GlobalSign Building Its Identity and Access Management Portfolio

Known as an SSL/TLS Certificate Authority vendor, GlobalSign is expanding its scope with its new IAM-Easy product.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

identity and access management

GlobalSign is building up its identity and access management (IAM) portfolio with a new IAM-Easy product offering. GlobalSign, perhaps best known as a Secure Sockets Layer/Transport Layer Security (SSL/TLS) Certificate Authority (CA), has expanded in recent months.

In September 2014, GlobalSign acquired IAM software developer Ubisecure, where the roots of the IAM-Easy product are found.

The IAM-Easy product is a new deployment methodology for components of the former Ubisecure identity relationship and access management (IRAM) suite, explained Kari Nousiainen, product manager for GlobalSign. IAM-Easy includes GlobalSign's CustomerID and single sign-on (SSO) products in a preconfigured best practices deployment model, he added.

To help accelerate deployment, key processes, such as how to enroll new users, automate role approval based on CRM information and how to manage roles to provided services, are all predefined, Nousiainen said.

Getting IAM-Easy up and running isn't a typical wizard-driven process.

Simon Wood, GlobalSign CTO, explained that IAM-Easy is designed to be integrated into the end-customer environment, either by the customer or via a system integrator. "As such, the system configuration is richer and more precise than can be efficiently supported by a traditional wizard-type approach," Wood told eWEEK. "IAM-Easy provides a library of preconfigured templates that enable the rapid addition of complex functionality, such as workflow, process and group management."

The standardized configurations reduce deployment time while still giving the depth of capability required for today's IRAM scenarios, Wood said.

There is also a tie-in to GlobalSign's CA business for IAM-Easy. GlobalSign's ePKI (or enterprise public key infrastructure) can be used for strong authentication for Web single sign-on, Nousiainen said.

In the modern enterprise landscape, organizations need to be able to handle identity management for applications that are on-premise as well as those that reside in the cloud. IAM-Easy provides support for typical Web SSO standards, including SAML 2.0, OpenID, OAuth 2.0 (as a client) and WS-Federation (active requestor profile), Nousiainen said.

A key part of modern access is also compliance, he said. "The product creates comprehensive audit log entries to help to meet most stringent auditing requirements. Audit logs can be imported into third-party SIEM [security information and event management] systems.

GlobalSign plans to further advance IAM-Easy in the months ahead. There will likely be even more convergence between GlobalSign's software-as-a-service PKI and IAM capabilities, Wood said.

The direction for GlobalSign is to begin to develop an Internet of things (IoT) identity services ecosystem to authenticate people, devices, gateways, things, services and applications, as well as manage authorization and access among the various entities within a single framework in a highly scalable method, Wood said.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.