Identity Deduplication and Access Management

What is Identity?
Properties

KimLiq Identity and Access Management Software (Identity and Access Management)

Mount, manage and secure your applications, users and directories

It is a unified identity, access, application, and endpoint management platform that helps IT and security teams maximize end-user productivity, protect company data, and move to a digital workspace.

Native, secure, flexible and easy-to-use identity solution; deduplicates application access that organizations are using. Single Sign-On etc. It provides unique session management with methods. With unified identity, employees can access all their applications with a single login (Single Sign-on). It ensures applications integrity. It is deployed to the center, your other software is fed from KimLiq, it provides end-to-end secure connection by taking over the authorization processes. It provides the opportunity to use many global applications with our SSO, SAML, WebService integrations. It communicates encrypted with your servers in your Public and Private area. It provides KimLiq to log in. (For example, you can have your username and password stored in LDAP or Active Directory instead of Google when entering your Google mail.)

Es entwirft und entwickelt eine einheitliche Zugriffsverwaltungsplattform für Unternehmen und Organisationen auf Unternehmensebene und bietet eine unternehmensspezifische webbasierte Identitäts- und Zugriffsverwaltungsplattform.

Single Entry Point

Users no longer need to store and manage passwords in a spreadsheet or write them down in post-it notes. After logging in with KimLock, they can access hundreds of apps through the app catalog. KimLock also integrates with enterprise web-based applications providing a single entry point for all applications.

Robust Security Policies

Organizations can set policies that require users to regularly reset their passwords, which provides better security. With KimLock, users can easily create and enforce strong passwords with Password Generator. can easily share apps with partners and agencies without revealing passwords.

Robust Application Management

With Audit Classes, administrators gain visibility into and control over applications that users can add. Applications can be restricted by users, groups, or organizational units. Application management can be delegated outside the IT department, empowering users and reducing the burden on IT.

Managing All Contacts from a Single Center

In organizations with a distributed structure, you can easily manage information such as entrance and exit, information pollution, constantly changing addresses, telephones, surnames.

Directory Integration

With Active Directory Integration, bulk user creation, password change, directory creation, account matching with other applications, authorization operations can be done.
Gmail Accounts creation, matching with other services, authorization, password assignment, group management, user account deduplication operations can be done. (Yandex, Zimbra, Ldap, etc. available)
It provides access to applications such as single login with single user name and password, e-mail login with Name Account, Personnel Automation, ÖBS, etc. With authorization on applications, group and user-based assignment of which applications users will have access to, Password and permission management from a Single Panel

Easy Operation

During Account Creation, all checks are made and notifications are made via SMS. It is compared with existing accounts, it offers an alternative account name, it can authenticate from Mernis, the information of the person can be retrieved from the Personnel Automation from the Unit Tree, the Gmail account is selected as an option, the email account name is kept. With synchronizations, accounts are deduplicated.

About Identity

Our application is prioritized for Corporate Institutions and Companies. The general definition of our application, which may vary according to the business, is to control the access of other applications within the organization, to verify user names and passwords, to remove redundant and forgotten passwords from the system, to change passwords according to security policies such as letter format and length, to clear accounts opened for departing personnel or similar situations. It is a singularization method that automatically manages the processes and makes it easier for them to navigate and access applications with a single username and password. It doesn’t require you to sign in again and again.

KimLiq Ürün Sınıfı ve Standartları

It is a Security Assertion Formatting Method, used to exchange authentication and authorization data between parties, specifically between an identity provider and a service provider. For example, SAML

Identity providers (IdP) are allowed to pass authorization information to service providers (SP). What this jargon means is that you can use a set of credentials to log into many different websites. Managing one login per user, email, customer relationship management (CRM) software, Active Directory, etc. It’s much easier than managing individual entries for

In general terms, Multi-Factor Authentication; It is the link between the authentication of a user’s identity and the authorization to use a service.

Briefly, What Does It Do?

The harm of users from this situation is increasing day by day. Easy passwords can be recovered quickly. On the other hand, system administrators have to follow the personnel who have more than one user name and password in multiple applications, and they have to delete their access information or open a new account while logging in and out of the job. This provides a suitable environment for access and attack of access information that is not deleted day by day but is no longer used. However, the fact that the applications used can perform authentication and access information from a single place with a single user name and password provides convenience for both the administrator and the personnel, and the system will be able to make sure that the user is himself by performing multiple verifications. The number of software that makes our work easier is increasing day by day.

Applications that we can track, look at archives retrospectively, track the status of personnel in enterprises, grades of students for universities, and more are used in appropriate places around us. However, the more applications we have to use, the more user names and passwords we have to memorize, and there are situations that require us to log in separately for each one. The most prominent of the services to be put into service in the project is 2FA multi-factor authentication. Multiple login restrictions can be set at the same time. Personal information verified during access control is sent to T.C. via identity sharing system. Permission can be granted by authenticating with identity. In addition, with the code verification sent via SMS, it can be passed in the second stage. In addition, the individual information and passwords of the users are encrypted and stored on the system, if desired.

Even if the information is desired to be deciphered through the database, readable data will not be accessible. If desired, authentication can be mediated through the currently used LDAP or Active Directory.

With the Mobile Application, you can continue the login process with the verification code sent to your phone during authentication.

About Authentication and Authorization

Cyber Cluster Member

Cyber Security Cluster‘nde  4 adet Yazılım Ürünleri ile ülkemizde yerli yazılım üretici sınıfında gelişim göstermektedir. Kimliq ürünümüz de Siber Kümelenme Ürün Hizmet Kataloğunda yerini almıştır.

Cyber Clustering Product Service Training Catalog

Modüler Özellikler

Corporate and Business-Specific Logo
SSO supported application integrations
SSO Authentication services
Active Directory Integration and Management
AD Organization Management (OU-DC)
Corporate Mail Management
Multiple Directory Support
Gmail-Yandex-Zimba-Open LDAP Integration
Enterprise-Specific Application Integrations
API Support
Group Management
Policy Management
Session Authorization
Mail-SMS Notifications
Auto Provision
Mobile MFA and Mobile Verification Application

Universally implementing Identity and Access Management across multiple IT infrastructures and software platforms is a huge challenge for any organization. Today, users expect to have access to the information they need to successfully do their daily work whenever and wherever they want, regardless of the target system or application. IT departments struggle to make this access seamless for users, but still maintain compliance with corporate and government-imposed security and privacy regulations.
  • QuestTools
  • Manage user identities IAM systems manage user identities. IAM can be the only directory used to create
  • modify
  • and delete users (such as employees). Or it can integrate and synchronize with one or more other directories such as Microsoft Active Directory.
  • Provision / deprovision users After a user logs into the system
  • IT must authorize the user; what apps
  • resources
  • etc. It is the process of determining who can access it and what level of access (admin editor viewer etc.) the user has. to each item. Identity management systems often enable provisioning through policies defined based on role-based access control (RBAC)
  • as determining each individual's access to each resource would be time consuming. Users are usually assigned one or more roles based on their job function and are automatically granted access based on their definitions. While it can be time consuming to provision users
  • it can be time consuming to deprovision them from all the applications and systems they have access to. An IAM system automates this process – which is important as ex-employees who still have access pose a serious security risk.
  • Authenticating users IAM systems perform the task of authenticating a user when the user requests access. Secure authentication today means multi-factor authentication and preferably adaptive authentication.
  • Authorizing users After authenticating the user
  • the IAM system authorizes the user to access certain applications and resources as needed
  • depending on the user's authorization.
  • Reporting IAM systems provide reports that help organizations demonstrate regulatory compliance
  • identify potential security risks
  • and improve IAM and security processes.
  • One-time Session Single Sign-On is not a component of all identity management systems
  • but it is a component of the best. SSO increases security and enables users to be more productive by making it faster and easier to access the resources they need without having to log in or remember many different passwords each time.

KimLiq Specifications

Project Based Flexible Methods

Integration and management of Active Directory.
Active Directory Organizational Unit, Domain Controller support
Mass user creation, password change with Active Directory Integration,
Indexing, account matching with other applications, authorization processes
Opening, deleting, resetting corporate mail management
Multi-directory support right
Ability to integrate and manage OpenLDAP
OU, DC, support on OpenLDAP
Ability to show OpenLDAP tree on web application
Mass user creation, password change, directory creation with OpenLDAP integration,
Account matching with other apps, authorization processes, Creating accounts
Matching with other services, authorization, password assignment, group management,
User account deduplication processes
Applications developed specifically for the institution can be integrated into KimLiq.
API support; User authentication, Unit tree provisioning service
Application Identification and login authorization
Group and policy management service
Group and user-based assignment to which applications users will have access to with authorization on applications
Creating an account with the Mail and SMS notification feature can make notifications
Password and permission management from a single panel
Authentication from the MERNIS system
SAML integration with enterprise cloud and native applications
Preventing unauthorized logins
Multi-factor authentication to keep apps and information secure
Strong password policy with password generator within KimLiq,
Must be able to create passwords, regular reset of created passwords
Integration with Gsuite.
It should be able to open a group or mailbox through the KimLiq administration panel
Deduplication of user accounts by creating a corporate tree
Automatic matching with other accounts via the mail and mail group lists panel
Supports KimLiq ldap, active directory, simple saml, single sign on
Custom login and logo assignment
Authenticate KimLiq Password and credentials via Active Directory
On the login screen, users can enter T.C. login with ID numbers
Provides 2 Language Support

  • Robot verification after multiple failed login requests
    Changing or resetting the password, email from the user, T.C. authentication by mobile phone
    Storing user data in active directory or OpenLdap
    Verifying the information in a single way for the application that the user wants to login,
    With systems that will integrate the application, saml, ldap, web service and api support
    Admin panel on KimLiq
    Admin Panel instantaneously opened email, active directory account report
    The number of structural units and related units, the number of mail groups created, the number of unused emails
    Mail type in email accounts. Staff, student, other email numbers reporting
    In the structural unit tree menu, users are displayed under the corporate tree of the institution and the structural units hosted under it and integrated with the active directory. It provides ease of use. Content changes dynamically.
    User Full name, e-mail address, T.C. in the staff list. Information such as identification number, structural unit member tree information, type of user, creation date, last automatic deletion date of the user leaving the institution can be listed.
    On the new user screen, from the administrator to the user; active directory name, user type, first email address, T.C. ID number, date of birth, Name, Surname, Mobile phone, gender, Institution registration number, Faculty/Vocational School department, title, address, country city, zip code, fax, active-passive status information can be filled.
    When creating a new user, sending randomly generated and complex password information to the user’s mobile phone as sms
    If the administrator wants, he can assign a new password to the user himself. Sending this assignment to the user via sms
    In the new user list in the Other users menu, creating a user in the categories Network printer, Main Backbone, Other Network product, IP camera, Wireless distributor, server This account can be associated with a person. (T.R. ID)
    The administrator should be able to create a new mail group and accounts can be created on the mail server (GMAIL, yandex) with the mail group automatically integrated.
    Applications to be integrated can be verified with information such as application name, connection ip address, user name and password.
    The last 3 passwords of the user are kept encrypted and the last 3 password changes from the user are prevented from being applied again.
    The user is required to create a complex password
    Identity interface automatically to the user who wants to change the username and password via Gmail.
    If the user changes his password to the domain via the member computer, the access information is automatically changed in all applications and services (GMAIL, etc.)
    IP-based restriction of access to the authentication screen
    Entries to the admin screen are allowed by verification via SMS
    Policy settings can be made on KimLiq
    User password hash history is kept on KimLiq, Passwords are generated with complex password policy.

Product Screenshots

Multi-Factor Authentication (MFA)

With Kimliq, organizations can use multi-factor authentication to prevent unauthorized logins and keep apps and information secure. Administrators can set granular policies that require users to use MFA when they log in with Native Software Kimliq

Marta Technology | Kimliq Multi-Factor Identity Management Software