RISKRECON RELEASE NOTE
July 14, 2020
Release Name: Multi-Portal Single Sign-On
Availability Date: July 14, 2020
License Requirements: Available to all Customers
RiskRecon is pleased to announce the release of multi-portal single sign-on functionality. This provides you the option to subdivide your organization’s various RiskRecon use cases into separate portals, while enabling users to access their authorized portals using a single credential.
RiskRecon already provides powerful capability to organize companies within a single portal into separate folders and risk relationships. However, some customers desire stronger user experience and management separation. For example, a parent company may set up separate third-party risk portals for itself and each of its subsidiaries. With the multi-portal single sign-on capability, the administrator could grant security analysts of the parent company access to the portals of the subsidiary companies.
Multi-Portal User Experience
People who have access to multiple RiskRecon portals are presented an interstitial page upon successful authentication from which they select the portal they want to access.
Step 1. Authenticate to https://portal.riskrecon.com
Step 2. Select the desired portal – RiskRecon automatically directs you to the selected portal
Step 3. Switch portals by selecting Account > Switch Portals
Establishing and Administering Multiple Portals
RiskRecon customer support professionals implement new portals on your behalf. You administer who has access to the portals and the companies contained in each. The process for implementing and maintaining multiple portfolios is outlined below.
Instantiating a New Portal
To instantiate a new RiskRecon portal for your organization, contact RiskRecon customer support. RiskRecon support will gather necessary information, including the purpose of the portal (used for creating a meaningful name) and the named administrator(s) for the new portal. The portal administrator you specify must have an email address that is owned by your organization or a subsidiary.
Requests to create a new portal may only be submitted by an existing RiskRecon portal administrator or a registered account contact.
Administering Multiple Portals
All portal configuration and user administration functions are performed within each given portal. As such, a new portal is configured by the portal administrator by logging into the new portal. If the administrator has access to more than one portal, a portal selection module will display from which the administrator selects the new portal.
Example Multi-Portal Use Cases
Parent/Subsidiary Company Portals
Situation: Enterprises often have subsidiary organizations that have separate risk management teams, each of which have a separate third-party risk portfolio. Some people within the parent organization may require visibility into the subsidiary RiskRecon portfolios. Solution: Create separate portals for the parent and each subsidiary. Grant Analysts from the parent organization permission to access subsidiary portals.
Own Enterprise/Third-Party Portals
Situation: It is common for organizations to use RiskRecon to monitor their own enterprise and their third-party portfolio. Often the people focused on own-enterprise security are separate from the third-party risk team, neither having the need to view the other’s portfolio.
Solution: Create separate portals for the own enterprise and the third-party risk portfolio.
Mergers and Acquisitions
Situation: M&A activity is highly sensitive, information of which is highly restricted.
Solution: Create a separate portal dedicated to M&A activity.
Customer Support
You can learn more about this and other RiskRecon functionality through the support center, accessible from the RiskRecon portal. There you will find additional documentation and user videos. You are always encouraged to contact us directly through support@riskrecon.com or through the chat feature in the RiskRecon portal.