Janrain launches centralized data access control
The new Advanced Policy Manager provides what the company calls 'the first standardization of access control across sites and apps'.
Janrain makes its living by offering social sign-ons, so that members of Facebook, Twitter and other social networks can quickly employ the same log-ons for the sites and apps of about 3,400 brands.
In June, the company added a centralized way of managing user consent, called Consent Lifecycle Management. It offered one of the first ready-to-employ solutions to the upcoming user consent requirements of the General Data Protection Regulation (GDPR), which goes into effect in May.
Now, the Portland, Oregon-based firm has released its Advanced Policy Manager (APM), developed with data access and governance provider Symphonic Software.
It allows brands to control access to data from one centralized cloud-based location. Janrain Director of Product Marketing Sven Dummer told me that his company is the first “to offer a complete cloud-based standardization of access control across all apps and sites.” He noted that it works with other sign-on solutions, in addition to Janrain’s.
That access applies to users, such as when a bank manager might have access to financial records that a bank teller does not. But it also applies to brands, such as an airline that has been granted access by a passenger to her mobile phone number for travel updates.
Janrain notes that it previously offered some cloud-based controls, but application-specific control would typically reside with the application. Access rules for e-commerce, for instance, might lie with the e-commerce platform, while access rules for publishing would sit with the content management platform.
By contrast, APM offers the ability to create and manage business rules for access across a brand’s sites, apps, or specific resources within them, via API.
While it can help with GDPR administration, Dummer noted that this kind of centralized access can also assist with compliance for other standards, such as the Health Insurance Portability and Accountability Act (HIPAA).
In the screen below, for instance, the administrator has set up a policy requiring a user to give consent to use behavioral psychological data. Once consent is granted, the APM grants access: