About Marketing Platform security features

Security technologies used in Marketing Platform

Marketing Platform employs industry-standard encryption methods to perform authentication and enforce security across all HCL Marketing Software applications. User and database passwords are protected using a variety of encryption technologies.

Permission management through roles

Marketing Platform defines the user's basic access to the functions within most HCL Marketing Software applications. In addition, for Campaign and Marketing Platform, you can control a user's access to functions and objects within the application.

You can assign various permissions to roles. You can then manage user permissions in either of the following ways.

• By assigning roles to individual users
• By assigning roles to groups and then making users a member of that group

About Campaign partitions

Marketing Platform provides support for partitions in the Campaign family of products. Partitions provide a way to secure the data associated with different groups of users. When you configure Campaign or a related HCL Marketing Software application to operate with multiple partitions, each partition appears to application users as a separate instance of the application, with no indication that other partitions exist on the same system.

About groups

A subgroup inherits the roles assigned to its parents. An administrator can define an unlimited number of groups, and any user can be a member of multiple groups. This makes it easy to create different combinations of roles. For example, a user could be an eMessage administrator and a Campaign user with no administration privileges.

A group can belong to only one partition.

Data source credential management

Both users and administrators can set up the user's data source credentials in advance, so the user is not prompted to provide data source credentials when working with an HCL® application that requires access to a data source.

Integration with external user and group management systems

Marketing Platform can be configured to integrate with external systems that are used to manage users and resources centrally. These include Windows™ Active Directory Server, other supported LDAP directory servers, and web access control platforms such as Netegrity SiteMinder and IBM Security Access Manager. This reduces errors, support costs, and the time needed to deploy an application in production.

SAML 2.0 support

Marketing Platform supports SAML (Security Assertion Markup Language) 2.0 for the following.

• SAML 2.0 federated authentication, which enables single sign-on access among diverse applications.

  You can use federated authentication to implement single sign-on between HCL Marketing Software applications and other HCL applications or third-party applications.

  The Marketing Platform installation includes the following components that support federated authentication.

  • An identity provider server WAR file.
  • A client JAR file that you can use with Java™ applications to generate and parse SAML 2.0 assertions. The Java products that you integrate with HCL Marketing Software use the assertions to communicate with the identity provider server.
• SAML 2.0 single sign-on

  A fully functional SAML 2.0 IdP server is a prerequisite for this integration.

  After you set up the required configuration properties and a metadata file, users who attempt to log in through the Marketing Platform login page are authenticated through your organization's SAML 2.0 Identity Provider (IdP) server.

  Users who are logged in to any application that uses the IdP server for authentication can access HCL Marketing SoftwareHCL Marketing Software without logging in again.

Data filters

Marketing Platform supports configurable data filters that allow you to specify data access restrictions in HCL Marketing Software products. Data filters make it possible to restrict the customer data that an HCL Marketing Software user can view and work with in HCL applications.