Enquiry Form

The Identity Management Centre (IMC)

A complete Authentication Management framework

At the heart of the Secure Authentication Service is the Identity Management Centre (IMC):  the web management portal through which every administrator and end user interacts with the Service. 

The IMC creates a complete framework of policies, processes, administrator roles, device logistics and end user support which allows you to build secure authentication into your IT operations with minimal delay and overhead.  It makes it quick and easy for you to define your policies and administrative model and start issuing and managing your users’ authentication credentials without having to build all the technical, procedural, logistics and helpdesk systems from scratch. 

Whether you have a handful of users in one location managed by a single administrator, or thousands of staff in offices around the world and need users and their devices to be managed locally while security policy and audit is defined and monitored centrally; the IMC has the power and flexibility to adapt to your specific needs and compliance regulations.

Key features of the IMC are:

  • Tailored security policy: your Security Officer defines the security policy and the IMC enforces compliance on every user and administrator. Policies can be customised for different departments, sub-organisations or user communities.
  • Role-based management: the IMC defines clear roles and duties for each administrator and steps them through their appointed management tasks.
  • Delegated administration: routine tasks can be handled by a local administrator who can only ‘see’ those users and systems that are within their ‘scope’ of authority.
  • Centralised control: policy settings, user activity logs, reports and authentication node management can all be monitored and managed by head office security officers, auditors and engineers, while day-to-day user administration is carried out at the local level.
  • Self-service helpdesk: end users can resolve all their standard problems 24x7 via the IMC’s secure, Self-service Helpdesk interface. Issues such as lost & broken tokens and forgotten PINs can all be resolved within minutes according to defined security policy.
  • Helpdesk Operators interface: the IMC provides scripted problem resolution for your telephone support operators to step a user to a solution.  Security policy is enforced at every step ensuring the user is properly identified before support requests are actioned.
  • Emergency Access: the Helpdesk can provide a user with emergency access passcodes to keep them working while awaiting a replacement token. 
  • Token provisioning & logistics: The IMC provides a flexible range of processes which automate the delivery of authentication devices to remote users: and which ensure that the device reaches the end user on-time in a secure, auditable manner.

Flexible management policies and procedures

There is no single, correct set of processes and procedures which should be used when managing a community of strong authentication users.  There is always a trade-off between security, cost and convenience. 

The IMC makes it easy for an organisation’s Security Officer to quickly define a coherent security policy relating to credential management; with automated procedures, delegated responsibility and an audit trail of who, did what, when.  All this, without the time-consuming effort required designing and implementing all these policies and processes by hand.

Overview of all IMC Service Modules

The IMC integrates the complex relationships between:

  • Users, their personal details and access privileges
  • Organisations and associated corporate details - including inter-company relationship
  • Devices, credentials & secrets which users use to authenticate themselves - tokens, mobile phones, PIN’s, etc
  • Authentication nodes – systems that users can log in to - Firewalls, VPN, Web or Citrix servers etc

In order to implement a comprehensive authentication management framework, the system maintains full details about each of the above entities, and also the complex relationships between each of these entities. 

For example the IMC can manage all the following issues:

  • the relationships between one organisation and another,
  • the authentication nodes managed by each organisation, and which users are allowed to log into those authentication nodes,
  • which types of authentication device each of those users use,
  • the stocks (pools) of tokens and other devices held by each organisation for supply to new users or to replace lost tokens, and which users have administrative rights to manage the details and privileges of a organisation and its users.