Identity Management
  • 07 Jul 2023
  • Dark
    Light

Identity Management

  • Dark
    Light

Article Summary

Service Overview

Identity Management is an Expedient managed service that allows clients to connect to their existing identity infrastructure and extend for single-sign-on and multi-factor authentication across applications and web services. Expedient manages the tenant, configures connections to Expedient managed services and assists with onboarding existing identity infrastructure. Clients can maintain and configure new applications based on existing application templates or create custom connections using industry standard authentication methods.

Service Features

  • Dedicated tenant
  • Multi-factor authentication (MFA)
    • OneLogin Protect
    • Microsoft/Google Authenticator
    • WebAuthn (Passkey)
    • E-mail
    • Security Questions
    • SMS (via client owned Twilio account)
  • Roles and mappings to publish apps to users based on user attributes like group membership
  • SAML and OpenID Connect support
  • Integration to Expedient managed services
  • Active Directory integration
  • Login via Trusted IDP (Azure AD/Okta)
  • 3rd party applications can be configured by the client

Default Deployment Settings

  • Dedicated tenant
  • Active Directory connector deployment and integration
  • MFA policy creation
    • Client can choose which factors to roll out to end users
  • Initial role and mapping to automate MFA policy deployment
  • Expedient managed services configuration

Use Cases

  • Single sign-on
  • Multi-factor authentication
  • 3rd party application/service security
  • User access management

Responsibility and Accountability Matrix

Identity Management Responsibility Matrix 

Task 

Expedient 

Client 

Co-Managed  

Co-Managed tasks can be performed by Expedient or Client based on Client's preference 

Tenant creation

 



Multi-factor authentication policy creation

X

X


Client can choose which factors they would like to support

Active Directory integration

X



Client will need to deploy the connectors to servers in their Active Directory infrastructure

Multi-factor authentication policy deployment

X

X


Expedient will do the initial deployment, client can modify post deployment

Expedient service configuration

X




Trusted IDP Configuration



X

Expedient will assist with OneLogin configuration, Client will need to configure the third party IDP

End User MFA support (rollout, troubleshooting)


X



Report creation/configuration


X



Supported Platforms

Applications/Platforms Supported

Expedient Services

  • Expedient Enterprise Cloud
  • Expedient Enterprise Workspace
  • Expedient Edge
  • Push Button DR
  • Cloud Data Protection
  • Commvault
  • CostCTRL
  • Operations CTRL
  • SIEM
  • Microsegmentation
  • Multi-Cloud Firewall
  • Cloud Native

Trusted IDPs

  • Azure AD
  • Okta

Notable Applications/Platforms NOT Supported

Expedient Services

  • Cloud Object Storage
  • Cloud File Storage
  • vColo
  • PVColo

Operating System Login

3rd Party Applications