Complete Solution for Enterprise and Web Single Sign On
Access to corporate applications must be secure, but it must also be simple, fast and accurate.
And this is exactly what Soffid’s Single Sign On provides.
Enjoy a complete Single Sign On experience and take full advantage of your company’s potential.
Soffid is a fully integrated software that provides Role Management, Identity Provisioning, Business Workflows, Certification, Reports, Audit and Legal Compliance, Federation, Privileged Account Management and much more.
We believe that complete identity governance solutions should not force a decision between performance and cost, Soffid provides maximum performance at the lowest cost in the market.
Soffid reduces IT costs while increasing security in your business.
It is a fully managed enterprise single sign on solution that improves the security of technological resources and at the same time reduces operational costs caused by the loss of passwords, authentication delays and changes of address.
Provide a complete Single Sign On experience without the need to modify applications. It is fully supported on Windows and Linux.
It is a versatile single sign on web module that automates the web authentication process and provides a central point for deploying enterprise web applications.
The XACML module provides very granular access control, even for legacy applications.
It is a functionality that ensures that all authoritative sources are always synchronized. This functionality is ensured by the Soffid synchronization engine and is completely transparent to the end user.
Soffid provides a powerful engine with great simplicity of use. Directory provisioning, manual reconciliation, bidirectional password synchronization, and high availability architecture is always assured when you are using Soffid.
It is a unique and versatile web interface where the end user can consult or change their credentials, manage business workflows, manage their profile or launch applications.
All from a single point of entry. Productivity is only maximized if the product is designed in a simple and easy-to-use way. And so we did!
Enjoy Identity Governance functionalities to improve security and business functionalities.
Role management and provision of identities, business workflows, attestation, reports, and much more.
The user provisioning is made through the connectors or agents that connect Soffid with the repositories. These agents can act either way, either by creating or modifying user accounts in the managed system, either by registering existing user accounts in the managed system in Soffid.
Soffid currently has a series of standard connectors that make it possible to integrate the most common user repositories in a very simple way.
Although from the technical point of view the roles are grouped into repositories, from the organizational point of view they are grouped into applications or information systems. For each information system the roles that belong are defined as well as the list of responsible for the application.
In addition, the person in charge of the information system can define risk levels associated with the roles. Thus, for each role or set of roles, you can assign a level of risk of entering the values «Low», «Medium», or «Forbiden».
Soffid incorporates, extends and improves the JBPM jBoss engine. With this engine, Soffid allows the definition of decision and management flows, due to its unique characteristics:
Attention in the context of the Identity Government implies having the tools to review and confirm the present status of permits and authorizations.
Soffid supports the generation of reports from multiple points of the console (using the iReport standard), both related to identities and authorizations, events, auditing and others. The information shown can be exported to spreadsheets by clicking the mouse.
For the preparation of periodic reports, the planning of offline reports is allowed for scheduled delivery to the predetermined recipients.
Enjoy high standards in identity governance functionalities.
This package is equipped with federation functionalities, privileged account management, low level permits, separation of functions and recertification processes.
All the actions that are carried out are stored in the Soffid database. This information can be consulted by Soffid or by any external software.
Audit systems can be connected to external systems or to the Security Information Event Management System (SIEM) to configure more complex analyzes or alert systems.
The traceability of the actions carried out in Soffid is threefold:
Being the audit in database, its exploitation through query or SQL tools offers maximum flexibility. To facilitate its integration with SIEM tools, active forwarding of audit records to the SIEM tool is activated, using the SYSLOG protocol.
The Federation allows the integration of Soffid with the most used cloud services without the need to share passwords with external providers. It is compatible with the SAML federation, as well as with OpenID.
Soffid allows you to manage shared accounts that can be used by more than one user. Each of these accounts may have an access control list specifying, either directly, or indirectly, who can make use of the said account.
As it could not be otherwise, all uses and accesses to shared accounts are conveniently audited.
Soffid delegation management it is easy.
Soffid manages the whole process to generate new certificates for specific applications and users and integrates perfectly into the Soffid workflow engine.
Soffid allows the simplification of a complicated process to maximize the productivity of the company without compromising security.
The Soffid role mining module applies data mining techniques to create business profiles based on the permissions currently assigned.
In this context, the tool allows the administrator to select the strategy that best suits their needs:
Next, the tool minimizes a function that represents the cost of administration and management of these accounts and then suggests which roles you should use.
This functionality allows to minimize the number of roles that must be active in a specific system, helping to reduce the total number of time and resources that we should devote to maintaining that system.