Developer’s Guide to SecureAuth Identity Store, privacy-focused cloud directory

Dusan Vitek
Director, Product Marketing
May 25, 2021

Get the latest from the SecureAuth Blog

Most developers are not experts on privacy laws and should not have to design databases around these legal requirements. So, our objective with the SecureAuth Identity Store, our new cloud directory service, was to remove this challenge and headache from the developers’ desk.

Effectively managing users – and more importantly their identities – is essential for organizations in every industry. The ability to ensure the right users regardless of their role or connection with a business are securely accessing systems, applications, and data is critical to safeguard privacy and security concerns.

We developed SecureAuth Identity Store to help our customers address and solve the challenge of managing users that are highly important to the business but not core users, or better put – not employees. Many organizations utilize Active Directory to manage their employees. But most would prefer to not use AD to manage non-core users such as contractors, partners, or customers. When we looked at the market to investigate the options available, we identified a significant gap in how many of the existing directories handle privacy. In fact, we didn’t see much out there at all.

Privacy-driven design of user directory

So, we decided privacy would be the primary focus for our cloud directory. We understand the challenges and know it’s extremely complex for organizations to manage a global set of users with differing expectations and privacy requirements. GDPR, German privacy laws, the California Consumer Privacy Act, as well as the Right to be forgotten are impactful and help to improve data privacy. However, these measures also create challenges for engineering and business teams. Most developers are not experts on privacy laws and should not have to design databases around these legal requirements. So, our objective with the Identity Store was to remove this challenge and headache from the developers’ desk.

The approach we took was to develop a purpose-built privacy focused user directory, by developers for developers. A service lightweight by design and provided via SaaS. Because we are not working strictly with IT departments, we see directories being deployed for business functions that support customers such as customer facing apps or portals. Seasonal workers, volunteers, suppliers, and one-time contractors must also be effectively managed and supported with a secure identity management solution that is easy to administer and simple to use. Ultimately, we knew the cloud directory must delight developers to be a successful.

What’s wrong with managing non-core workforce and CIAM users in Active Directory?

Introducing SecureAuth Identity Store – a lightweight cloud directory

The reality is not all identities an organization must manage are the same. Each user is important and requires consideration with respect to policies, entitlements, access, and experience. But does it make sense to allocate the same resources to manage core and non-core identities.

This is not just about leading IAM vendors working strictly with IT departments. We see directories being deployed for business functions that support global customers such as customer facing apps or portals. Similarly, every company has a responsibility to manage and support seasonal workers, volunteers, suppliers, and one-time contractors. These temporary identities also require an inexpensive IAM solution for setups where workers need limited access for a limited time.

Sure, there’s always Microsoft Active Directory or Azure Active Directory – a heavyweight solution with significant management and licensing costs. While good for many core workforce applications, it frequently proves too complex for customer user accounts and temp employees.

The new SecureAuth Identity Store, a ready-to-go SaaS directory solution, aims to fix how these non-core identities access mission critical applications, services, and data. The goal is to help large-scale organizations to ensure on-going business operations and growth.

SecureAuth Identity Store is available as a standalone subscription with one of three optional SecureAuth adaptive authentication and smart MFA subscriptions.

Securing and Enabling Non-Core Identities

The SecureAuth Identity Store delivers robust functionality, scalability, and security enterprise organizations require to securely manage, enable, and protect non-core identities. The Identity Store simplifies non-core identity management without sacrificing security, forfeiting privacy, or impacting the user experience. The Identity Store removes the headaches and expenses related to managing non-core identities via a traditional Active Directory-based identity management solution. Whether you’re managing customers, contractors, seasonal-workers, or partner identities, the SecureAuth Identity Store is a flexible, scalable, and highly secure cloud- based identity management solution purpose built to meet the diverse use cases of your organization.

The SecureAuth Identity Store provides a robust identity management solution full of powerful features and insightful functionality to meet the needs and expectations of users and administrators. Businesses can quickly provision users from their existing Active Directory, SQL, or LDAP user databases as well as upload users and their profiles via a CSV file. Administrators can manage policies from security to entitlement to streamline on-boarding as well as off-boarding. Users, and in particular customers, have self-service tools to manage their profile and privacy, provision authenticators, reset or change passwords, and initiate the deletion of their records.

The SecureAuth cloud directory service provides an efficient, secure, and dynamic platform to effectively manage the identities organizations would rather not merge with core employee identities.

End-to-end privacy management within cloud directory

The following is a partial list of user directory features available with the SecureAuth cloud directory:

  • Secure protection of sensitive data and PII (Personably Identifiable Information)
  • The Right-to-be-Forgotten
  • Ability to create an account based on external/existing social identities
  • Define consent information for users before granting access
  • Ability to programmatically create, retrieve, update, delete identities via SCIM
  • Bulk import of known identities via CSV
  • Ability for administrators to define the password policy for users
  • Ability for a user to modify attributes via a self-service portal
  • Comprehensive reporting
  • Data encryption in every state
  • Multi-factor authentication and Adaptive Authentication
  • Synchronize identity entitlements between on-premises and cloud services
  • Ability to associate resources to roles for entitlement assignment
  • Running in AWS US and AWS EU regions

Seamless Identity Management within Privacy-Driven Cloud Directory

The SecureAuth Identity Store is a modern identity management solution designed to integrate seamlessly with your existing enterprise environment. Think about this: high-performance REST APIs, Postman Collections, standards-based protocols, Active Directory integration for identity migration, Right-to-be-Forgotten, multi-factor authentication. SecureAuth SaaS directory simply connects to your existing enterprise environment to enable all of your non-core identities.

Excellent admin interface lets IAM professionals manage every identity throughout the user lifecycle with a high level of granular control. The side benefit is complete visibility to meet governance requirements such as GDPR or CCPA. Standard protocol and API support allows any system or application to quickly retrieve identity and profile data when needed. Self-service tools let your users manage their PII, creating a first-class user experience.

The Identity Store helps enterprise organizations gain (administrative, lifecycle, cost-effective) complete control of the thousands to millions of non-core identities actively accessing resources daily. Regardless of the user-identities’ role and their associated entitlements, the Identity Store provides a cloud-based identity management solution at scale to empower enterprise organizations to effectively manage and secure all non-core identities accessing systems, applications, and data in your enterprise ecosystem.

Continue reading
SecureAuth Identity Store homepage
Blog: Five Steps to Take to Achieve GDPR Compliance
Blog: Authentication and GDPR: Covering the Bases
eBook: GDPR: What you need to know and how authentication fits in
5 Practical Steps for GDPR Preparation

Related Stories

Pin It on Pinterest

Share This