| Entitlement Reviews and Access Certification |
Managers and business owners certify access rights with a simple web-based solution
Flexible rules-based workflow defines custom approvers at various phases of a certification. |
Provides company-wide attestation of employee access rights and privileges required for IT best practices and compliance-related audits (SOX, HIPAA, GLBA, ISO 27001, PCI, and others)
"One-click" evidence of compliance provides evidence of control to external auditors. |
| Fuzzy ID and the Identity Mapper |
Link users from disparate applications even when no consistent login ID exists
Proprietary name-matching algorithms automatically identify the same user in multiple systems even with no common attribute
|
Solves one of IT’s largest challenges, how to view access rights when no common attributes exist
Eliminates the need to modify applications to insert a unique identifier
Establishes a single repository of all access data across the entire enterprise |
| Role-Based Certifications and Role Definition Tool |
Define roles and role memberships
Perform certifications by roles and exceptions to improve accuracy and relevance
Perform what-if scenarios to define cross-application enterprise roles |
Improves relevance of certifications by reviewing a handful of roles instead of hundreds of privileges
defines and manages roles by comparing role memberships and exceptions
|
| Separation of Duties (SOD) |
Create cross-application privilege conflict rules
Report on violations to policies
Alert administrators and business owners when violations are detected |
Prevent fraud by limiting excessive privileges
Enforce key SOD compliance controls
Highlight individuals with inappropriate access rights |
| Consolidated View of
User Access Rights |
Custom reports show real-time and historical data
Orphaned user accounts from transfers and terminations are detected and reported
Historical record of access rights compliance
|
Reveals users with inappropriate combinations of access rights
Discovers orphaned or lost user IDs
Provides documentary evidence of meeting access-related compliance controls
|
| Integration with Existing Systems and Processes |
No agents required for deployment
Compatible with all identity management products
and data repositories |
Accelerates deployment by minimizing impact to existing enterprise systems and applications
Provides simple data import methods from both off-the-shelf and custom applications |
| Real-Time Alerting |
System monitors for changes to user access data
Simple interface for configuring custom alerts and actions |
Generates alerts if access data has changed since the last audit scan
Detects unauthorized changes to systems |
| Automated Discovery |
User access rights and group memberships are automatically discovered and processed
Support provided for wide variety of commonly used applications without product customization |
Consolidates user data from diverse systems and groups by user and application
Enables Access Auditor to provide a near real-time view of user entitlements |
| Executive Dashboard |
Progress of on-going reviews reported in real-time
Remediation efforts tracked for inappropriate rights |
Presents current status of compliance efforts at a glance |
