Soffid Recognized Once Again as a Leading Identity and Governance Administration Vendor by Gartner

Soffid Recognized Once Again as a Leading Identity and Governance Administration Vendor by Gartner

We are thrilled to announce that Soffid has been recognized as one of the most prominent Identity and Governance Administration (IGA) vendors in the latest Gartner Market Guide for Identity Governance and Administration. This recognition reaffirms our commitment to delivering cutting-edge solutions in the field of identity management and governance.


Leading the Way in Identity Governance and Administration

For yet another year, Soffid has secured its place among the select group of vendors identified by Gartner as leaders in the IGA market. This recognition reflects our unwavering dedication to providing organizations with comprehensive solutions for identity management, access control, and compliance.


A Testament to Excellence

Being recognized as a leading vendor by Gartner is a testament to the hard work and dedication of our team. It is also a reflection of the trust and confidence our clients place in us. We are immensely proud of this achievement and will continue to strive for excellence in delivering top-tier identity and governance solutions.


A Year of Innovation and Growth

Over the past year, we have seen remarkable growth and innovation within our company. We have expanded our product portfolio, enhanced our services, and forged strategic partnerships to better serve our clients’ evolving needs. This recognition by Gartner serves as a validation of our ongoing efforts to provide world-class solutions in the IGA space.

Thank You to Our Clients and Partners

We would like to extend our heartfelt gratitude to our clients and partners for their continuous support and collaboration. Your feedback and insights have been invaluable in driving our growth and improving our solutions. We look forward to another year of partnership and success.


Looking Ahead

As we celebrate this achievement, we are excited about the opportunities that lie ahead. We remain committed to pushing the boundaries of innovation, expanding our global footprint, and delivering solutions that empower organizations to manage identities, enhance security, and ensure compliance effectively.

Once again, thank you for being a part of our journey. Together, we will continue to redefine excellence in the field of Identity Governance and Administration.


Stay tuned for more updates and innovations from Soffid as we continue to lead the way in identity management and governance.

How Soffid protects your passwords

How Soffid protects your passwords

Soffid ESSO, as any other enterprise single sign on, needs to store the password in a way that can be used by applications, and this requirement implies that password should be stored in either clear text or reversible encryption algorithms, making them vulnerable to insider attacks.

To prevent any risk regarding any unlikely insider attack, Soffid has a highly sophisticated mechanism to protect your system passwords, as well as allowing enteprise single sign on module to know the password value when it is required. . To get this done, Soffid creates a RSA private key for each synchronization server. The key is stored locally on the server, and the public key is stored on the database.

Once the keys are stored, every process that needs to encrypt a password must do it once for each synchronization server public key. Then, if we have two synchronization servers, as on the image next to this lines, when Soffid sets a password for any user, the password will be stored twice. The first one will be encrypted using the first RSA public key and the second one will be encrypted using the second RSA key.

This mechanism guarantees that only a synchronization server will be able to decrypt the password, using the password version that was encrypted using its own public key.

By default, private keys are stored on file system, and protected by a secret word. The backup of this private keys and the configuration file that contains the secret word should be placed on different devices than the Soffid database backup.

To achieve the top security level, a HSM module can be used. Provided that the HSM module has a PKCS#11 interface, synchronization server will use it to use the private key that is stored on it. In such a way, you can get the best trust level on your passwords confidentiality.