Extend OneLogin with Intelligent Identity Management and Governance

Saviynt + Microsoft

TWO SOLUTIONS. DOUBLE THE PROTECTION.

Given that identity is the new attack vector, it’s not enough to simply enable Single Sign-On (SSO) or Multi-Factor Authentication (MFA) for cloud and enterprise applications. Organizations need a contextual, risk-driven Identity Governance & Administration (IGA) solution to effectively manage security and meet compliance requirements. As a cloud-native solution, Saviynt extends OneLogin deployments by providing intelligent identity and other enhancements, including:

  • Complete user lifecycle management to ensure that access permissions are current
  • A risk-based access request system that prevents excessive, conflicting access
  • Micro-certifications with risk intelligence to avoid rubber stamping of access credentials

In addition, Saviynt provides a wealth of additional Intelligent Identity features to further solidify enterprise security:

  • Fine-grained entitlement access and administration
  • Out-of-box Segregation of Duties (SOD) rulesets
  • Enhancements to conditional access based on application access risk
  • Seamless integration with cloud IaaS and applications for cloud privileged account management

FEATURES

  • Provisioning and de-provisioning of access with fine-grained entitlements
  • Automated privilege assignments based on roles and attributes (RBAC and ABAC)
  • Risk-based access certification
  • Deep integration with enterprise and cloud applications
  • Out-of-box security controls
  • SOD Management
  • Role engineering and management
  • Privileged Access Management for on-premise and cloud environments (CloudPAM)

EASY, SEAMLESS INTEGRATION WITH ANALYTICS

It just takes a few clicks to seamlessly enable access governance and enforce security policies for OneLogin connected applications:

  • The Saviynt connector for OneLogin brings accounts and entitlements into the Saviynt Identity Warehouse. Application owners can then perform various functions and create a catalog for requesting access, add a glossary and derive application roles for automated provisioning.
  • The Saviynt drag-n-drop workflow editor allows business analysts to design complex processes tailored for any business requirement.
  • Our Intelligent Identity out-of-box enterprise workflow dynamically alters its behavior based on several factors, including risk and multiple HRMS attributes, to name a few. This reduces up to 80% of workflows, compared to traditional IGA platforms.
  • Single-pane-view to “Who has access to what?” and “What are they doing with that access?”
  • Usage and audit analytics enhance the capabilities of life-cycle management: role mining, identifying actual vs. potential SOD (segregation of duties) violations, user behavior and continuous controls monitoring, and more. This ensures appropriate prioritization of significant risks and optimize use of IGA resources.

COMPREHENSIVE SOD MANAGEMENT

A robust risk management platform is the cornerstone of Saviynt’s next-gen IAG solution. With over 200+ SOD rule sets across industry domains such as financial services, healthcare, and IT security controls, Saviynt helps organizations realize their governance, risk, security and compliance goals.

The platform supports both preventive and detective SOD simulation and validation. The Saviynt SOD remediation recommendations workbench is one of the most advanced in the industry. The SOD workbench not only performs user to role analysis, but also role to entitlement analysis to remediate any roles with inherent SODs, and accelerate the remediation phase. In addition, Saviynt integrates Intelligent Identity usage analytics to identify actual violations that have been acted upon by users, vs. potential SOD violations in order to prioritize remediation measures appropriately.

With its ability to understand hierarchical entitlements within applications, Saviynt can perform SOD analysis across both coarse- and fine-grained entitlements for effective security within a single app, as well as within cross-apps, for identity management.