Identity and Access Management involves a series of complex and organisational challenges. This brings together people from the whole organisation to engage in workflow management and decision making.

Where the tools at hand lack the capacity to integrate key stakeholders into the communication and the decision-making process, the organization suffers. Processes are left behind to deal with important decisions in a manual way and this opens up the company to the errors that are usually found and emphasised through audit processes. However, by this time it’s already too late and regulators have no choice but to put pressure and bring change by force of financial penalties.

Having a secure and flexible IAM solution that has the capability to automate processes and expose key information to the right people is so much easier.

a hand drawing a flow chart

That is why Identity Director is designed to offer you flexibility in designing your workflow, security in user management and the possibility to integrate your business processes in an easy and accessible way for everyone involved. 

Here’s what 2021.2 has in store for you! 

PowerShell Workflow Action. Full release, now integrated seamlessly with the password reset workflow 

screenshot: execute powershell script

As we said before, the great advantage to this method is that virtually any workflow can now be expanded to fit the individual needs of the organisation. IT uses PowerShell heavily and many scripts that were previously left outside can now be included in the workflow on the spot.

Additionally, new scripts can be developed as the need arises without a need to implement functionality in Identity Director.

This feature has been through multiple improvements taking into account the feedback that we have received and making it faster and more secure in the way it manages credentials.

A significant upgrade is the fact that you can now use it to handle password comparison with external repositories and (in conjunction with Global Attributes) you can also handle the response to the user in a localised way. Just one very simple way you can make use of this brilliant feature!

Access Reviews Feature Preview in the User Portal 

identity director: my access reviews

As mentioned above, Identity Director has set out on a path to bring you a full framework of Access Certification. This will mean continuous entitlement review and certifying the access against various data sources, starting with Active Directory.

It will also enable you to bring key stakeholders into this process, such as members of an IT governance committee, to review each instance of an access certification before it is run. 

These are all important aspects of the process that will gradually be implemented throughout the rest of 2021 and most of 2022. 

The 2021.2 release contains a Feature Preview available through the User Portal. This depicts how the process might look like from the point of view of a reviewer.

There are no campaigns linked into it at this point, but this feature will showcase our approach into the process and to give you the chance to comment and influence the development process. If you have any feedback on the feature preview - you can always contact Identity Director’s Product Manager at [email protected].

Separate Reporting Database for Identity Director

identity director transaction summary screen

Continuous pull of data out of any identity-oriented tool is simply vital. That is why we have made available a reporting database that comes with a simple SQL structure and will allow to offer your auditors uncompromised historical data of your entitlements, user qualification, delivery and everything in between.

An Xtraction connector will also be available, offering out of the box reports for simpler usage. If those do not appeal to your particular needs, there is always the opportunity to connect directly to it and extract your own reports. Just about any reporting tool that know how to work directly with an SQL database will do!

And this is just the beginning. As time goes by, we plan to incorporate as much feedback as we can into the structure of this reporting capability to allow you to make reporting a turnkey operation.

Multi-factor Authentication 

identity director registration screen

Multi-factor authentication is probably one of the most sought after features out there. Often however, it didn’t really make sense to use it, such as when integration with an identity provider (Azure AD) exists. This would bring the MFA factor under the influence of the identity provider, rendering the feature useless for Identity Director.

The pandemic situation has changed all that and now many more customers find having an MFA feature in the product much more useful. As such, we have implemented a way to enrol most software authenticators out there. You can enrol into MFA as a user using most commonly used authenticators out there in Microsoft, Google and Salesforce.

Future releases will also include closer integration with the Password Reset and Unlock Account flows and device management features for the User Portal.

Provide Information WFA enhancements 

blurry screenshot of ivanti identity director

This area has seen improvements in more than one way, opening up use cases such as: 

  • Allowing you to reduce the number of attributes used in the Provide Information Wizard by using attributes marked as reusable inside. Together with using page conditions, this his opens up new possibilities and makes entitlement configurations much simpler 
  • Allowing you to have attributes appear on the same page in a dynamic way by setting conditions for certain attributes. Right now, implementation includes conditions for Date, DateTime, Organization and Text Attributes. 
  • Setting custom validations for Date, DateTime, and Text Attributes. This allows for customising the data input of the user side and eliminates error when it comes to scenarios requiring date and other information input. 
  • Setting up custom way in which the Provide Information wizard will behave. Perhaps you have a scenario where you need it to pop-ep even if it in the middle of a workflow and be enforced. Now all of this is possible and more. 

Also, User Voice is an important part of our release and development cycle. Each quarter, we weigh, prioritize and select a few ideas that we can implement from User Voice. Please make sure to check out both the Release Notes and the Help documentation to make sure you don't miss out on any important information.