Skip to main content
IAM vs. CIAM CIAM Buyer's Guide Contact Us
Janrain respects your privacy and will treat the personal data you choose to share with us in accordance with our privacy policy.

Advanced Policy Manager: Better access control for your sites and data

By Sven Dummer | Posted on September 15, 2017

Central access policy management

We just released the latest member of the Janrain product family: Janrain Advanced Policy Manager.

This new product lets you centrally control who can do what across multiple digital sites, including web, mobile, or IoT devices. Of course, access control is nothing new, and we find it all over the digital world. Think of things like pay walls, age-restricted content, features in games that players can access only after reaching a certain level, or services like online banking where it is critical that only the right people can access account data and trigger transactions.

What has been missing in the landscape, and what Janrain Advanced Policy Manager does so well, is to centralize and standardize the mechanisms that companies use to control and manage access across their digital sites. In most cases, we find access management built into different applications and distributed across multiple departments, systems, and locations inside of a company. On top of that, they are implemented using different concepts, techniques and technologies. That’s bad, and we change it for the better.

Supporting a diverse and distributed collection of systems and technologies is difficult, error prone, and requires a lot of time and people power. Different systems that were set up by different people (who might no longer be with the company) with little or no documentation. It’s a nightmare, both for the IT people and developers who are tasked with implementing changes across multiple sites, as well as for the business departments that desperately want those changes and find out they might take weeks or months and unexpectedly require big budgets. This is particularly painful as new regulations, like the General Data Protection Regulation (GDPR), are looming on the horizon and drive up the need for company-wide (and complex) changes to who can do what on the digital sites.

There’s another reason why fragmented access control is a bad thing: it’s a security flaw. If access rules across multiple sites can’t be changed quickly, it also means that the company is not able to react fast to a threat, breach, or attack. And those different access control implementations scattered all over the enterprise are almost impossible to debug efficiently.

Access control for the modern connected world

We partnered with authorization solutions provider Symphonic Software to create a better and more modern solution for access control: Janrain Advanced Policy Manager.

So, what does it do to ease the pains described above? Here are the main concepts:

  • Advanced Policy Manager centralizes the administration of access rules. From one central point you can define, change, and manage access policies across the entire enterprise—any identity, any application, on any device, in any region of the world.
  • Defining access policies is easy and intuitive, using Janrain’s Identity Console. No programming skills or deep technical knowledge is required, so business departments can administer access control themselves without having to involve IT resources even for small changes.
  • At the same time, these policies can have a very high level of granularity. This allows complex access rules to be implemented with little effort, enabling organizations to handle sophisticated requirements—say, the implementation of a new payment model across different media sites where access to content is granted based on many different subscription levels. And changing access rules in the case of an emergency (like an attack) can be done very rapidly.
  • Policy management and enforcement is not only centralized, but also abstracted from underlying applications. Instead of having the application do all of the access control and enforcement work, it lets Advanced Policy Manager do the job as a cloud-based SaaS solution. Whenever a decision as to whether a user is authorized to access something is required, the application basically uses the “decision as a service” model that Advanced Policy Manager provides. This reduces the code complexity in the application and its attack surface—which in return increases security.
  • Advanced Policy Manager is a highly universal solution that can be used for both customers and employees (CIAM and IAM use cases). It can be used with Janrain’s CIAM products, but works as well with almost any commercial CIAM solution and can even be integrated into internally-developed solutions.

We designed Advanced Policy Manager to give enterprises full control over who can do what on their digital properties, and enable them to provide users with the assurance that their data is being protected with the ultimate control over how their data is being used.

If you are interested in hearing more, please don’t hesitate to reach out..


Product Page

Popular Posts

About the author

Sven Dummer

Sven Dummer

Director of Product Marketing

Sven Dummer leads product marketing at Janrain, helping companies to build better online experiences for their customers through cloud-based Customer Identity and Access Management (CIAM). Previously, Sven worked with Silicon Valley startups as well as Fortune500 companies, including Yahoo, Wind River (acquired by Intel), SUSE and Microsoft in product development, product marketing and management roles. At Intel, Sven also helped launch (and named) the collaborative Yocto Project, an open-source initiative that enables users to create custom Linux-based systems for IoT devices regardless of the hardware architecture. Sven is based in the San Francisco Bay Area.

View all posts by Sven Dummer