As we began our four-part series on Federated Access Management (FAM), we asked if you should love or leave your current WAM. The first article uncovered the pitfalls of trying to retrofit a legacy WAM system for today's requirements. We introduced a modern alternative in our FAM solution, specifically architected to grow with your evolving access management needs.
The next two articles dug deeper into MFA and federated SSO, the building blocks that make FAM a rock-solid foundation. In this fourth article, we'll wrap up with a discussion on access security, the final piece of our FAM foundation.
Both MFA and SSO work on the front end, ensuring that your users are who they say they are. Access security works on the back end, allowing you to control, restrict, monitor and protect your resources. In action, access security looks like this:
A user or a piece of software tries to access a protected resource like an API, or a mobile or web application.
The user authenticates, and then based on authorization policy, access security either grants or denies the user access to that resource.
Federation Makes Modern Access Security Possible
As web, mobile and API resources become the new norms, we no longer operate within a single-cookie domain, nor is the web browser the only client that needs access to data. As a result, the definitions of resource access and access security have to evolve.
Modern access security combines federation with traditional access management, allowing you to secure identities and data beyond the firewall. Federation adds flexibility and the freedom for distinct and separately owned domains to communicate under a dynamic, standards-based authority.
The PingAccess® server is our modern access security technology and a core building block of our FAM solution. It doesn't only protect your web and API resources. It allows you to easily apply policies to both, and without custom-built integrations or extensive administration. It offers the advantages of a remote identity authority and standards-based access security in combination with a granular set of controls and policies for specific resources.
Whether those resources are mobile or web, internal or customer-facing, or in public or private clouds, you can use the PingAccess server as a single solution to enable access and centralize management. With a rich rules engine and advanced features like token mediation and session revocation, the PingAccess server is a complete web and API access management solution.
Deployed on-premises and in the cloud, the PingAccess server allows you to:
Centralize policies and ensure compliance across web applications and APIs.
Securely expose internal applications to remote users without a VPN.
Utilize existing investments, including legacy WAM solutions.
Avoid vendor lock-in with open standards.
Scale and grow according to your needs.
With flexible, highly available deployment models, the PingAccess server makes it easy for you to meet technical and business requirements, as well as migrate your legacy applications. Using its secure, open and standards-based architecture, you can audit everything to ensure compliance with corporate and industry regulations. And when you combine it with modern MFA and SSO capabilities, you've built a solid and secure foundation for your access management needs today and into the future.
So About That WAM System...
Coming full circle back to our first article, do you love your current WAM system enough to make it work? Or, now that you're armed with a thorough understanding of its limitations, will you choose to leave it?
We know. Change is hard. But much like the fixer-upper on a home improvement show, your once beloved WAM lacks the infrastructure and scalability for today's landscape. As you deconstruct it further, you really can't ignore the potential for your well-intentioned overhaul to become a money pit and resource drain.
There's a better solution.
Our FAM solution is specifically architected for today's requirements. With a flexible architecture that's able to scale to your needs, plus secure, user friendly access for all of your applications, it's the modern solution for your access management needs.