Traditional identity access management solutions have succeeded at the perimeter level (i.e., authenticating "who" is allowed inside) but once someone has been granted general access organizations do not have effective tools with which to manage access at the application level for fine-grained security controls (“what” is allowed). These fine-grained security policies must then be dealt with on a per-application basis.

• Costly redundant coding,
• a lack of visibility into security policies and difficult auditing across multiple applications,
• a drag on the overall agility of the organization to quickly implement new applications and services or change policies.

Securent solves these problems by providing the enterprise with a new way to administer, enforce, and audit access policies, all with centralized management. This new security policy platform is called Entitlement Management. It streamlines application security by reducing budgets and schedules by up to 30%, assures persistent compliance through enhanced enterprise-wide policy visibility and control, and empowers new business scenarios that provide agility and competitive advantage.

A financial services company has policies that restrict their brokers from communicating directly with their analysts — to address this, the company previously had to write code into each and every application where the two groups might interact such as instant messaging, email, persistent chat rooms, or VoIP applications. If the policy changed, updates would have to be made at each application. Audits had to examine the policies one application at a time. And new applications, whether custom or commercial, needed all of these security polices to be encoded (and tested) prior to deployment — severely increasing costs and the time to value.

With Securent, this company can simply drag and drop a new security policy for instant changes across all applications in their network. Audits are easily and quickly accomplished with a centralized view and remediation process. New applications can be rapidly rolled out since programmers can focus on the business logic—not security testing.

• Secure sensitive information and minimize the risk of audit failures by regulating access to confidential business data and mission-critical services;
• Deploy consistent enterprise-wide access control capability over existing applications and IT infrastructure, including portals, custom applications, messaging servers, databases, and network resources;
• Increase developer productivity by eliminating custom development within each application and improve administrator productivity (by providing easy to use interfaces and APIs that automate a number of operational tasks);
• Provide a scalable, standards-based solution by which to manage application entitlements; and
• Empower line of business managers to define, administer and enforce role and rule based policies without the need to requisition development resources