From role model
and Single Sign-On to DMS
Check out bi-Cube’s functionality!
SecuIAM – sophisticated, flexible, modular
SecuIAM is well-known as a flexible IT solution providing a wide range of IAM and non-IAM functionality. Its modular structure makes it easy to integrate into existing customer systems. In addition, SecuIAM is highly adaptable to individual customer requirements. With its many optional add-ons such as absence management, Single Sign-On, pool resources and team space, to name just a few, SecuIAM goes well beyond the usual functionality of an IAM. You can find out about the various SecuIAM solutions here. If you can’t see the functions you require or if you have any questions, we will be happy to advise you.
Customer Identity and Access Management (C-IAM)
A C-IAM is a simplified form of Identity and Access Management system. Its main focus is the management of identities, along with access control and software security. Customer Identity and Access Management systems are generally intended for high numbers of users, even into the millions.
As the name suggests, the system is provided in a business-to-consumer environment. The simplest form of C-IAM mainly focuses on the registration and logon processes giving users access to the various business applications. As a sophisticated IAM, SecuIAM fully meets the requirements of a Customer Identity and Access system.
IT Service ManagementIT Service Management (ITSM) refers to services that simplify the interactions between business processes and your IT department. ITSM should allow the user to act independently within the corporate IT environment, within defined limits. This might involve admin-relevant request processes or the automation of processes. The aim is to reduce dependence on the IT department, give users more freedom, and reduce time and effort. SecuIAM supports the interaction between users and the corporate IT department in a number of different ways. For instance, its request process for virtual machines, whether in-house or in Azure AD, and its automated employee entry and employee exit processes all come under the heading of ITSM.
Manage your documentsSecuIAM can also be used as a Document Management System (DMS). Documents can be made available securely and transparently, depending on the context and the users’ permissions. Documents can be downloaded, checked out and checked in, and be assigned to individual users, role-holders, members of specific organizational units, or project teams. Each document can be given a security classification, a document type, an expiry date and more. It is also possible to view its history, showing who modified and/or re-released the document, and when. The uploaded document can also be assigned to a system in the form of a policy; this is then re-distributed to users of the system at regular, configurable intervals for reconfirmation.
SecuIAM also handles aspects of asset managementAn asset management system is a type of software that assists in the management of capital assets and material goods in IT facilities. SecuIAM’s equipment management function makes it possible to manage resources such as mobile phones, parking spaces, notebooks and more. These items can be made subject to approval as part of a request process. These requests are sent to holders of a specified role for their approval and for the requested item to be issued. On expiry of the time period specified in the request, or if the employee leaves the company, a process reminding the user to return the equipment is started.
One logon is enough!Staff in larger enterprises often need a whole host of different passwords for the various systems they need to access in the course of their daily work. And – a nightmare for security! – they often write these passwords down somewhere. In the worst case scenario, notes with the passwords on them are left where other people can find them. It doesn’t have to be like this! With Single Sign-On (SSO), users just need to logon once, to the operating system, and after that all the applications they need are made available to them without any need to logon to each one individually. Passwords for the connected systems are changed regularly in the background, thus increasing systems security without users even noticing. SecuIAM SSO can be supplemented with dual authentication using either a token or biometrics. More about dual authentication
Analyze, optimize and create system rolesRole Mining is an optional SecuIAM add-on that analyzes system roles on the basis of a range of specified criteria. This usually results in a new role suggestion that can then be stored in the database. With Role Mining it is also possible to identify similar system roles with similar permissions, thus avoiding role duplication and proliferation.
Absence requestsAbsence management in SecuIAM takes the form of a request mask. Users can request an absence for themselves or, if they have the necessary permissions, someone else. The dates, whether individual days or longer periods of time, are selected from a calendar. There is a comment field where an explanation can be entered for the approver’s information. Once the request has been submitted, the responsible manager is notified by email and can then go to the Task Manager in the SecuIAM Web Portal and either approve or refuse the request, or delegate it to someone else to deal with.
Pool resource service in SecuIAMSecuIAM makes it possible to request and manage pool resources. These might include AD filespaces, Exchange mail groups or SharePoint, for example. The user simply goes to the SecuIAM Web Portal to access the request mask and/or admin interface of the pool resources for which he or she is the owner.
Filespace for teamsFor an effective project team, especially if its members are in different locations, a data exchange platform is absolutely indispensable. SecuIAM not only lets you create and manage dedicated team roles, but can also provide these teams with filespaces, set a team expiry date, supply team documents, etc.
Forgot your password?SecuIAM Password Self-Service allows users to reset their own password if they have forgotten their current one. Once they have identified themselves to the relevant working environment, they can have the system generate a new password for them, which will be sent to the email address or mobile phone number stored in the system. Security can be further enhanced by requiring answers to a number of security questions previously selected by the user. The user logs on with the new password supplied, and can then change it to something else.
- Fewer requests mean reduced User Help Desk workload
- Fast password changes and less downtime
- Increased security