directory

It's 10PM, do you know where your identities are?
unsplash-ciN8mnrlvFY_edited.jpg

 

Identity And Access Solutions implements and secures directories and databases for storing and making identity info available. Whether it is a virtual directory model comprised of multiple views or individual authoritative stores and/or systems of record, we will discover, define, and secure the records that comprise your identity data.

We implement identity data management solutions that can act as an identity repository (Identity Data Store) where information about users/entities and groups in an organization is stored. The solutions implemented for user/entity profiles can contain data such as a first name, a last name, a phone number, group membership, an e-mail address, or any number of attributes that suits your organization’s specific requirements.

We can also centralize the non-employee user identities whose access rights generally receive little monitoring or auditing because they are spread across an organization. These non-employees would include consultants, contractors, vendors, interns, vendors, non-badged account holders, and temporary workers.

Identity Data Store Component Terminology

IDENTITY DATA STORE

Provides a singular resource for searching and viewing profile information for enterprise users and entities as well as consumers and/or customers. The Identity Data Store is a central service that holds all important identity and entitlement data for your organization and services requests for information that empower real time communications and decisions for access control and business actions.

VIRTUAL DIRECTORY

Provides for a consolidated view of user identity and related information without having to migrate users into a single enterprise directory infrastructure. It serves as a lightweight service that operates between identity consumers and the various identity repositories across the environment. These identity repositories can be LDAP directories, databases, or even web services and access to information can be either served through the virtual directory as a proxy or correlated and cached through a complex set of rules. The analogy is that a Virtual Directory is a one-stop shop for everything you need to know about your users and their associated data and attributes. 

LDAP DIRECTORY

Provides a source of identity accessible through a standard protocol, LDAP; also provides a repository for authentication credentials and authorization data such as group memberships.

DATA SYNCHRONIZATION

Provides automated, high-throughput services to move data between directories or databases while applying attribute mappings and transformation rules.

POLICY STORE

Provides a repository for rules and policy definitions, typically required by access management services.