Only administrator can reset user passwords lead to high administration cost
Manual Provisioning
During users onboarding, need to manually provision user account and permission in multiple systems.
No Security Enforcement
No password enforcement policy on various applications
Single Level Administration
Cannot delegate a sub-admin role to manage subset of user accounts
No Auditing and Reporting
No centralize auditing and reporting
Components
Identity Management
Allow administrators to manage user information in a single location
Single Sign-On
User do not have to enter their login ID and passwords repeatedly when accessing to their enterprise systems
Service Provisioning
Automatically provision Office365 and other application services. Multi-tenant management with domain-based management and RBAC (Role-Based Access Control)
Two Factor Authentication
Helps safeguard access to data and applications while maintaining simplicity for users
Delegate Admin
Allow global administrator to define the delegate administrator to manage a group of users
Auditing and Reporting
All access to the system are logged and audited in the system
Identity Management
Administrator
Allow administrators to manage user information in a single location
Users
User do not have to enter their login ID and passwords repeatedly when accessing to their enterprise systems