Access Management

We provide comprehensive services for your authentication, authorisation and SOA security needs

We have an extensive and in-depth knowledge of the Access Management space with experienced consultants who have been delivering this capability to our clients for over 10 years.

Our knowledge of Access Management helps our clients to create tailored solutions that meet their needs and requirements by providing highly secure and controlled access to business systems, including BYOD, while minimising the impact on end users and customers.

Our differentiators

  • In-depth architectural, design and technical expertise across the spectrum of Access Management
  • KeyVault, our own multi-factor authentication service
  • Detailed understanding of SOA and API security throughout the enterprise and across organisational boundaries
  • Expert knowledge developed from small, medium and large scale access management solutions built around the world

Web, Mobile and Adaptive access management

Web access management

Web Access Management is about restricting access to web based content, whether within an enterprise or for your customers. It provides a level of security and control over your protected assets using authentication to identify a user, and authorisation to validate that a user is allowed to access the content they have requested.

Adaptive access management

Adaptive Access Management extends this by providing real-time controls based on dynamic transaction context, along with metadata around the user’s client, including device fingerprinting and location, to provide real time fraud analysis and control. Using Adaptive Access Management, high risk transactions can be blocked, alerting fraud operators to investigate the suspect transactions. For medium risk transactions additional re-authentication can be introduced, including processes such as an out of band one time password authentication.

Mobile access management

Mobile Access Management assists in extending the web based access control to mobile clients, which is useful for both customer and internal applications, given the rise of BYOD in recent times. Enterprise services can be virtualised as identity aware REST based services, externalising authentication and session management from mobile application developers while providing a secure authenticated session integrated with the enterprise IAM systems.

We have extensive knowledge in authentication, authorisation and administration services across a range of web, mobile and adaptive access management technologies. This experience helps our clients deliver authentication and authorisation services that provide a light touch for end users and customers while meeting industry and Government standards for security (including the Australian Government's Department of Defence Information Security Manual (ISM) and the ISO27000 series).

Federation and social login

Federation is a capability that allows organisations to share their services, such as web content, with other organisations whilst providing their end customers with a seamless user experience. Federation allows an organisation to confirm a customer's identity and then allow its service providers to leverage this confirmed identity when exposing services to customers, without requiring the customer to authenticate again.

Additionally, customers and corporate users can be allowed to login to the organisation using credentials from a trusted third party. Using technologies such as OpenID and OAuth, customers can authenticate using credentials from social websites such as Facebook and Google, allowing a seamless user experience to access low trust content.

We have in-depth knowledge of all of the key federation standards and protocols, including:

  • SAML
  • WS-Federation
  • OpenID
  • OAuth and
  • Shibboleth.

We provide expert assistance in architecting, designing and implementing solutions that make it easier for our clients to interact with their business partners, whilst providing a seamless end user experience.

Entitlements management

Entitlements Management allows an organisation to manage the entitlements or privileges that a user has to an application or applications. This increases the security of applications by restricting a user's access and providing them with what is known as “least privilege” access.

Applications with managed entitlements will externalise their authorisation to a central, policy-based, authorisation server. This allows both a separation of application logic from corporate authorisation policies, and changes to authorisation policy without modification to live applications.

Our team understands how to apply Entitlements Management for custom web applications, as well as applying Entitlements Management across an organisation's set of applications. Our clients benefit from our experience in providing a holistic approach to managing a user's entitlements or privileges.

API and SOA security

API and SOA Security is about securing your system-to-system transactions, whether within your organisation or across your network boundaries and into the cloud. API Security assists an organisation to securely link enterprise applications with services provided by other organisations, mobile devices and cloud services.

We have an in-depth knowledge of API and SOA Security and how this can be used to enable organisations to leverage APIs or services across network boundaries, in a secure and controlled way. Our end-to-end approach means that we are able to help our clients apply security to communications in a seamless and non-intrusive way.