10.1 Overview

Traditional access management solutions are limited to control and manage employees’ access within an organization. Organizations now provide more services online, and thus the online presence of external stakeholders (consumers and partners) is growing. They are required to manage these stakeholders efficiently. However, organizations face many challenges in managing identity of consumers and partners and their access to services.

The following are some areas where most of the organizations face challenges:

  • Ensuring a secure access because a username and password combination, or traditional password based security has numerous vulnerabilities. Therefore, for secure access to services, organization requires additional mechanisms.

  • Authenticating consumers based on federated protocols due to increase in the number of cloud-based services and Software-as-a-Service (SaaS) delivery models.

  • Authenticating consumers based on their social media credentials.

  • Providing seamless experiences across devices.

  • Managing consumers’ details.

  • Providing protection and privacy to consumers’ identity and personal information.

To overcome these challenges, Access Manager provides the following business-to-consumer (B2C) access management capabilities:

User-driven functionalities: To enable users to perform self-registration and manage their devices and applications without administrative intervention.

Better user experience: To enable seamless access to applications from anywhere and from any device.

Intelligent and secure authentication mechanism: To provide a secure access to users by using methods such as risk-based authentication, identity proofing-email verification, device fingerprinting, and multi-factor authentication.

Social authentication: To grant access based on users’ social media identity to reduce their overhead of managing multiple accounts, and for just-in-time provisioning.

APIs: To enable better integration with applications, Access Manager provides APIs. These APIs enable programmatic interfaces to access administration and user data.

Data privacy: To ensure privacy of users’ data by asking their consent and enabling them to select the information they want to share.

End user data control: To enable users to view, manage, and delete their applications and devices. It also enables users to manage their profile.

Access Manager User Portal is enhanced to support Business to Consumer access management capabilities. To provide B2C access management capabilities, Access Manager integrates with the following products:

  • NetIQ Self Service Password Reset: To enable customers and partners perform self-registration and to provide end user data control, such as change password and modify profile details.

  • NetIQ Advanced Authentication:To use the multi-factor authentication capability when a user tries to log in from an untrusted device.

The following diagram illustrates a common set of B2C access management capabilities of Access Manager. The capabilities are presented in a broken line box.