Tag Archives: Identity and Access Management

Wait, I have to have WHAT in place by May 25, 2018?

We’re THIS close to inventing a drinking game everytime someone says GDPR. It’s quite fascinating to see how much is going to change with this regulation. Just like college, everyone is scrambling to meet the deadline of May 25, although the regulation came into place in 2016 and this is technically a “grace period”. Personal data and privacy are more important than anything else. We bet you now regret the time you clicked on “What does your favorite pizza topping say about your personality?” in exchange for all the personal data you submitted at the time – without so much as a second thought.

GDPR is going to change everything and place user consent on top, which is great. But if you’re an enterprise dealing with data of anyone living in the EU, you’ve got a lot to do. We put together a few questions we encountered, let us know if these help!

What exactly do I need to have in place to be in compliance with GDPR?

In this article we’ve listed 7 pragmatic steps you can take depending on where you are on the journey. Here’s a quick look of what they are:

  1. Build awareness around GDPR: in-depth awareness and building in-house expertise on all aspects of the regulation.
  2. Analyze if you’re company is affected: if you’re dealing with PII (personally identifiable information) of “residents” in the EU, then your company must deal with GDPR.
  3. Review the impact of your current data: thoroughly evaluate if all data collection methods used the necessary consent and furthermore, if you are able to demonstrate proof of consent.
  4. Review your systems and processes: review data storage and access mechanisms, and specifically decide if a data processing impact assessment (DPIA) must be carried out. It’s recommended you get a professional’s help with this.
  5. Implement necessary safeguards: adjusting business processes, upgrading software/storage systems, training for staff members, and introducing auditing systems.
  6. Appoint a DPO/EU representative: to address GDPR related matters within the organization such as advising staff members on data protection procedures, monitor compliance, and act as the point of contact for supervisory authorities when liaising with them.
  7. Revise your documents and policies: thorough review of all documents and policies of the organization such as websites, terms and conditions, privacy policies, and social channels.

I’m a company in Milwaukee/Bikini bottom [or insert wherever you’re from]. Should I concern myself with GDPR and if so, to what extent?

As long as you’re dealing with PII – Personally identifiable information of those living in the EU, GDPR affects you. From a small retail company to a large financial organization, as long as you deal with Karen who lives in Norway, your company must be compliant with the law. You can find a link to all the laws here.

Should we extract and provide all of the customer data if requested by the customer? All the data or just the personal data like name, address, email, etc? Should we also extract the old orders that we have stored in the system?

Yes. Absolutely. There’s a right on “data portability”, meaning there should be a mechanism to access all the details if an end user wants to. Remember that with GDPR, it’s all about the customer and their rights must be given the utmost priority.

All data or personal data?

All the data. Whatever that’s stored, for whichever reason, should be made available if the user requests. The key term here is, PII – personally identifiable information. And if individuals want their data erased, you must adhere to it too.

Does WSO2 provide consultancy to make an organization GDPR compliant?

If it involves technology such as using WSO2 products, yes, we can provide consultancy to help your organization. Successful GDPR compliance require changes in people, process, and technology aspects. WSO2’s suite of technologies can be used to make your organization GDPR compliant. To reiterate, if you’re looking for consultancy from a technology perspective and if it concerns our products and technology, yes, we provide consultancy based on that.

How can you help me speed up the process? What tools do you provide? / How exactly are you helping to implement GDPR compliance?

WSO2 provides a stack that’s fully GDPR compliant, this includes the WSO2 Identity Server, Enterprise Integrator, API Management, and the open banking solution. This article will help you understand what you need to look for when searching for a GDPR compliant IAM product and how it helps to optimize your GDPR strategy. WSO2’s open source Identity Server in particular can help you save time and cost involved given the consent management and the privacy tool kit in our latest release. Get in touch with us if you’re building your own solution or if you have any questions. What our products will essentially do is, help you build a GDPR compliant solution. You can find out more here.

Should we perform pseudonymization of the database in order to protect our data?

If by our you mean your customer, yes. Performing pseudonymization is in fact a best practice. So yes, by all means. If the end user requested you to erase their data, you should comply according to the “right to be forgotten” rule. Having a proper IAM solution in place to do this would be helpful too. We also have a privacy toolkit that will enable you to do that, learn more here.

We are a company who is doing business with EU customers. We maintain their data in our CRM, do we fall under GDPR? In this case how can we collect consent of customer of CRM?

Yes, you are processing, collecting details of EU residents, therefore you are affected by GDPR.

What if legacy apps are involved?

GDPR is focused on the end user, doesn’t matter how your business does things, whether it is cutting edge or not. So even if it’s legacy apps you work with, you must have processes in place that will bridge between the applications and the regulation.

Are there examples of what other companies have done to become GDPR compliant?

It might be not explicit but if you do a quick search or pay attention to your inbox, a lot of other companies might be already sending you mails saying updating their privacy policies meaning that’s them taking steps to become compliant. And that’s just one part of ensuring explicit consent.

Did we miss a question? Get in touch with us and we’ll get back to you!

5 Countries, 14 Cities: WSO2’s IAM Summer Tour

Given the needs for regulatory compliance, the need to offer a customized experience for customers and employees and tightening privacy controls (think Cambridge Analytica), having a solid IAM system solves more than just a simple IT problem of connecting identities.

Certain debates you need to resolve within your team is what kind of technology (we suggest IAM) will help you accelerate your compliance processes especially with having to meet deadlines. Or if adopting an open source IAM solution would offer more value as opposed to a traditional IAM solution and if it offers better capabilities or create additional privacy or security issues. What must you look for when opting for Customer IAM solution and what value do you create by prioritizing these?

WSO2’s Senior Director of Security Architecture, Prabath Siriwardena (fresh out of sabbatical), is going to hit the road starting April 30 and we’re going all out with everything we know on identity and access management and how adopting open source IAM can help you better with your IAM strategy. He’s got a jam packed schedule and given his expertise of over 10 years including extensively speaking at conferences worldwide (he just spoke at RSAC 2018, sold out his books on API security), we think you should be marking your calendars just like you’re waiting for the final GOT season.

Here is a partial list of the topics we will cover:

  • Improving app IAM: About 71% of enterprise security decision makers believe that securing customer facing apps is a critical priority. So here’s what it means. You need to ensure that you have an effective customer IAM solution in place that offers BYOID, progressive profiling, strong SSO and authentication, and self-care portals to secure your customers data and offer them and engaging experience. What should you have in place so your IAM solution can address these?
  • Securing APIs: APIs are everything and most enterprises are increasingly adopting and exposing APIs with more 3rd parties involved. Are your APIs secure enough and what best practices should you adopt?
  • The IAM and Compliance Relationship: In the wake of privacy and regulations like GDPR, what steps are your enterprise taking to be compliant?

Find the answers to these and more! We’re starting with Canada and taking it all the way to WSO2Con USA.

Here’s where we’re going to be:

Canada

USA

Sri Lanka

  • May 30 – Jaffna

Singapore

UAE

  • June 6 and 7 – Dubai

Learn more about our events and how the WSO2 Identity server can help your enterprise.

Three Months in to PSD2 – Confessions of the WSO2 Open Banking Team

It’s been 3 months since the PSD2 compliance deadline and the dust is settling in. Or is it really? Just like when it started, the post PSD2 landscape is viewed from different angles. It has been called everything from a ticking time bomb to a slow burn to a never ending honeymoon period. We think the biggest surprise was that everyone thought that January 13 was the end. It wasn’t, it was the beginning.

When we created WSO2 Open Banking, we knew customer needs would be diverse and every technology experience we deliver would be unique. Turns out we were right. Our journey with WSO2 Open Banking has unraveled some interesting experiences while working with different stakeholders in this compliance ecosystem. Here’s what we learned.

Confession #1: (Almost) Everyone was late to the party

Everyone (including us) started counting down to PSD2 from 6 months to 3 months to 1 month. But the reality was, January 13 was just the date when PSD2 was implemented by the EU parliament as a European-wide regulation.

Several regions across Europe chose to deal with imposing PSD2 in their own way. We’ve been tracking the country-specific deadlines quite closely and about 46% are yet to set an official deadline for compliance. We believe that the final date for compliance will be when the Regulatory Technical Standards (RTS) come into effect in September 2019. That’s good news for us because there’s still a large viable market for compliance technology! ;)

Confession #2: Compliance confusion did not discriminate

Over the past several months, we’ve worked with many banks of different sizes across Europe and they all had similar questions:

This led us to believe that banks, regardless of size, require a lot of guidance in the compliance process. It’s a good thing we have a team of experts to do just that!

Confession #3: They came, they saw, they vanished

When PSD2 first started gaining traction in 2016, the knee-jerk reaction of every API management and integration vendor was “this is a goldmine of opportunity we cannot miss”. So they went head on into the market with an existing product. Come 2018 when the need for compliance technology has evolved, these “first mover” technology vendors have gone quiet.

It remains uncertain whether it was the lack of a well thought out strategy to keep consistent market demand, fintech domination, or not giving the compliance market the attention it deserved. One thing is for sure, this is a highly competitive market for technology vendors like us. But no complaints, we love a challenge and are pretty good at winning them!

Confession #4: API standards (and the organizations writing them) are a solution providers BEST friends

A lot of shade gets thrown at not having a common API standard across Europe (version 1.1 of the Berlin Group API specification is yet to come, we’ve got our eyes peeled for that). However, Open Banking UK has got this in the bag by having a comprehensive API specification that WSO2 Open Banking supports.

When we first started out, these standards really helped set the base for building our solution. Our development team continues to spend a good couple of hours every week identifying latest improvements in the specifications and contributing to their development by participating in working groups.

Confession #5: Compliance is not a back breaker…it just needs a well thought out strategy

A lot of banks think of compliance as a major headache and seek a “quick fix” to compliance just so they can tick off the checkbox. The reality is, quick fixes can do more damage than good. PSD2 compliance is a big deal and if you go into it without a strategy, that’s cause for alarm. Even if you don’t have a dedicated open banking or compliance team you can still get the job done.

You just need to rally the right members, set your goals for compliance and figure out what you need from a technology vendor. Then you need to pick the technology that gives you value for money and won’t take eons to work with your systems and deliver compliance. It’s a matter of working closely with a solution provider towards a common goal.

Confession #6: Do your research or go home – The learning never stops

There is a minimum of 3 articles written a week on open banking. Everything from thought leadership material, opinion pieces (like this one), and publications from standards continue to explore and discuss this ecosystem. And what we learn from our conversation with customers is an invaluable source of research to keep abreast of where the market is heading. We treat each of these as a unique source of intelligence and they continue to nurture our product management, sales, and marketing strategies. It’s the only way to survive in an ecosystem as dynamic as this one.

It’s been a great ride so far and we can’t wait to see what comes up next! No doubt there will be plenty more surprises and exciting developments to look forward to!

The WSO2 Open Banking Team

Helping You Say GDPRghh Less – Meet Us at the GDPR Summit London!

The process of becoming compliant with the General Data Protection Regulation (GDPR) isn’t simple. Anyone who says otherwise isn’t telling you the truth. However, you can make the process tolerable by using the right technology.

The prime focus of our spring release was to ensure that the entire WSO2 platform is compliant and for our products to be able to provide rapid growth by leveraging the regulation. For instance, WSO2 Identity Server is now able to provide end-to-end consent management as well as the ability to anonymize user data which adheres the ‘right to be forgotten’ rule.

To further help you accelerate compliance, Sagara Gunathunga, a director at WSO2 and a key member of the WSO2 IAM team, will be speaking on “Best Practices: How to Optimize Your GDPR Strategy” at the GDPR Summit held on April 23 at 155, Bishop Gate, London. During his session, he will explore

  • The main factors for optimizing your strategy
  • The role played by IAM
  • How technology helps organizations leverage GDPR to drive growth
  • How to stay up-to-date with other privacy regulations

The event usually witnesses at least 500 attendees and aims to provide an actionable and practical roadmap for organizations to become GDPR compliant. Described as high impact, content-rich and jargon-free, over 40 expert speakers are scheduled to speak at this one-day conference.

Come say hi to our team and attend Sagara’s talk at the GDPR roadmap theatre. Click here to find out more!

Won’t be able to attend? Sign up for our ongoing webinar series to learn about all things GDPR!

Roses are red, violets are blue. We don’t have time to rhyme because the GDPR deadline is coming up soon!

At our last webinar on the General Data Protection Regulation (GDPR) hosted by Prabath Siriwardena and Asanka Abeysinghe, we looked at technical aspects of the regulation and what steps you can take to ensure your security strategy is primed for GDPR.

With less than two months to go, what you need now is the right approach to accelerate your GDPR compliance journey. According to a survey conducted by Forrester research1 a few months ago, 11% of firms are still unsure of what needs to be done and 29% of fully compliant companies may have taken some incorrect steps. This can cause serious issues and lead to hefty fines when scrutinized by governing bodies. From an industry perspective, while financial industries are usually ahead given the constant regulations, media and retail industries could be lagging behind in getting their systems and processes into place.

Your enterprise’s longevity depends on the trust you build with your customers. That’s why user consent and privacy are vital. If the aftermath of the Facebook – Cambridge Analytica scandal taught us anything, it’s that. GDPR may seem like a daunting challenge at first, but by adopting the right technology you can move beyond compliance and take advantage of the regulation to gain your customers’ trust, strengthen their loyalty, and grow your business rapidly.

To help you grasp the complex processes involved in GDPR compliance, the WSO2 Identity Server team is conducting a series of seven webinars which explores how our products are GDPR compliant and what steps you can take to accelerate compliance.

  1. April 10: Accelerating Your GDPR Compliance with the WSO2 Platform – Sagara Gunathunga, Director, WSO2
  2. April 17: The Right Steps to Becoming GDPR Compliant – Darshana Gunawardena, Technical Lead, WSO2
  3. April 24: GDPR Compliance with WSO2 Identity Server – Ayesha Dissanayaka, Senior Software Engineer and Hasintha Indrajee, Associate Technical Lead, WSO2
  4. May 2: GDPR and API Security – Sanjeewa Malalgoda, Senior Technical Lead, WSO2
  5. May 8: The Role of GDPR in Customer Identity and Access Management – Rushmin Fernando, Technical Lead, WSO2
  6. May 15: GDPR Compliance by Design – Ruwan Abeykoon, Associate Director/Architect and Jayanga Kaushalya, Senior Software Engineer WSO2
  7. May 22: The Impact of GDPR on User Experience – Dakshika Jayatilake – Associate Technical Lead, WSO2

Sign up and spread the word!

1 Forrester Research, Inc. “The State Of GDPR Readiness GDPR Readiness Progresses, But Strategies Depend Too Heavily On IT” by Enza Iannopollo with Laura Koetzle, Stephanie Balaouras, Elsa Pikulik and Peggy Dostie, January 31, 2018

We Did It! WSO2 Identity Server is Now OpenID Certified

We thought turning 10 was a reason enough to celebrate, but we’re not done with the celebrations yet. Our Identity Server (IS) team has been working to keep that momentum going. We just became OpenID certified!

Being OpenID certified by the OpenID foundation is a big deal. What is OpenID? OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. “We’ve been compliant with OpenID standards for a long time,” says an ecstatic Prabath Siriwardena, WSO2’s Senior director of security architecture. “Getting the certification puts a stamp on it and gives the assurance users are looking for,” Prabath explains.

WSO2 Identity Server is the most extensible and fully open source IAM provider that can help connect and manage your identities. It’s a key enabler of digital transformation. Our single sign-on bridges protocols such as OpenID, has been a key component offering solutions to enterprises in education, telecommunication, and health among others.

By becoming OpenID certified, we’re joining a list of industry giants who also have this certification including Yahoo! Japan, University of Chicago, Verizon, Salesforce, Paypal, and Google. Now WSO2 Identity Server can provide the assurance to its users that it really conforms to the profiles of OpenID connect protocol.

Kudos to our IS team on this feat and looking forward to many more successes!

Ask an Expert: Catching up with IAM Guru, Prabath Siriwardena

Prabath Siriwardena, WSO2’s senior director of security architecture, has a lot to be proud of. He’s an accomplished author, speaks at conferences such as Qcon, ApacheCon, WSO2Con, EIC, IDentity Next, OSCON and OSDC, and has over a decade of experience working with Fortune 100 companies.

We caught up with Prabath recently to get his take on the significance of GDPR, the future of open source IAM solutions, his personal journey at WSO2, and why he believes the world always needs fresh ideas.

1. What has your journey at WSO2 been like, Prabath?

I completed 10 years at WSO2 last year, having joined on the 1st of November 2007. It’s been a great journey with an awesome set of people around me – both the colleagues at work and the customers.

The joy of working at WSO2 is that you always get an opportunity to help someone solve a challenging problem.”

I’ve learned a lot from both these groups. The joy of working at WSO2 is that you always get an opportunity to help someone solve a challenging problem. It can be as simple as building a federated login scenario with a SaaS vendor to more complicated use cases like building an identity architecture to accommodate millions of users. Overall it’s a very satisfying, rewarding journey – looking back, I’ve enjoyed every second of it.

2. What’s the most recent problem you’ve helped solve?

I get the opportunity to talk to and work with many WSO2 customers, each problem is quite interesting. Engaging with customers allows me to understand their pain points. Once you know their pain points, you can work with them to find and build a solution.

Let me give you one example. Recently we worked with a customer based in San Francisco, California, a large company with hundreds of departments. Each department has its own applications and an identity store. The employee records are scattered between those different identity stores – and a given employee has to maintain multiple records under each department if they have to access any of the applications provided by that department. This has been the way the company operated for several years. A real productivity killer – but, convincing 100+ departments to build a unified identity platform across the company was challenging, both technically and politically. We’ve had several long discussions with their technical teams and is now in the process of building a unified identity platform with WSO2 Identity Server, in a phased approach.

3. GDPR has surely caught on and everyone is throwing this term around. But there’s a deadline approaching and we need to act fast. What’s the simplest way an enterprise can get started and what do they need to keep in mind?

GDPR is a historical milestone in all the initiatives brought up so far to protect consumer privacy. Even though it’s more applicable to EU, it has a global impact in the way it’s designed. Becoming GDPR compliant starts with a self-assessment – understand what data you collect from your employees, partners, suppliers, customers, and any other entities you work with. Then you need to see how the data is being stored and processed. If you occupy third parties in the process of data collection – or if you share data with third parties for further processing, then you also need to worry about them being GDPR compliant. Once that’s done, you can come up with a phased approach to be GDPR compliant. It’s always recommended that you consult a lawyer or any GDPR consultancy firm to validate your approach and get their guidelines. GDPR is a law, so you should not mess with it!

There are no all-in-one or tailor-made solutions for GDPR. This is where WSO2 Identity Server has a key role to play. WSO2 Identity Server, as an identity provider, gets directly involved in processing personal data. We have made the product GDPR compliant and also provide a portal for consent management.

4. What’s the future like for open source IAM solutions?

A decade back, the IAM market was mostly dominated by Oracle and IBM. The entry barrier was high and was not justifying the cost over the benefits.

Today the number of companies occupying an IAM solution is much better. Cloud-based IAM solutions and open source IAM solutions increasingly reduce the cost of entry.

There are more than 100 Universities in USA and Canada, using WSO2 Identity Server for free, with no support from WSO2. That’s the beauty of real open source.”

According to Gartner, by 2021 open source IAM components will be used for one or more IAM functions by 30% of organizations, up from 20% at the end of 2016. Apart from open source, there are a large number of companies that use homegrown IAM solutions – around 20%. In the next few years, I would expect these companies using homegrown IAM solutions to select an open source IAM product. Unless you have a dedicated set of engineers, who have expertise on IAM, it’s hard to keep up with the pace in which the IAM industry is evolving.

Another important fact I would like to highlight here is open source licensing. Not all open source licenses give you the same level of freedom. Apache 2.0 is the most business-friendly open source license. You can do anything with a product released under Apache 2.0. All WSO2 products are released under the Apache 2.0 license and WSO2 is the 8th largest open source software company. There are more than 100 Universities in USA and Canada, using WSO2 Identity Server for free, with no support from WSO2. That’s the beauty of real open source.

5. What are the benefits of an open source IAM solution?

There are multiple reasons why someone would pick an open source IAM vendor over commercial off-the-shelf (COTS) software. At one point, COTS had an edge over the features, but no more. Most of the open source IAM products out there can compete with any COTS product, in terms of features, and of course, perform better.

Then the cost. Most of the open source products do not have any licensing cost, but a production support model. This definitely reduces the initial product purchasing cost. One key reason I see why people go for open source IAM products is the ‘freedom’.

Most of the open source IAM products out there have a proven track record. I can speak for WSO2 Identity Server, where we have many large scale deployments around the globe, for millions of users.”

The freedom to examine the source code, freedom to extend the capabilities, and freedom to make business decisions.

That’s about scalability, how about security? Irrespective of a product being open source or not, you need to worry about the security of the product. At WSO2, we put a lot of effort into building all WSO2 products in a secure manner. We use both open source (OWASP ZAP) and commercial code scanning tools (Veracode, IBM AppScan). All these tools are integrated into the build system and no product releases are done without fixing any of the reported issues.

6. How did you start working in IAM?

It just happened. When I joined WSO2 in 2007, I was assigned to the WSO2 Identity Server team. At that time it was called, ‘Identity Solution’ – and we only had 4 members in the team. WSO2 was founded in 2005, where SOAP, SOA, web services were at the top of the hype. We had a strong, solid foundation in that space. Both of our founders are pioneers in the web services domain, and authored many key web services specifications. Axis2, Synapse, Rampart, WSS4J are top open source Apache projects initiated and mostly contributed by WSO2 employees at that time. Apache Rampart is the web services security module for Axis2 – and it has all WS-Security, WS-Security Policy, WS-Trust specifications covered. Around 2006/2007 we were closely working with Microsoft for interop testing, and that was the time Microsoft came up with an open specification called ‘Information Cards’, which is based on WS-Security and WS-Trust. Since we already had them implemented in Rampart, it only needed a little more effort on top of that to build support for Information Cards. That’s how the WSO2 Identity Server was born in 2007 – and it was one of the very first implementations of Information Cards in Java.

7. What is your proudest accomplishment in recent times?

WSO2 Identity Server celebrated its 10th anniversary in December 2017. Looking back, there are many proud moments that were accomplished as a team. Today, WSO2 Identity Server is a globally recognized brand and is one of the top open source IAM products. There are more than 40 million users globally using WSO2 Identity Server for authentication on daily basis. There are more than 100 paying customers, which we are extremely proud of. Just to name a few, Nissan, HP, GE, Verizon, Vodafone, Seagate, Department of Homeland Security (DHS), Verifone, Align Tech, WEST, Nutanix, Trimble and many more. It’s extremely satisfying to see how the product evolved over the last 10 years and is now trusted by many Fortune 100 and Fortune 500 companies to build the most critical parts of their core business on top of WSO2 Identity Server.

8. What advice would you like to give a budding developer or an architect to better their career?

Failing to innovate is the biggest failure in anyone’s life. The world does not lack technical skills, but fresh ideas.”

Failing to innovate is the biggest failure in anyone’s life. The world does not lack technical skills, but fresh ideas. Fresh ideas are born when you start feeling your problems and those of others. You may choose to live with the pain or get rid of it by fixing the problem. The latter leads to innovation. There is always room for improvement, room for innovation. Capitalize on those and enjoy what you do.

You can follow Prabath here and read his blog here.

10 11 12 – WSO2 Identity Server Keeping the Bad Guys Away Since 2007!

WSO2 Identity Server turns 10 today on the 11th day of the 12th month of this year! Over the years the team has grown, research and development efforts have evolved, we’ve procured some big-name customers and various team members have gone on to publish stellar books on identity and access management.

To commemorate this day we thought we’d pick a few cool things (from a long list) about WSO2 Identity Server:

  • WSO2 Identity Server manages more than 40 million identities across the world.
  • Fully open source, WSO2 Identity Server has thousands of FREE users.
  • Mobile Connect support from WSO2 Identity Server is available for more than 900 million users in India.
  • Our first customer, ELM, manages over 4 million user identities and we’re still a part of their digital journey.
  • (Let the name dropping begin) Some of our other customers include Verifone, West Corporation, Verizon, HP, Seagate, Nutanix, T-Systems, and many in the educational industry such as Brigham Young University, New York University and Australian Catholic University.
  • We offer over 40 connectors in our connector store so that you can integrate with any system and enhance your system capabilities.
  • Single sign-on (SSO) and identity federation are our forte. You can ask any of our customers! Here’s a link to the latest version of the WSO2 Identity Server.
  • We were the winner for “Identity as a service” in 2011 at the KuppingerCole European identity awards. We also helped one of our customers to bag an award at EIC 2015 for their Mobile Connect implementation.
  • Prabath Siriwardena, our director of security architectures, is not only a renowned figure in the IAM space, but also the author of Advanced API Security, Maven Essentials and more.
  • Concerned about GDPR or PSD2? Want to know how Customer IAM can help you with digital transformation? We have got your covered for 2018 and beyond!

Congratulations to our IAM team for their amazing feats over the years and special thanks to one of our starting members Ruchith, who has gone off to accomplish amazing things! You can read Prabath’s blog to get the full low down on how we started.

iJet International: Transforming Identity Management for Increased Agility

iJet International provides customized risk management solutions, underpinned by intelligence, to global organizations for enhanced functionality and profitability. Their global intelligence experts monitor the world around the clock and empower their clients to respond to events such as natural disasters and political upheavals. The R&D at iJet is owned by their innovation arm, iJet Labs, who transformed their identity and access management (IAM) systems using WSO2’s IAM and API management capabilities. This transition was driven by a need to become more competitive, agile, and improve their business value for customers.

The pre-WSO2 days at iJet Labs were challenging, if it were to be described in one word. A centralized IAM solution was absent and in its place, there were purpose-built custom applications. As the user base increased, scalability became difficult and iJet could not always meet their various customers’ exact requirements. iJet Labs understood that it was imperative to create a centralized solution, which can be delegated to their clients to help meet their requirements and give them greater control of managing their credentials. At the time, user provisioning was a manual process. Even though this process was functional for several years, it was not necessarily user-friendly – there were examples of users repeating this process multiple times as they needed to access different types of systems.

Adding to their list of challenges, the architecture was an issue. From its inception in 1999, iJet has continually added many applications to their architecture, built on a central database. Yet again scalability proved to be problematic, as an application had to be scaled in its entirety and this was time consuming (though possible). “We are a product company, it is very important for us to market our ideas from the product team within the shortest possible timeframe. We need that market advantage, and this legacy architecture made it too difficult for us to be competitive,” says Ismail Seyfi, Lead Software Architect at iJet Labs.

iJet upgraded their architecture using WSO2 capabilities and migrated their servers to a WSO2 managed cloud. As big advocates of open source, Alfresco, Liferay, GeoServer, and Apache applications also contribute to their architecture. The WSO2 IAM platform has replaced iJet’s custom-built user and access management system. This introduction did not disrupt any existing applications, which now use proxy-based authentication. WSO2’s API management platform has enabled iJet to write microservices and replace their monolithic applications.

iJet Labs’ aspirations were not solely limited to revising their architecture, there were several deployment goals in mind as well. They wanted to build and configure an environment where new products could be developed efficiently without causing any interference to other development projects in progress. This was achieved by using an iJet development stack (which separates environments, installs software, and integrates them into one environment), base installation of WSO2 products and automated configuration. Ansible was adopted as the infrastructure and configuration tool. The positive results have become evident at iJet International. The changes have allowed them to integrate environments efficiently, provide dedicated environments to each development stream, sync environments with production, eliminate manual changes, and provide a single source of truth for configurations.

Listen to iJet International’s presentation by Ismail Seyfi and Matt Barnes (Automation and Software Engineer, iJet) for an in-depth discussion of this project.

Find out more about using WSO2’s IAM and API management platforms for business agility.

A Smarter Transport Management System for London with the Help of WSO2

Transport for London (TfL) has a daily challenge – to keep a city of over 8 million people moving around the metropolis. Its magnitude can neither guarantee the transport system will always absorb commuters nor give them a congestion-free experience. It is a place where the smallest of changes would have a massive impact on your journey. Citing an example, Roland Major, a former enterprise architect at TfL, says that a London Underground strike once saw a 3% increase in traffic and a staggering 90 minute increase in journey time. Estimates project a 60% increase in congestion around central London by 2031.

Given all these complications, TfL decided to become more intelligent with technology to reduce commuter times, make the roads safer for pedestrians, cyclists and drivers, and to slow the pace of traffic. Intelligence and data with a purpose are the buzzwords here. “We need better understanding of real-time demand. What insight can we get from our data, and how can we get innovative with all this information?” says Roland. He was actively involved with TfL’s Surface Intelligent Transport System (or SITS), a project that aims to better manage the city’s entire road space of pavements, cycle lanes, and motorways.

SITS’ business proposition is that it can offer billion pounds’ worth benefit to London by identifying delays in the road networks sooner than it is done at present: “We weren’t detecting incidents, and by the time we have detected them, they were already over. With technology, we can see these incidents early. We recognized that the market can do sensible things with our data,” says Roland. For example, within the traffic light system in London, TfL manages an estimated 7,000 junctions around the city and 14,000 magnetometers detect millions of daily events. This data is discarded after analysis; however, if used, TfL realized that the response time to delays improved by 15 minutes.

TfL has a 10 year plan in place, with all the of different required components mapped out. Data analytics form the core of this operational model. Data is obtained from GPS systems and bus routes. The road incidents are logged and used to determine what additional information is needed to understand and manage each leg of commuter journeys. All the data is hosted on the cloud and currently TfL is in the process of adding these components to the framework.

TfL’s transport management system

London’s new road management system relies on WSO2’s API management, integration, identity and access management, and analytics products for the intelligent work needed. These products are deployed on a private cloud managed by WSO2. The starting point – LondonWorks, a registry of all road works and street related events, both planned and current, in the Greater London area. LondonWorks is used to assess road networks, coordinate the various road works to minimize congestion and for inspection, compliance, and monitoring. Maps and forms of type data have been integrated to allow entry of incidents into the system and their identification on the map.

As their model progresses, TfL has ambitious plans for all the data they have streaming in – big data analytics to give them more insights to road movements, which will enable them to give the necessary alerts and empower them with smarter ways to deliver better, safer commuter experiences for London.

Watch Roland’s presentation for more details on TfL’s plans for London.

Explore the WSO2 middleware platform with its offerings in API management, integration, identity and access management, analytics, and IoT.

Did you know that WSO2 won TfL’s data analytics Hackathon contest? Learn all about it.