Identity Management

What is Identity and Access Management?

Identity and Access Management is a collective name for the management of users and their access rights in a company. Identity and Access Management determine that the right employees have access to the right information at the right time and for the right reasons. Our document management system Xtendis supports the need of the average knowledge worker to access information anywhere, anytime. The administrator can grant access to certain persons or user accounts and restrict the access of others. This is important to prevent data breaches and other security issues.

User management in accordance with the highest security requirements

The user management in DMS Xtendis meets the highest security requirements. Just to name a few examples: the strength of the password that a user applies can be enforced. The system has a password-forgotten procedure that allows users to securely choose a new password. User data management is encrypted in Xtendis.

2 Factor Authentication (TFA)

The login procedure can be further extended with Two-Factor Authentication (TFA) (or multifactor authentication). The requirement for multiple authentication can be set per user. During the first visit to Xtendis, the user is presented with a QR code in the Xtendis web interface. The user must scan this QR code once with an Authenticator app (for example Google Authenticator). This app periodically generates a code that the user must enter when logging in when the session has expired. The app remembers the link with Xtendis, so scanning the QR code is only necessary the first time.

Authorizations IAM

Within Xtendis advanced rights can be allocated to users and systems. Permissions can be at the following levels:

• System
• Archives
• Functions
• Zones

Zones are parts of archives that can be defined by customers themselves. Placing a document in a zone automatically determines which user groups have rights (view, edit, delete). It is also possible to determine in this way which systems can retrieve documents from Xtendis. In practice, this functionality is often used to determine which documents from Xtendis may be displayed on web portals.

Interfaces with Identity Management (IdM)

Rights management in Xtendis can be linked to generic Identity Management (IdM) solutions that are used within organizations. This can be both On-Premises (Active Directory (AD)) and Cloud (Office 365, Google, iWelcome, ADFS) solutions.

Users are automatically created in Xtendis from IdM environments and changes are automatically logged. This makes it possible to centrally manage which employees gain access to Xtendis. If an employee leaves employment, this only needs to be updated within IdM, after which Xtendis will automatically no longer be accessible to the relevant user.

Audit Trail & Reporting

In the Xtendis Cockpit an up-to-date overview can be requested at any time of the rights that users, user groups and other systems have in Xtendis.

Using Xtendis Audit Trail all actions within the system can be registered (logged). This way, the source of any data mutation within the system can always be traced. Reports can be run on the registrations, whereby actions can be presented on the basis of various entities. In addition, an overview of registered actions can be requested for each document: which user has performed which action at what time?

IAM/IdM in Xtendis

• Full-fledged IAM / IdM in Xtendis
• Inteface options with generic IAM/IdM solutions.
• Authorizations on various levels
• Extensive reporting options on granted rights and actions performed