Products – Apporetum

Apporetum Products

It is time to say goodbye to failed identity projects.
Mix and match our products to meet your organisational needs

Product Suite

Apporetum is comprised of three products that work together to enable your organisation to take control of your identities, their accounts and their access entitlements. We have hidden the complexities, built in the smarts and bought all your identity information together so that it is easy to succeed.

Making the most of the licensing your already have in place

Leverage your existing Microsoft licensing

Apporetum is built to leverage your existing investments in Microsoft Azure and Microsoft Entra ID (aka Azure AD). Apporetum has all the features and extensibility required to deliver any Identity and Access Management business requirements. It co-exists with your Azure, Microsoft Entra and on-premises AD services. Apporetum is designed to make it easy to light up your Entra ID services.

Apporetum can be installed directly from the Microsoft Marketplace into your tenant. This enables it to inherit your existing architecture and security controls used to protect your Azure environment. Apporetum is deployed as a cloud native application with only an incremental increase in your technology footprint. Your data remains within your network perimeter ensuring both data sovereignty and jurisdiction.

We firmly believe that identity projects succeed when driven by data insights. Apporetum delivers value right from the first sync by providing key insights into your identity ecosystem. You will start extracting value within days of deploying. With Apporetum, you can adopt a more streamlined and effective approach to identity and access management, achieving results quickly, incrementally and efficiently.

Ensuring the accounts in your environment are all genuine and current

Apporetum Identity Manager

“Knows everything” and is the source of truth for identities, accounts and automated entitlements across your ecosystem – on-premises and in the cloud.

Apporetum Identity Manager is a modern alternative to Microsoft Identity Manager integrating with your Entra ID and on-premises AD through cloud native capabilities. We provide the discovery and automation tools to effectively and incrementally create your Hire-to-Retire model to govern your Accounts. In addition, we maintain and correlate accounts together to ensure they have up-to-date information from your HR and ITSM systems and give you the visibility of productivity and all secondary accounts.

Our offering provides a range of features to govern and manage identities, accounts, and automated entitlements, Apporetum ensures that your identity landscape is secure and streamlined.

  • Connects to multiple HR Systems of Record (bi-directional).
  • Correlates all accounts across your ecosystem (cloud and on premise) providing single unified view.
  • Orchestrates the Entra ID API-driven inbound provisioning service. Currently in public preview.
  • Reports on accounts which require your action (unsanctioned, dormant, orphaned, inactive).
  • Detects lifecycle events from your Systems of Record & orchestrates the provisioning and de-provisioning of accounts and entitlements (utilizing the Microsoft Entra capabilities).
  • Reports on data drift between HR System and the data in your directories.
  • Publishes lifecycle events to the Event Grid to trigger workflows across your ecosystem.
  • Understands and maintains the organisational structure of your enterprise.

Features

Attribute Provisioning

Provision consistent information to all your accounts across all your connectors. Apporetum enables organisations to control what information flows from HR Feeds to what types of accounts. Ensure that all your environments are consistent and secure.

Maintain Org-Structure

Keeping your organisation’s structure updated as organizations grow and merge can be challenging. However, Apporetum simplifies this process by correlating HR information with associated accounts, ensuring directory information remains up-to-date.

Temporary Account

Apporetum provides ability to create temporary workforce accounts, enabling organizations to manage short-term employees and contractors with ease and manage pay-as-you-go accounts for B2B access.

Life-Cycle Management

Apporetum promotes automated management of the hire-to-retire lifecycle, allowing organizations to manage user accounts seamlessly throughout the employee lifecycle including those dictated from Human Resources Systems like Leave and new-starter.

Report & Detect

Organisations can gain deep insights into their identity landscape, including unsanctioned, inactive, dormant, and orphaned accounts. This enables them to identify and eliminate security risks and streamline their identity management processes.

Identity Correlation

Apporetum connects and correlates accounts from all your connectors into a single Identity view. Organisations are able to view what accounts are associated to their Workforce Persons and view all their access across all their accounts.

Mix and match our products to meet your organisational needs.

Apporetum Access Manager

Simplify the management and governance of who can access your application. Delegate the management to the business users who understand who should have access.

Apporetum Access Manager is focused on empowering your application owners to manage who and when accounts can access your business resources.

Apporetum offers Access Governance by reconciling application access in the directory, providing timely reporting and alerts, and allowing suspension of access at different levels, ensuring proper management and control over access to applications.

  • Empowers business users to take control of who can access their application.
  • Configures the guardrails for each role used within your application.
  • Provisions and de-provisions access to roles with ease.
  • End-dates entitlements enabling automated de-provisioning on specified dates.
  • Supports approval workflows and notifications.
  • Provides full historical view of access entitlements to assist with your forensics.
  • Triggers reconciliation so you can detect unsanctioned entitlements that have been granted outside of correct processes.
  • Detects non-compliance – where entitlements do not comply with the specified guardrails.
  • Provides visibility over how much access any account has across all of your applications.
  • Administers and governs Trusted Parties for your B2B channel.
  • Integrates with your ITSM tool via API.

Features

Business-Centric Administration

Applications are at the core of how Apporetum empowers business users to administrate applications. We do this by enabling system administrators to set the boundaries for applications and then delegate the access administration and business requirements to the business owners.

Schedule & Timebound Access

Sometimes access needs to be scheduled or locked to a particular time period so unnecessary access is never provided. We enable system administrators to govern the maximum time access can be given before a review is required.

Reconcile Access

Apporetum reconciles application access in your directory and provides timely reporting and alert actions. This enables your Security Operations team to monitor unsanctions access within your directories.

Dynamic Guard Rails

Access to applications can be governed by dynamic sets of rules which make decisions based on account attributes that are setup by your system administrators. Apporetum can use these rules to protect who can gain access or to run regular reports on who shouldn’t have access.

Continuous Access Reviews

Apporetum helps protect your organisation by becoming a source of truth for all entitlements for your applications, monitoring for unsanctioned entitlements and raising flags when suspicious behaviour is found.

Security Response

Apporetum allows you to rapidly expand or contract who has access to your information or systems, giving you the ability to manage a critical situation effectively. Sec-Ops teams can suspension resource access at various levels including Account, Identity, Application, Application Role and Trusted Party.

Enabling you to meet your governance requirements for access certification

Apporetum Access Review

COMING EARLY 2024
Used by Application owners to discover and review who has access to what roles in their applications.

  • Gain assurance that the profile of access to your application is current and correct.  Use this insight tool clean up your data and your processes.
  • Provides visibility of how many accounts have access to each role within your application.
  • Detects & reports incomplete information.
  • Detects & reports access given to externals.
  • Detects & reports access in place for accounts that are dormant.
Natively supporting a wide variety of integrations

Integrations

Apporetum delivers a generic connector platform that is capable of connecting to a variety of external directories, including Entra ID/Azure AD, Active Directory, and even disconnected systems. With its powerful capabilities, Apporetum can govern accounts and access, including disconnected directories that are situated in Operational Technology networks.

Entra ID/Azure AD

A cloud-based identity and access management service that allows users to securely access resources from any location

On-Prem Active Directory

On-premises directory service for centralized management of network resources, such as users and computers.

Disconnected Directories

On-premises directory service which is not accessible from exterior networks. User Information and governance is managed exterior to the directory.

Need Some Help?

Frequently Asked Questions

Our team has compiled a short list of Frequently Asked Questions to help you understand our offering. If you can’t find what you are looking for please don’t hesitate to contact us.

Apporetum is built to be self-hosted inside your environment to enable you to own your organisation’s data. We provide a quick and easy template to build Apporetum while providing you the ability to customise the resources in Azure to meet your Security requirements.

No, Apporetum leverages Microsoft Entra capabilities that you are already licensed for with your M365 licenses. We don’t believe you should be paying even more per-user to have Apporetum govern the identities and accounts in your environment. Instead, Apporetum is licensed based on the feature you need.

Apporetum provides a modern management control for your Azure AD B2B users. Not only do we provide insight into the B2B users in your organisation we also control which resources external users can access to protect your organisation’s data.

Apporetum enables your SecOps team to rapidly respond to identity and access incidence by providing them the ability to switch off access for Users, Apps, Trusted Parties and even Identities. This gives your IT security teams the agility and ability to respond at a moments notice and resume business function when their remediation is done.

Apporetum automatically synchronizes all person and account information from HR systems, Azure AD, Active Directory, ITSM systems, and other sources, then correlates all accounts to an Identity and Workforce Person. This allows Apporetum to take control of attribute governance and lifecycle state management. Our modern, cloud-native IDAM approach can be implemented faster than legacy systems like Microsoft Identity Manger (MIM) with no-code configuration. We also provide extensible plugins and event driven systems to enable your business to integrate and extend Apporetum into your unique business requirements.

Yes. Apporetum when integrated with Microsoft Entra identity capabilities will allow you to replace your legacy Microsoft Identity Manager (MIM) installations. It is designed to be able to be installed side by side with MIM in an insight mode to give you confidence in the migration to Apporetum driven identity lifecycle management and access control.

Ease the headache of migrating to the cloud

Stop maintaining your legacy identity systems

Our cloud-native platform is designed to help you reduce the costs of maintaining your hybrid environments, while providing superior control over your identities, accounts, and access.

With Apporetum, you can synchronise all person and account information from HR systems, Entra ID/Azure AD, Active Directory, ITSM systems, and other sources. Our platform automatically correlates this information to an Identity and Workforce Person, giving you governance over attributes and lifecycle state management. And because Apporetum integrates seamlessly with Microsoft Entra and can be installed alongside MIM in an insight mode, transitioning to our platform is quick and easy.

Ready to see Apporetum in action? Book a demo today to take control of your identity and access management. Our experts will answer your questions and show you how Apporetum can revolutionize your hybrid environment.

Book a Demo