Symantec IGA Features

Users can request access to an application and be automatically provisioned if they meet policy requirements

Automates account/access rights creation, changes and removals for on-premise and cloud apps

Establish roles that create a set of authentication rights for each user in the role

Enables administrators to create access policies and applies policy controls throughout request and provisioning processes

Terminate access to multiple applications based on dates

Allow business stake-holders/managers to approve or reject requested changes to access via a defined workflow

Enables users to reset passwords without administrator interaction. Enforces password policies when resetting.

Change users and permissions in bulk

Keep identity attributes consistent across applications whether the change is made in the provisioning system or the application

Alerts administrators when inappropriate access occurs

Proactively audits access rights against policies

Standard and customized report creation to ensure appropriate access rights have been assigned

Provides mobile application that alerts administrators of potential issues and allows administrators manage access rights

Support for wide variety of cloud and on premise apps to automate provisioning for existing and new applications procured

Provides appropriate application interfaces to enable custom integrations for unique business requirements

Keep identity attributes consistent across applications whether the change is made in the provisioning system or the application.

Enables administrators to create access policies and applies policy controls throughout request and provisioning processes.

Provides or integrates with a cloud based directory option that contains all user names and attributes.

Integrates with common applications such as service desk tools.

Allows users to set, change passwords easily without interaction from IT staff.

Integrates with your mobile device for use on mobile apps.

Accommodates multiple languages.

Provides support for Multi-Factor authentication, so users are required to provide multiple factors to authenticate. For example, something they know, Something they have or something they are.

Uses biometric trait or characteristic to authenticate. Additional hardware may be required to support this type.

Provides authentication capabilities outside standard authentication methods such as MFA and biometric .

Able to assign authentication requirements for different levels of users, such as more robust authentication for senior level executives.

Enables a seamless customer experience with self-registration and self-service functions, including account creation and preference management.

Verifies user identity with authentication, which may include multiple multi-factor authentication methods.

Scales to support growing a customer base.

Integrates with directories or other data stores that house customer data to create a complete view of a customer.

Simplifies or automates user provisioning, deprovisioning, and other user role changes.

Offers password management tools to end users.

Offers single sign-on functionalities to end users, allowing them to authenticate once and be given access to all of their company accounts.

Enforces user-access policies based on individual, role type, group membership or other factors to prevent unauthorized access to company systems and data.

Authenticates users prior to granting access to company systems.

Offers multi-factor authentication methods to verify a user's identity.

Provides an IAM solution for on-prem systems.

Provides an IAM solution for cloud-based systems.

Tracks user activities across protected systems.

Provides reporting functionality.

Log and report all modifications to user roles and access rights.

Provide standardized reports for regulatory compliance and audits.

Grant access based on user attributes, location, device posture or risk.

Automate onboarding, offboarding, and access reviews throughout user lifecycles.

Enable users to reset passwords and update profiles without admin support.

Identify unusual access patterns using machine learning models.

Dynamically adjust access policies based on risk and AI-generated insights.

Suggest appropriate user roles based on usage patterns and peer behavior.

Possesses AI-driven triggers to determine when to require MFA or stronger authentication rather than always requiring it.

Builds profiles of known devices/environments per user and flags deviations such as new devices, new networks, and/or suspicious locations as higher risk.

Spot fraudulent behavior, such as account takeover attempts, credential stuffing, bots, and brute force attacks through the use of AI.

Uses machine learning to analyze past authentication events and suggest optimizations to security policies (e.g. thresholds, triggers) or to adjust rules over time.

Leverages AI to assign a risk score to a login attempt based on context, device, IP, historical patterns to dynamically decide whether to prompt for MFA, additional challenges, or allow seamless login.

Monitors behavioral signals including typing patterns, mouse movement, and/or touch/swipe dynamics to verify user identity either at login or continuously after login.

Uses computer vision, facial recognition, or other biometrics during onboarding or at risk events, with AI-based liveness checks to prevent spoofing or replay attacks.

Generates dynamic prompts to guide users through account recovery workflows.

Implements artificial intelligence to filter, rewrite, or block prompts that attempt to access unauthorized data, escalate privileges improperly, exploit system weaknesses, or otherwise re-provision customer access permissions.