Services >> Security Solutions
With the ever increasing interaction with its customers and partners, each company is concerned about protecting its confidential information, critical processes and IT resources. The security threats to IT landscape are major barrier to enable end to end processes.
eXtendCode offers security solutions that can help customers in following areas.
Open Authentication for Web Solutions
For the web solutions, a basic Information Security Service consisting of User ID and Password is often insufficient. In such cases, enterprises can introduce other authentication mechanisms like X.509 Certificate, SAML (Security Assertion Markup Language), OpenID to ensure improved information security.
Every organization deals with incoming and outgoing documents from its customers and partners. If you want to ensure document authenticity, Digital Signature can be used to provide the capability. Once the capability is enabled, the organization can verify the authenticity of the incoming documents and also send out digitally signed documents. For example, if your customer is signing off on a project, the sign off document can be digitally signed by the customer and later can be used as legal evidence. Similarly one can use digital signature to other agencies like submitting your income tax return with digital signature. More and more countries around the world are promoting digital signatures by according the same legality as hand-written ones. Examples, European Commission e-Sign Directive, US Electronic Signatures in Global and National Commerce Act ("E-SIGN").
Although SSL (Secure Socket Layer) provides encryption for the exchanged information but the context of security is still the session. If the information needs to hop between multiple intermediaries, SSL does not provide the required level of security. Encryption can be used to ensure that the document is not accessible by any unauthorized entity, while in transit or on the system. The encrypted information can only be accessed by the appropriate entity.
In any large organization, where you have heterogonous IT landscape, identity provisioning for end to end processes is a major challenge. Typically this leads to productivity losses (a new employee comes in and does not have access to the required systems), unauthorized access (employee has left the company but still some of the accounts are not disabled) and higher administration cost. A business oriented identity provisioning can be enabled where the access to systems (e.g. web applications, ERP, Outlook) can be controlled using business roles. For example, a business role "Sales Agent" needs to have access to CRM, Outlook, VPN and Mobile. Once a user is assigned to "Sales Agent" business role, she can be automatically provisioned to the underlying IT systems.