Centralized Management of Access-Control Policies Will Enable Seamless, Secure and Compliant Customer Journeys
Janrain®, the company that pioneered the Customer Identity and Access Management (CIAM) category, announced that it has entered into an exclusive partnership agreement with leading authorization solutions provider Symphonic Software to jointly develop and deliver the most advanced CIAM policy management capability. This new offering is now part of the Janrain Identity Cloud® providing brands with complete flexibility and control of their consumer identity policy management. From Janrain’s Identity Console for enterprises, companies can now create, manage and enforce fine-grained business rules around consumer identity across the entire enterprise—any identity, any application, on any device, in any region of the world. Janrain’s Advanced Policy Manager will reduce policy management costs and offer significantly greater ease of use by providing a far more nuanced control over access than has ever been previously possible.
Centralized and Abstracted Access Management
Access authorization is typically fragmented and distributed across multiple functions within an enterprise, hard-coded into various local applications and implemented using a variety of non-standard techniques and technologies. This disjointed approach makes policy changes cumbersome, costly to implement, hard to document or audit and, most importantly, unsecure and error-prone.
With the Janrain Advanced Policy Manager, brands can easily create and manage business rules that define who is authorized to access a particular website, mobile application, IP-connected device or a specific resource or product, and under what conditions. For example, from one central point, companies can now control and govern the rules for consumer access to content behind paywalls and restrict access based on age group, user type, region or similar criteria.
Advanced Policy Manager makes it easy and intuitive to define and administer access control for both technical and non-technical users while allowing rules at any level of granularity. Policy management is centralized and abstracted from underlying applications, allowing developers to rapidly modernize legacy apps and/or build new digital applications without managing policy. A cloud-based “Decision as a Service” for authorization requests separates access control from the application stack and reduces effort and cost in the development and maintenance process.
As a result, there is a clear single view for authorization logic, regardless of the number of applications involved. With all access rules in one place, businesses can illustrate their compliance with regulatory requirements or industry standards, such as the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS) or Service Organizational Controls (SOC).
Designed for large scale, Janrain’s Advanced Policy Manager validates end-user requests for access against defined rules and determines whether they should be accepted or denied in a matter of milliseconds. For modern digital applications, it is not enough to authenticate customers’ identities; brands must also determine whether they are authorized to use certain services or access certain data.
GDPR, Digital Transformation and IoT Demand Detailed Yet Simpler Policy Management
The number of complex access rules is expected to accelerate as customers increasingly access digital products and services from a growing number of IoT touch points. In addition, the need for the secure and granular policy enforcement enabled by the work of Janrain and Symphonic Software will intensify once GDPR goes into effect in May of 2018. GDPR will require complex access rules along the lines of how customers specifically consent to use their personally identifiable information (PII).
“Symphonic Software has done revolutionary work in developing a secure trust and governance platform, enabling highly sensitive data to be shared between organizations and sectors, and across all technology platforms. Coupled with Janrain’s data-centric customer identity directory and scoped data access technology, this joint development accelerates our product roadmap, allowing us to continue to stay well ahead of GDPR requirements. It is absolutely critical that today’s multinational brands arm themselves with the ability to secure their customer’s data in a frictionless customer experience. Accelerating digital transformation and application modernization projects will not only require new mobile development frameworks and advanced enterprise service bus technologies but also centralized access control. This is a key building block for any global player in the digital world,” said Jim Kaskade, CEO of Janrain.
“The seamless integration of Symphonic Software’s trusted access governance technology into the Janrain Identity Cloud creates the perfect framework for true large-scale CIAM. It gives enterprises full control over who can do what on their digital properties. Both companies have been focused on providing end users with the assurance that their data is being protected and with the ultimate control over how their data is being used. Combining our efforts is going to make access management transparent, auditable and cost-efficient across the entire business—a need shared by Global 1,000 enterprises,” said Derick James, CEO of Symphonic Software.