How to use Okta to Single Sign-On (SSO) into PeopleSoft

Support Multiple Identity Providers

If you are looking for a way to use Okta to SSO into PeopleSoft, then you need the ICSynergy SPGateway.

As the video shows, SPGateway makes it easy to allow your employees, partners, and customers who use PeopleSoft to access it in a secure fashion.

More Than SSO – SPGateway Is Tested Against 50 Use Cases

ICSynergy tests the SPGateway against more than 50 use cases, and it supports essential PeopleSoft use cases above and beyond SSO.

For example: enabling switching user accounts. A user may log in with an admin account and then need to switch to a non-admin account. Or, perhaps they are different security rules for Intranet vs Internet users.

Another popular use case is to force a step-up multi-factor authentication based on what URL in PeopleSoft the user is trying to access.

Contact Us Today

If you would like to learn more about SPGateway, please contact us at info@icysynergy.com.

3 Reasons Why Cloud Data Protection is a Better Security Solution

database security solutions

Database security options are not easy to agree on. While some believe that the cloud might not provide adequate security, others feel that cloud data protection is by far the best option for keeping sensitive information away from prying eyes. In fact, in a 2013 survey by Thales and Ponemon Institute, more than 50% of respondents said that their organization handles the transfer of sensitive or confidential data via the cloud.

With big data breaches making the news, many people are wondering whether the cloud is really a safe method of data storage and transference. Although many of the big corporations who recently suffered security breaches use the cloud, those incidents can actually be traced back to other human errors that are unrelated to their cloud usage. So of all the database security solutions available, why is cloud data protection the best option? Here are three reasons why you should consider making the switch to the cloud:

  1. Access is better controlled
    If you handle your data security needs on-site, your system is likely much easier to break into. However, data that’s stored in the cloud is unavailable to employees or others who do not have proper access. You won’t have to worry about one person within the company — or who works with the company — who might be able to get access.
  2. Your system will be monitored regularly
    One of the most common database security issues with other types of options is that the system isn’t regularly updated or monitored. That can leave your business much more vulnerable to breaches. But good DBMS security companies will regularly audit, monitor, and test all of their operations consistently. This means your system is guaranteed to be reliable and up-to-date — plus, your security team will be in a much better position to recognize a potential breach and take immediate action.
  3. You’ll have experts on your side
    Technology is ever-evolving, which means that whoever handles your database security solutions needs to know the latest in the tech security world at all times. For many companies, finding an in-house data security expert can be a real challenge and can take away from other business aspects you need to focus on. When you use the cloud, you’ll not only be using a better quality product, but you’ll also get a team of tech experts on your side. You can concentrate on the parts of your company that really need your attention and leave the database security in our capable hands.

Are you in need of better database security solutions? Consider using cloud data protection. To find out more about the options we offer for data security and how they can help your business and your customers, contact us today.

3 Reasons Why Your Business Needs Better Database Security Options

database security options

In a world where anyone can get hacked, your business needs the best database security options available. Corporate espionage and data breaches are more prevalent than ever, and it’s likely that your business can’t afford to deal with the consequences. In fact, data breaches on the corporate level cost more, too. According to a study by the Ponemon Institute, the average cost of a breach increased by 15% to $3.5 million from 2013 to 2014.

Prevention — in the form of database security solutions — is your best bet for keeping both your business and your clients safe. By using identity and access management (also called an IAM strategy), you’ll be reducing your company’s risk of security threats, as well as cutting costs and providing faster services to your customers. In case you aren’t yet convinced, here are just three reasons why your business should be using better database security tools:

Protection
Your business depends on protecting valuable information. If you currently have database security issues, you probably aren’t providing your clients or your system with the level of protection needed. At this point, clients expect that their personal, financial, and medical information will receive reliable protection from you. If you fail in this endeavor, you’ll not only be dealing with the cost of the breach, but will likely lose a great portion of your customer base. Even small businesses can be targets for security breaches.

When you take a chance with data protection, you’ll likely pay a huge price in the end. Because IAM systems force users to prove their identity and strictly limit user access, both you and your clients will be secure in the knowledge that information can be accessed only by authorized personnel.

Competition
Having better database security options puts you ahead of the competition. When you offer superior security, that’s a selling point for potential customers. We live much of our lives through technology; it’s no longer acceptable to be lacking in database protection. As this information becomes easier to access through malicious means, your company needs to stand out for the right reasons. If you have better data protection, you’ll win out over your rivals who don’t.

Reduced costs
Using an IAM strategy is simply more efficient. The platform manages the access of every user and eliminates the need for additional security measures. The platform automatically syncs with all devices that utilize the system, which means an administrator has to make an update only once for it to take effect across the system. All of this means you’ll be able to save both time and money that used to be dedicated to the maintenance of additional systems and redundant updates.

So if your current database security options are lacking, consider switching to identity access management. To find out more about how an IAM strategy can help your business, contact us today.

Putting PeopleSoft to work with ICSynergy

Whether you are managing human resources, financials, or the supply chain, Oracle PeopleSoft plays a pivotal role in the day-to-day operation of your business. Without PeopleSoft, the corporation cannot hire new employees, process payroll, create and manage purchase orders, or ship products.

Why not take this critical enterprise application one step further and have it manage the identities of your employees? With ICSynergy’s ICBatch solution, PeopleSoft can become the Master Source of Record for Okta, closing the employee lifecycle loop and delivering an integrated access management experience.

ICSynergy is a leading integrator of innovative identity and access management solutions. Combining ICSynergy’s ICBatch with PeopleSoft, ICSynergy can orchestrate human capital changes in HR with the rest of IT through the Okta Identity Management solution. Onboarding a new employee, employee job changes, or employee departures becomes a more efficient and closed loop process, as ICBatch updates application entitlements automatically.

ICSynergy’s ICBatch speaks PeopleSoft. When an employee changes jobs, ICBatch detects their new job role, and their entitlements are updated in Active Directory, Okta, and any other application employees might need to be succesful.

ICBatch and PeopleSoft

With ICBatch and Okta, PeopleSoft plays a vital role in managing the identities of your employees and provides them with an enhanced Single Sign-On experience, secure remote access, and multi-factor authentication.


Do you have IAM questions or problems? Not enough time or resources to create a solution? We’d love to hear from you and start on your custom IAM solution today. There are several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.

Enable remote access to PeopleSoft with SPGateway

ICSynergy’s SPGateway product provides for an elevated web application user experience and enhanced access to features in on-premise applications. SPGateway is a perfect match for mission critical applications like PeopleSoft. With remote access to PeopleSoft, employees can access their benefits from the convenience of home or a remote kiosk at one of the company factories. Employees need the opportunity to review and change important life decisions from outside the office, such as yearly enrollment, dependents updates, and name changes. With SPGateway, you can empower your employees with this convenience.

SPGateway builds on the Okta platform, providing the convenience of Single Sign-On and an enhanced level of security, which is essential to the safety of the Enterprise.

The SPGateway securely gives the employee remote access to required applications without the headaches of a VPN or clunky SSL client certificates. ICSynergy’s SPGateway makes Okta features available to your on-premise applications – just imagine adding multi-factor authentication with a simple mouse click.

PeopleSoft and SPGateway

If your business needs to expose self-service HR functions over the Internet, SPGateway’s access policies ensure this happens in a secure and controlled manner. With SPGateway, the business user can control, limit or grant access to specific URLs and people, or provide adaptive access capabilities based on geographic location.

Do you have IAM questions or problems? Not enough time or resources to create a solution? We’d love to hear from you and start on your custom IAM solution today. There are several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.

Master your Hybrid-Cloud strategy – Oracle, SAP, and IBM are first class citizens with Okta and SPGateway.

You’ve been in business for years, you’ve built a world class platform on world class middleware, and your infrastructure is the “secret sauce” which sets you apart from the competition. Whether your applications are built in-house, or purchased from middleware titans – you face a monumental challenge. How do my existing investments fit in world dominated by the cloud? Oracle E-Business Suite, SharePoint, IBM Content Manager, QlikView, PeopleSoft, and SAP represent huge investments and they’re typically supported by your IT department and deployed in your data center. So how do existing applications fit in a hybrid-cloud strategy?

With Okta and SPGateway, your on-premises investments are safe and sound – and cloud ready. SPGateway is designed for hybrid-cloud, and it brings the power of Okta’s world-class identity platform to your existing enterprise investments. SPGateway not only provides Okta SSO to your non-SAML enterprise applications, it also enables provisioning, de-provisioning, and multifactor authentication. What about contractors, telecommuters, or road-warriors who work off-site with clients?

SPGateway allows your workforce to safely access internal applications while maintaining the security you expect. Instead of struggling with clunky VPNs, proprietary thick client software, and device certificates, SPGateway uses the Okta platform securely authenticate users, and their devices, before they can connect to your network. In as little as a few weeks, your external users can access the applications they need, without relying on costly and slow VPNs. SPGateway is built using pen-tested cipher suites affording strong security, while maximizing ease of use.

SPGateway external access

SPGateway is a simple, safe, and cost-effective way to provide external access to your internal applications – and without the burden of adding SAML support. All of the features you’d expect from Okta are available, and by requiring an active Okta session before network traffic can reach an application, your infrastructure remains safe. SPGateway securely connects your internal applications to external users, and the power of Okta affords the identity and access management that IT and security departments need.

Contact ICSynergy today and we’ll show you how quickly you can master your hybrid-cloud strategy and bring the power of Okta to your internal applications.

SPGateway enables Okta SSO and User Management with Flexera

When it comes to providing your users with software, Flexera is a popular choice for enterprise solutions. Flexera Software is a software entitlement, licensing, and installation solutions company that simplifies product configuration and management efforts of multiple licensing technologies. Naturally, many of Flexera’s customers are choosing the Okta IDaaS platform to manage their customer base and make it easier for users to get the software they need.

To make things even simpler, ICSynergy has leveraged the SPGateway product with Flexera to allow a secure and rapid Single Sign-On (SSO) option for Okta/Flexera users.

Additionally, ICSynergy has extended Okta to provide the ability to automate user management with Flexera, further simplifying the administration overhead. This allows your IT team to work on more valuable improvements and maintenance.

With version 2.0 of SPGateway, Flexera is an officially supported application out of the box.


Do you have IAM questions or problems? Not enough time or resources to create a solution? We’d love to hear from you and start on your custom IAM solution today. There are several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.

Okta Governance with Dell Active Directory Edition

Here’s the scenario: You’ve finally implemented single sign-on (SSO) for your applications and connected your on-premise Active Directory with Okta. Your end-users are happy because they can quickly access their apps from anywhere and easily sign-on with their corporate laptop or other devices. Your business is happy because you’ve increased user productivity and reduced IT cost by lowering your administrative load.

But, one thing that could continue to add menial tasks to your administrative load is handling governance (access request, approvals, audit trail, reporting) for application access. In most corporations, proper governance is required for user application access. Fortunately, Dell Identity Manager Active Directory Edition (ADE) offers a unique and easy way to enable governance and access requests for your Okta environment.

With a smaller footprint (and cost) than full-blown Dell Identity Manager, Active Directory Edition (ADE) provides a full-featured AD group management and an access request portal for your users. The magic happens when we govern AD group membership with ADE. Users or managers can create access requests for Okta applications in ADE’s IT Shop portal. The request follows a preconfigured approval workflow, and once the request is approved, the user is added to the AD group and granted access to the application on the next Okta/AD sync.

Request access to an application in Okta through Active Directory

Okta Portal after access granted to application

This way, the business owners of the application can manage who has access to an application rather than your IT staff. Plus, we have full governance that will satisfy your corporate security and auditors.

You can also choose to present only relevant items to users (based on their groups) so that Engineers aren’t requesting Quickbooks access and accounting interns aren’t requesting access to Salesboom. This level of control reduces the administrative burden and keeps things simple for your users by not overloading them with irrelevant options.

In addition to the approval process, regular recertification can be scheduled so that only users who still need access to an application keep their access. If the application manager disapproves the continued access, the user is removed from the group. All of these approval and recertification requests are audited so you can easily produce reports on who has access, who granted access, when/why access was granted, etc.

And the best part: it’s all automated. No more manual management of your Okta users and applications.


Do you have IAM questions or problems? Not enough time or resources to create a solution? We’d love to hear from you and start on your custom IAM solution today. There are several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.

SPGateway adds client certificate authentication with Okta

Many organizations utilize Okta’s single sign-on (SSO) solution to provide their mobile and desktop end-users with a single portal (and one set of credentials) to access the applications they use to get their work done. Regardless of the device, Okta’s SSO service is incredibly powerful and removes a lot of the friction that users face when it comes to remembering application URLs and credentials. But, there are many situations where companies need to restrict access to applications at the device level.

An industry accepted method for controlling access at this level is by leveraging client-side certificate authorization. In practice, this means that a corporation could install a certificate on provisioned laptops, tablets, and BYOD smartphones for their employees, and this certificate would be used to authorize a user for application access.

ICSynergy’s SPGateway can provide this certificate workflow for Okta users in moments.

Client-side certificate authentication workflow

Only devices with valid certificates will be authorized to access protected applications through ICSynergy’s SPGateway. Devices such as a user’s personal computer or unmanaged mobile device will not be granted access.

The workflow is simple for a user’s point of view: as long as they have the required certificate on their device, they will authenticate through Okta as usual and be granted access to the application protected by the SPGateway.

Behind the scenes, the certificate is requested when the user visits the SPGateway protected application site. If they have the valid certificate (this is verified through an OCSP server), they can be directed to the Okta authentication page. Once they’ve authenticated with Okta, they are directed back to the application where the certificate is verified once more before they’re allowed into the application.

Using a client-side certificate authentication workflow can be much more practical than trying to control device access through IP or MAC addresses. If you need to limit the devices that can access a protected application, the SPGateway offers an elegant solution that works well with existing Mobile Device Management (MDM) and Desktop Management solutions.


Do you have IAM questions or problems? Not enough time or resources to create a solution? We’d love to hear from you and start on your custom IAM solution today. There’s several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.

ICSynergy SPGateway enables rapid Okta Single Sign-On with QlikView

Integrating business applications with legacy authentication modules into a modern federated single sign-on (SSO) environment such as Okta poses a challenge to many businesses. Building on decades of experience architecting, implementing, and consulting on Identity and Access Management solutions, ICSynergy has created the SPGateway in order to help businesses solve modern application integration challenges.

QlikView is a very popular business intelligence and data visualization web application used by enterprises to obtain sales metrics and information. Integrating QlikView into a single sign-on environment can pose a challenge to enterprises due to the application architecture. QlikView relies on custom development or the presence of a legacy WAM solution that passes secure headers for authentication. ICSynegy’s SPGateway bridges the gap between applications requiring header-based authentication and modern SSO solutions such as Okta (see Figure 1). The ICSynergy SPGateway provides a SAML 2.0 enabled reverse proxy that can securely pass headers to QlikView, thus authenticating users while maintaining the integrity of the SSO solution.

QlikView in SPGateway architecture

Figure 1: QlikView and SPGateway architecture with Okta

Using the ICSynergy SPGateway to authenticate users to QlikView allows for rapid deployment of a commercially supported authentication solution that requires no custom development. As a result, the SPGateway allows federation and SSO implementations to be completed while minimizing deployment and integration costs.

The ICSynergy SPGateway is offered as a high performance appliance that can be quickly and easily deployed as a single instance or a multi-instance HA architecture, both complete with disaster recovery capabilities.


Contact ICSynergy to learn about how the SPGateway can solve your integration challenges. There’s several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.