Monday, March 1, 2010
Posted by Reggie Best at 9:04 AM
Most large enterprises deploy identity and access management (IAM) software and elaborate directory infrastructures based on LDAP (Lightweight Directory Access Protocol) or Microsoft Active Directory to facilitate this process. These tools automate things including single sign-on to applications, the ability to handle password resets (which are hugely expensive, costing $60-$300 per reset depending on the system if done manually), and the ability to assign roles and change them.
As a collaboration platform, ProtoSphere is tied into the existing tools for managing user identity and identity lifecycle because it integrates with Active Directory. By linking with the Active Directory authentication and groups functions, corporate policies about access rights are mapped into the ProtoSphere virtual environment. So if an employee is allowed to access XYZ information in the organization, he can also access XYZ information in ProtoSphere, no more, no less.
For example, only pharmaceutical employees working on the marketing team for Drug A could be allowed to virtually access the ProtoSphere workspace for Drug A, and any of the relevant data feeds visible there. Clinical trial data, competitive information, and manufacturing process information might be contained in that virtual floor. But only authorized employees can access it, as dictated by the firm's Active Directory authentication settings.
This makes it easy for organizations to maintain their identity and access policies when working in ProtoSphere, and saves IT a great deal of time and headache when conducting an enterprise-wide roll-out. Systems administrators don't have to maintain multiple sets of credentials or enter and manage potentially thousands of user accounts in the system.