Recently, Access Management has focused mainly on web authentication, single sign-on (SSO), and access to intranet/extranet applications. However, enterprise access management has evolved rapidly in recent years to meet the requirements of new computing paradigms such as the cloud, some of which are Sofware-as-a-Service (SaaS) services, mobile access (especially BYOD, or “Bring Your Own Device”), social interactions using social networks, and the Internet of Things (IoT).

In addition, economic and market forces have forced companies to look for ways to reduce costs, connect with new partners using new standards (e.g. OAuth), new architectures (e.g. REST), new application programming interfaces (public APIs), and consolidate data centres and licences through private or public Access Management services. At the same time, changes in health and privacy laws and regulatory requirements have forced companies to rethink their views on secure data protection.

In such a challenging environment, companies need to develop a comprehensive and proactive strategy based on risk management principles. Companies that take only a reactive approach to security, choosing only identity-based or target products to protect web apps, mobile apps, cloud, APIs or web services, can be in danger.

This reactive approach, and the fact that information is not shared between company departments, results in a weak security infrastructure with high maintenance costs, and due to inconsistent security policies, external and internal vulnerabilities, compliance problems may occur.

Choosing the right solution goes beyond ensuring that the essential requirements are fulfilled as soon as possible. At a high level, a single Access Management solution must be able to meet the requirements of the four base cases: cloud security, mobile access, employee-facing intranet and control of client-side extranet access control.

Taking all these requirements into account, our company started working with open-source Access Management systems and developed an own unique solution for several financial institutions and implemented it. Our company’s product is based on the OpenAM open-source code and has been further developed with additional modules, customized to customer requirements.

This unique AM solution is integrated with our own enhanced OpenDJ open source LDAP manager and this integration provides all the functionality required for complex banking applications.

The services provided in the Access Management (AM) – typically a self-developed solution