Digital Identity

Table of Contents

1. Introduction

Digital Identity provides a validated set of digital attributes and credentials associated with an asset, similar to how personal identity functions in the physical world. In a Zero Trust Architecture (ZTA), Digital Identity enables the portability and interoperability of identities across organizations, reducing the need for continuous updates to policies and systems while maintaining security and trust.

Note:

In this user guide, the term "assets" refers to employees when discussing Digital Identity management.

2. Overview of the Authoring Tool

The Authoring Tool is a graphical interface that allows administrators to aggregate asset details, assign digital identity, view assets, change the status of assets, move assets within an organization's organizational units or within the subsidiary, and view the provenance details. It includes the following key components:

  • Identity Provisioning: Aggregate and manage asset data across organizations and organizational units. Import, merge, handle duplicates, and re-import or add new changes. Assign digital identities to assets.
  • Identity Admin Panel: View assets and their digital identities, update asset statuses (e.g., termination), and move assets between organizations, individually or by organizational unit, within the parent organization.
  • Identity Provenance: Track asset transfers and status changes. View records of asset transfers, terminations, and the users responsible for these actions.

3. Steps to Use the Digital Identity Platform

  • Login

Ztaas Landing Screen

  • Select the Digital Identity Management Product and Click on Open

Digital identity product screen

  • Navigate to the Digital Identity Product

    • Select Authoring Tool from the main menu

Ztaas Landing Screen

  • Access the Identity Provisioning Section

    • Click on Open within the Aggregate Asset Details

Identity Provisioning Section screen

  • Select an organization from the dropdown whose assets need to be imported. You can also select a specific organizational unit within that organization

    • Click on Import button

Import section screen

  • View the Imported Assets

    • Click on Merge button

Merge section screen

  • View the assets stored in the repository that have not been assigned a digital identity

    • Click on Assign button to assign digital identity to the assets

Assign identity section screen

  • Navigate to Identity Admin Panel Section

Navigate identity admin panel

  • To change the status of an asset:

    • Click the bin icon, select the new status from the New Status dropdown, enter a description, and then click the Status Change button.

Change status change

  • To transfer an individual asset to a different organization within the context of the parent organization:

    • Click the pen icon, select the organization and organizational unit to which the asset needs to be transferred and then click Transfer button.

Transfer individual asset

  • To transfer assets from one organization to different organization within the context of the parent organization based on organizational unit

    • Click the Transfer button, select the current organization, organizational unit, and new organization to which the asset needs to be transferred and then click Transfer button.

Transfer assets based on organizational unit

  • Navigate to Asset Provenance Section

Navigate asset provenance section

  • Open the Transfer Provenance Details card to view the asset transfer provenance details

Transfer provenance

  • Open the Status Provenance Details card to view the asset status provenance details

Status provenance

4. Use case Scenarios

1. Merging Employee Data After an Acquisition

  • Scenario: A company has acquired three other organizations and needs to merge the employee data from all of them into a single central repository.
  • Outcome: The company now has a unified view of all employees, with digital identities consistently maintained across the acquired entities.

2. Tracking Employee Transfers Between Organizations

  • Scenario: An employee is transferring from one organization to another within the context of a parent company.
  • Outcome: The transfer is successfully tracked and documented, and the employee’s digital identity is consistently maintained across both organizations.

3. Terminating an Employee’s Access

  • Scenario: An employee in one of the organizations is being terminated, and their access needs to be revoked across all related entities.
  • Outcome: The employee’s termination is reflected across all relevant organizations, ensuring consistent deactivation of their digital identity and access.

4. Re-importing Employee Data After Organizational Unit Change

  • Scenario: An organization undergoes a departmental reorganization, and new employees need to be added while some existing employees require updates.
  • Outcome: The central repository is updated with the latest employee data without creating duplicate identities, ensuring accuracy and consistency.

5. Audit and Review of Asset Transfers

  • Scenario: The company wants to review the historical records of employee transfers between its various organizations.
  • Outcome: The company’s admin team can track and audit all asset transfers, ensuring transparency and a complete history of employee movements across the organization.

5. Conclusion

By following this guide, administrators can effectively import, merge, assign digital identities, and manage assets.