Solutions

This use case outlines the need to automate the creation of security or distribution groups in Active Directory (AD) and subsequently mail-enable these groups using Exchange Server or Exchange Online. The goal is to streamline the process, minimize manual effort, and ensure accuracy and consistency. Problem Statement In large enterprises, the process of mail-enabling security or distribution groups in Active Directory (AD) is often manual, time-consuming, and prone to errors. IT administrators must first create groups in AD, then separately enable mail functionality in Exchange Server or Exchange Online. This dual-step process not only increases the administrative workload but also heightens the risk of inconsistencies and delays, especially when managing a high volume of group creation requests. The absence of automation in this workflow leads to inefficiencies and potential misconfigurations. Ensuring that each group is correctly created and mail-enabled can be challenging without a streamlined, automated process. Moreover, the manual approach makes it difficult to maintain accurate logs and generate notifications, which are crucial for audits and troubleshooting. To address these challenges, an automated solution is needed to seamlessly create security or distribution groups in AD and enable mail functionality in Exchange. This solution should also provide comprehensive logging and notification capabilities to keep IT administrators informed about the process status. By automating these tasks, enterprises can achieve greater efficiency, accuracy, and consistency in group management, thereby enhancing productivity and minimizing the risk of errors. Customer Value The automated solution for creating and mail-enabling security or distribution groups in Active Directory provides substantial value to the customer by significantly improving operational efficiency and accuracy. By automating these tasks, the solution ensures a seamless and consistent process, minimizes manual effort for IT administrators, and reduces the likelihood of errors. With this solution now implemented in the customer’s environment, the group creation and mail-enabling process has been streamlined, reducing the overall time required by over 90%.

As organizations are looking for Cloud based services, SaaS (Software as a Service) is a popular choice of service model since it allows enterprises to migrate underlying infrastructure, middleware, app software, and app data to service provider’s purview. Service provider manages the hardware and software, and with the appropriate service agreement, will ensure the availability and the security of the app and your data as well. Saviynt provides one such secure and holistic SaaS-based IGA platform to manage and control access to an organization’s assets, application, or infrastructure — on-prem, hybrid, or multi-cloud and can be used to simplify identity lifecycle management with automated workflows and user-friendly tools. However, migrating from legacy on-premises solution to modern cloud-based platform can be daunting and time-consuming task. Saviynt Automated Migration Tool is intended to alleviate these migration pain points and accelerate Application onboarding & Data migration to Saviynt. Customers will be able to use this migration tool and expedite Application & Data migration from any legacy IGA tool to cloud based Saviynt platform. This is a custom developed tool using open-source libraries, without requiring any additional licensed software. One of our customers is using this tool to migrate from RSA (Aveska) solution to Saviynt as part of their IAM modernization journey. The Saviynt Automated-Migration tool is designed in such a way that it can take objects from any source IGA tool and migrate those to the Saviynt platform. Customers will also have an opportunity to review objects and their attributes before migrating them to Saviynt. This solution is a Java/maven-based tool, which is delivered as a package along with operating guide and instructions.

Automation 360 is an industry-leading RPA and digital workforce platform that combines an easy-to-use user interface with enterprise-class reliability and the security to enable real-time self-automation. It delivers a browser-based, intuitive experience for business users to quickly automate tasks and tools for developers to build process automation. Automation 360 provides both On-Premises and Cloud deployment options and is the first platform that provides RPA-as-a-Service as an automation solution. It enables users to automate applications across different infrastructures and industries such as banking, telecommunications, and business process outsourcing (BPO) organizations. Automation 360 provides capabilities such as the following: An intuitive interface to create a bot and design business process automation workflows. Support for multiple operating systems including Windows, Linux, and MacOS. Different views of bot to facilitate collaboration: flow view for business users, list view for developers, and dual view for collaboration. Recorder that works across various platforms such as Microsoft Windows, Citrix, Web, and SAP. Advanced variables capabilities and support for JavaScript, Python, and VBScript. A flexible architecture that enables you to add new packages.

The Automox API is a powerful interface that allows you to integrate Automox reporting data into your applications and control your devices, policies, and configurations, manage & secure your hybrid workforce with effortless IT operations and automatically patch remote systems, configure every endpoint.

Avigilon Alta is a cloud-native physical security platform that provides video surveillance, access control, and health monitoring for enterprise facilities. The Avigilon Alta integration enables you to seamlessly connect with Avigilon Alta to manage user lifecycle and govern access within the platform.

The AWS integration enables organizations to securely connect their AWS environment to Saviynt Identity Security Platform for continuous governance, visibility, and posture monitoring of AI services and Non-Human Identities (NHIs). A single integration supports both Amazon Bedrock and Amazon Bedrock AgentCore, allowing organizations to discover and govern AI agents, models, knowledge bases, tools, runtimes, and NHI assets such as IAM users, access keys, secrets, and certificates.

Efficiently managing access within an AWS environment poses a significant challenge for businesses, The inability to identify and rectify redundant or unnecessary access rights granted to users or entities, can result in security risks, compliance issues, and resource inefficiencies.   Customer Value This integrated solution enhances an organization’s AWS security posture and governance capabilities. By effectively identifying and managing unused access within their AWS environment, customers can: Strengthen Security: Remove unused access rights automatically to reduce the risk of unauthorized access and potential security breaches. Ensure Compliance: Leverage governance features that enable organizations to maintain compliance with regulatory requirements and internal policies by ensuring only necessary access is granted. Optimize Resource Utilization: Identify and remove unused access to optimize resource allocation and reduce unnecessary associated costs. Enhance Efficiency: Streamline access management processes through automation, saving time and effort for IT teams while ensuring timely access revocation. Improve Decision Making: Utilize a comprehensive dashboard that provides valuable insights into access usage trends, allowing organizations to make informed decisions and improve their access management strategies over time. Strengthen your AWS security posture, maintain compliance, optimize resource utilization, and enhance operational efficiency, to drive value and confidence in your cloud environment.

AWS IAM Identity Center (successor to AWS Single Sign-On) is a service that simplifies access management for your AWS environment. It provides a centralized hub for creating and managing single sign-on access to all your AWS accounts and cloud applications. With features like centralized user management, integration with existing identity providers, fine-grained access controls, and built-in auditing and compliance reporting, IAM Identity Center streamlines your access management processes, enhances security, and improves user experience. Whether you're managing a handful of accounts or a complex enterprise environment, IAM Identity Center offers a powerful solution for efficient and secure access management. The AWS Identity Center integration enables you to import the following AWS Identity Center objects into EIC: AWS Identity Center users AWS Identity Center groups AWS accounts Permission sets  Integration with AWS Identity Center is available for early access from Release v24.7. For information about early access features, see Feature Lifecycle Definitions in the Release Notes.

Amazon introduced IAM Identity Center to help organizations better manage identities in AWS environments and facilitate secure access scaling across AWS accounts and applications. Saviynt for AWS IAM Identity Center helps with managing over-privileged users, governing identity center admin activities, limiting excessive creation of seldom or unused permission sets, and obtaining a holistic view of permission set and group usage. Customer Value Saviynt enforces the principle of least privilege by offering time-bound or long term access to permission sets and groups, aligning with the zero trust paradigms. This ensures that users only have access to what they need when they need it. Timely certifications provide governance over unused permission sets, bolstering security measures. This not only enhances security posture, but also builds a strong foundation for compliance with industry regulations and standards.

Amazon Simple Storage Service (Amazon S3) is an object storage service offering industry-leading scalability, data availability, security, and performance. Use Saviynt AWS S3 Connector to move files containing User and Entitlement data in and out of AWS S3 to Saviynt EIC.

AWS Secrets Manager is a managed service that lets you store, rotate, and retrieve secrets like database credentials, API keys, OAuth tokens, and other sensitive configuration. This integration enables Saviynt Identity Cloud to securely store and retrieve connector credentials for target applications using AWS Secrets Manager as an external vault, eliminating the need to manage credentials directly within the platform.

Axis Security is the enforcement checkpost that integrates with your identity provider, and enforces access policies when a user attempts to access a specific app. Saviynt integration using SCIM connector provide visibility to accounts and access, and supports provisioning operations. Additional Information Confirm the availability of client SCIM API endpoints directly with the app vendor to ensure successful integration. Please note that this is a Community app; Saviynt does not endorse or guarantee its functionality, reliability, or performance. For more information, refer to the documentation.