Access Management

Control your access!

Share:

AM Offer

The opening of the enterprise to the Internet with the advent of Cloud services accessible to all, the generalization of telecommuting, the opening of application access to external populations such as partners or customers, the deployment of modern application architectures based on APIs and microservices, the digitization of banking services and the new DSP2 directives are all challenges for the security of logical access.

How can you control access (applications, data, APIs, etc.) in the face of these new challenges, while offering users a simple, fluid and comfortable experience? Synetis, through its Access Management offer, brings you all the expertise of its team of specialists to help you answer this question, in your context and with your specificities.

Access Management

Improved user experience and security

User experience and security are often at odds with each other, as increasing one is often at the expense of the other. However, modernAccess Management solutions offer many features that improve both aspects simultaneously:

One authentication to access all applications is the promise of SSO. The implementation of such functionality can be based on multiple approaches: e-SSO, Web SSO, identity federation (SAML2, OpenID Connect, WS-*, etc.) that can be combined to meet different needs. Deploying an SSO solution, by reducing the number of passwords, allows to reinforce access security while improving the user experience.

While it fully participates in the implementation of an SSO, identity federation also enables authentication and access to the company's SaaS services (OAuth) to be controlled. Authentication to these services is delegated to the Access Management solution, which ensures that the security rules required to authorize access to the requested service are applied.

It allows theend-user to be autonomous in case of loss or forget of his password and thus considerably relieves the support teams in charge of assisting users facing this type of difficulty. This feature also allows to set up a password policy to reinforce access security.

It offers usersenhanced authentication methods (certificates, biometrics, etc.) for a better level of security while making the user experience more fluid.

It allows to reinforce security during authentication by using a second factor (OTP by SMS, push on a mobile application, FIDO2 key, etc.) and thus guarantees the validity of the authentication provided by the user.

It allows to define a risk-based access strategy, which allows to require from the user a more or less strong level of authentication (second factor, certificate, etc.) depending on the estimated risk for the requested access. This risk can be linked to different metrics - such as the network and geographic origin of the request, the type of terminal used for access, the criticality of the resource accessed, the time and date of the request, etc.

Access security for API and microservices back-end

Modern application architectures rely heavily on APIs and microservices. These endpoints, which expose sometimes critical data, must imperatively be secured.

Compliance with PSD2 directive

Driven by the PSD2 directive, the security and interoperability of online banking services is changing: no more OTPs via SMS, which are considered insufficiently secure for this type of transaction.

Through standard protocols (OpenID Connect and OAuth2), multi-factor authentication and consent management features, Access Management solutions address all these issues.

Zero Trust Strategy

Nomadism and telecommuting are becoming more and more frequent in the business world, the widespread use of Cloud services, the opening of access to certain resources to partners (B2B, B2C, outsourcers, etc.) weaken the security of systems. In such a context, access is never completely trustworthy.

A "Zero Trust" strategy ensures that, regardless of the context in which the user attempts to access a resource, the validity of that request will have been checked through an appropriate and reliable authentication process.

Governance / Audit and Compliance

From an auditability and compliance perspective, governance offers several approaches:
All the actions carried out on accounts and rights are traced, allowing the use of standard reports or the construction of a specific reporting.
By defining a risk level for the different rights available, it is possible to target controls on users at risk.
In order to ensure that the requested and approved rights correspond to the actual rights in the target systems, it is possible to set up automatic comparisons between these two states.
To ensure that the rights of a user are always in line with his activity, regular certification campaigns of the rights are possible, for example via the line manager or the resource owner.

Access Management at Synetis

More than 45 consultants dedicated to Access Management with an average experience of more than 5 years in the field of cyber security;

More than 8 active partnerships with major market players (Microsoft, Ilex International, InWebo, Okta, Ping Identity, CyberArk, Wallix / Trustelem, Yubico) and a real expertise with other software vendors such as ForgeRock, Microsoft, OneLogin, etc. ;

Over 20 publisher certifications acquired;

More than 65 projects in progress as of 01/08/2022 - including 40+ new projects in 2022 - of all sizes (from about 10 days to more than 250 days) and of all types (scoping, audit, integration, TMA, CDS), with a commitment to results (fixed price) or to means (contracting).

Protection and monitoring of

Our Digital Identity experts
answer your questions