IDENTILOK SERVER
INNOVATION GALLERY

CONTEXTUAL IDENTITY MANAGEMENT

IDENTILOK SERVER takes digital identity management into the Regulatory Compliance Era.

   

  • PEOPLE, NOT "USERS".  Regulations are designed to protect "natural persons" and not siloed "users."
    Such siloed "user-oriented" identity solutions interfere with the legal obligation to protect data for each natural person, across all applications and digital engagements, whether it's for a single organization, or across an ecosystem of collaborating companies.

  • TRANSITION FROM USER-CENTRIC TO PERSON-CENTRIC. To support modern digital engagement with full regulatory compliance,  IDENTILOK SERVER introduces a backwards-compatible Personal Identity model that is designed to centrally enforce regulatory data protection including: rich personal identity and transaction storage, identity verification, data accuracy, data integrity, full data encryption, data governance and data security. 

  • CONTEXTUAL IDENTITY. Freed from legacy identity limitations,  IDENTILOK SERVER enables a single individual to be affiliated with any number of business units, organizations, applications and personas across a cross-cutting ecosystemIDENTILOK SERVER contextual personas shape and enforce how digital engagement is conducted, limiting the data that is shared according to the boundaries of each contextual persona profile: as an employee, contractor, customer, parent, child, teacher, student, doctor, patient...or all of the above concurrently. Each contextual persona preserves organizational governance autonomy while centrally enforcing governance policies and regulatory compliance.

  • ZERO TRUST.  IDENTILOK SERVER provides a protective containment defense that segregates each contextual persona from direct access to personal data; and only allows specific identity and personal data to be processed for a legitimate purposes, via regulation-enforcing purpose-based access control

vault.jpeg

PRIVACY VAULT

Legacy Identity Management technologies are focused on user accounts and therefore do not protect data aside from passwords. This forces your organizations to look elsewhere for its data protection requirements.

IDENTILOK SERVER privacy vault securely manages all of your identities and all of their personal data, including:

  • Rich Structured Profiles

  • Activities, Behavior, Transactions and IOT 

  • Unstructured Data (Documents, Images, Voice & Video)

  • Organizational and Personal Relationships

  • Quality and Compliance Metadata

 

All data contained within the vault is strongly encrypted via AES-256, differently and uniquely for each person.  This prevents unlawful data browsing and limits the potential scope of internal and external personal data breaches.
 

IDENTILOK SERVER enforces data sovereignty, ensuring that data which must remain in-country never leaves it.

vault.jpeg
IN-OUT.png

IDENTITY and PURPOSE GOVERNANCE

Conventional Identity Governance and Administration (IGA) is a common add-on to Identity & Access Management (IDAM) products and solutions.  IGA is used to establish rules and permissions for controlling "user" access to digital applications for on-premises and cloud-based systems.  

And therein lies a key limitation: conventional IGA is focused on protecting access to resources.  It does nothing to protect identity and personal data, or to achieve regulatory data protection compliance. 

IDENTILOK transforms IGA capabilities to deliver identity & access governance with regulatory data protection compliance.  

  • Not an add-onIDENTILOK SERVER IGA is natively integrated, ensuring referential integrity (add-ons don't do this) with centralized policy compliance.

  • Delegated Administration, Centralized Governance.  Governance criteria are established and enforced at both the ecosystem and enterprise level, while local administrative autonomy is retained. This enables multiple application delivery teams to leverage a standarized solution with the autonomy needed for rapid results.

  • Purpose-OrientedIDENTILOK SERVER adds the all-important Purpose Definition aspect to IGA, enabling true regulatory compliance to be transparently achieved.

GOVERNANCE DESIGNER

IDENTILOK SERVER includes an easy-to-use graphical IGA and Data policy designer.  

Governance definitions are generated via step-by-step graphical user interface that collects and organizes all needed policy and compliance parameters, using purpose-oriented definitions.

Beyond producing compliance documentation, approved IDENTILOK SERVER policies are operationally enforced in real-time using integrated Technical and Organizational Measures including purpose-based access control

GD-Purpose-Scope.jpg
Privacy-Firewall.png

PRIVACY FIREWALL

Just as a network firewall monitors, detects and prevents  unauthorized traffic, the IDENTILOK SERVER "privacy firewall" prevents unauthorized collection and processing of identity and personal data except in accordance with legitimate purpose policies and authorizations.
 

IDENTILOK SERVER is able to enforce secure and regulatory-compliant access to data wherever it lives, whether on premises or cloud, databases, files, content systems, ERP, CRM and other repositories.  

The Privacy Firewall generates fully-contextual Records of Processing Activities (ROPA) that documents that all data processing is only for legitimate purpose that are defined and authorized.   ROPA is a core requirement for global regulatory data protection compliance,

GOVERNANCE PROCESS AUTOMATION

Organizations must employ Technical and Organizational Measures that help to enforce regulatory compliance.  

In addition to its zero-trust security protection technology, IDENTILOK SERVER ensures fully-automated processing orchestration and consistency enforcement across all protected identity and access processing and sharing activities.  

 

This automation includes the generation of fully-contextual Records of Processing Activities (ROPA) that provide forensic proof of effective and compliant processing. 

objection-to-processing-wf.jpg
IDGateway.png

IDENTITY DATA GATEWAY

Identity and Personal Data lives almost everywhere.  This data fragmentation poses a serious obstacle to regulatory data protection compliance.

IDENTILOK SERVER offers a simplified and holistic approach to consolidating, controlling and protecting access to existing data repositories while achieving regulatory compliance.
 

IDENTILOK SERVER Identity Data Gateway (ID Gateway) is an integrated and scalable data integration hub - with more than 200 connectors - including an intuitive graphical designer interface for low code/no code construction of regulatory-compliant data integrations and identity provisioning processing

 

The ID Gateway is seamlessly pre-integrated with IDENTILOK SERVER, including

  • Governance Designer, which defines the scope and source of the data to be protected​ according to legitimate and authorized purpose definitions.

  • Contextual Identity Management, to enable collection and processing of protected data within a Zero Trust environment.

  • Privacy Firewall, to transparently and dynamically enforce regulatory-compliant access to data according to Identity Governance and Purpose Definition policies.

SELF-SERVICE_edited.jpg

IDENTILOK SERVER
PRIVACY CENTER

Self-Service Portals are a proven approach to increased digital trust at reduced cost.  

This is even more for Regulatory Data Protection, where Data Subject Rights fulfillment can be complex and difficult - yet it is essential to compliance.

IDENTILOK SERVER self-service portal includes:

  • A view of all digital engagement relationships within an enterprise or complete ecosystem

  • Providing legally mandated information

  • Data Collection & Processing Transparency

  • Access to personal data records

  • Data Accuracy

  • The right to Object to Processing

  • A conditional Right of Erasure

  • Data Portability 

  • Withdrawal of consent, as easily as it was given

  • A conditional right to Restriction of Processing


IDENTILOK SERVER automates the fulfillment of all legal rights, across any number of protected applications and data repositories, and across organizational boundaries.​