SSO and OKTA PEP – Case Study by AssetMark


AssetMark’s versatile eWealthManager advisor and investor platform is a one-stop portal that combines both client management and account administration functions. Secure single sign-on (SSO), seamless federation with technology partners, and secure multi-factor authentication (MFA) are all critical aspects of the portal to ensure high customer satisfaction while enforcing modern security requirements.  A significant challenge for AssetMark was centralizing various internal and cloud-based identity and access control technologies with an on-premise, high performant, cyber-secure Policy Enforcement Point (PEP).  To complicate matters, the eWealthManager portal services multiple types of users whose experience accessing, and then within, the portal may vary greatly depending on who they are.

To meet these challenges, AssetMark deployed Forum Sentry as an in-line gateway/cyber-secure PEP to provide dynamic data security for the bi-directional traffic (data coming in and data going out).   Forum Sentry combines data security with identity policy enforcement to provide a seamless user experience and agentless PEP to unify SSO across multiple identity repositories and SaaS providers such as OKTA.  

By adopting Forum Sentry as its portal gateway and cyber-secure policy enforcement point, AssetMark has been able to achieve high customer satisfaction while delivering a fast, modern, and secure SSO experience for their varying user groups.

Read the full case study here