IDSync Comes to IBM i from Trucking World
September 18, 2012 Alex Woodie
One of the new software vendors you might have seen at IBM i conferences this year is InnerApps, the Ohio-based developer of an identity management solution called Identity Syncronizer. The company, which was spun off from an IT services firm with experience in the IBM i trucking software world, is ramping up the visibility of IDSync, which allows companies to extend the power of their Microsoft Active Directory software to manage identities and employee access to non-Windows computing resources.
InnerApps was founded in 2010 as a subsidiary of Tranztec Solutions, an IT services and hosting firm that is well-versed in the implementation and management of IBM i-based dispatching applications, including the TL2000 and Innovative IES ERP systems from TMW Systems (which incidentally is being gobbled up by location-services giant Trimble).
IDSync started out as many commercial projects do: as a one-off project by an IT services firm. According to InnerApps vice president of operations Marty Remi, Tranztec had been hired by a large international firm to create a better way of handling user provisioning and password changes for its 2,000 employees. “They were consuming a lot of IT ops bandwidth with fairly menial tasks that gets tin the way of getting things done,” Remi tells IT Jungle. “They liked it and said, ‘Why don’t you do this for our hosted Exchange environment?’ So we moved on from there.”
Tranztec began offering IDSync as a shrink-wrapped product in 2008, and in 2010 it formed InnerApps to market and sell it. This year, the company has been focusing on ramping up the visibility of IDSync. That effort brought Rimi and other executives to Anaheim, California, this May, when they attended the COMMON conference as attendees.
The business plan and the sales pitch for IDSync is pretty straightforward. If you have trouble keeping track of the identities of all your employees and which applications they have access to, and you already have Active Directory software and skills, then you are ready to use IDSync and to eliminate much of the manual work involved with managing those identities.
“You have to have a certain scale before identity management starts to become a problem for you,” Remi says. “A company with 10 employees, there is zero pain. There are 10 names, maybe half a dozen different apps, and I can do this in my head. By the time you get to 100 employees, it’s starting to get complicated. And by the time you’re at 200 to 500 employees, it’s starting to become impossible.
“We see 100 employees as kind of the threshold,” Remi continues. “By the time you’re done, you may have six, eight, 10 logins for each employee you’re trying to mange. And so the question is, how do you get that information from Active Directory to each one of those disparate applications? They don’t just naturally integrate. That’s what IDSync does. It gets rid of a lot of that redundancy.”
InnerApps has a handful of connectors for integrating the log-in credentials of various operating systems and applications back into Active Directory, including IBM i, Windows, Unix, the Parallels virtualization software, SQL Server, Exchange, cloud apps, Autotask integration software, and the Abridean provisioning environment. It also connects to several TMW applications, and the IBM i-based document management product called RVI from Real Vision Software, which is commonly found in trucking companies. It has plans to release another connector for Google Apps in the near future.
InnerApps doesn’t try to recreate functionality that’s already offered by Active Directory, such as enforcing password change policies. That’s already handled quite well by Active Directory, Remi says. Instead, it tries to provide additional functionality to Active Directory, including the connections to other platforms, bi-directional synchronization of changes to authentication information, self-service access for password resets, storage of transaction logs, and reporting.
Keeping auditors off the backs of administrators is one area that IDSync can provide a payback, Remi says. “You have all that maintenance work as people move from role to role, and then as they exit, you have the task of de-provisioning them. But how do I know I got all those passwords?” Remi asks. IDSync’s reports can analyze the transaction logs to prove that access has been fully revoked across all the applications that an employee used, and also tracks who made the changes.
The fact that Active Directory is firmly established in many midsize shops makes InnerApps’ job easier. “We integrate very deeply into Active Directory,” he says. “People who understand Active Directory will understand our application in about 10 seconds. But you do need to know the lingo. You have to know what a Domain controller is and you have to know what an OU [organizational unit] is, and those kinds of things.”
InnerApps sells all-inclusive subscriptions to IDSync that include all the software and all the technical support they need. The subscriptions start at $1.50 per user per month for smaller installations, and reduces to about $.28 per user per month for larger deals. The software runs on all the latest versions of Windows Server, Active Directory, and SQL Server. For more information, see the company’s website at www.idsync.com.