aiws baseline audit utility

1
? a i ws appointlink identy workflow soluons inc. www.appointlink.com Copyright © 2009 AppointLink Holdings Inc. All Rights Reserved BASELINE What’s your AppointLink Identy Workflow Soluons, Inc. has spent the past several years addressing the identy and access management concerns of our clients. Our client’s biggest concern has been simple yet perhaps the most crical. How do they accurately review their identy and access processes and gauge compliance? AppointLink believes the first step prior to making a major decision in identy and access management is to perform a measurable test for policy compliance using our BASELINE audit ulity. BASELINE will measure the compliance level between current provisioning access and its wrien policy. BASELINE provides a list of results which can help idenfy and resolve current identy management compliance issues. For more details contact Director of Sales, Daniel Moore at 314 968- 5129 to schedule a complete demo. Quickly re-audit and compare results. Pass 1 Pass 2 Pass 3 Pass 4 120000 96.950% 98.900% 99.235% 99.948% 56000 98.982% 99.230% 99.950% 99.998% 56000 94.700% 98.582% 98.580% 99.948% 8000 98.475% 98.813% 98.813% 99.663% Acve Di rectory (AD) % Compliant According to Policies Total Condions Vault - eDi rectory Producon - eDi rectory Clearly measure compliance. Customized audit scripts to match your policies. IDM BASELINE Compliance Audit - 9/17/2009 11:52AM Requires manual x or workowextensions for automated resoluon Can be automacally resolved using AppointLink provisioning funcons Pass 1 Pass 2 Pass 3 Pass 4 Resolved ->> Total Errors ->> 366132918 62 Code Error Resoluon Count (Users Aected) rffritr j. 1B Workforce IDis invalid rify then delete user object in vault. 3 1C Acve user not found in vault rce update in SQL withAcve toggle. 31 22 13 1E Invalid locaon in vault rce manual sync fromSQL on locaon. 111F Invalid placement in vault rce toggle of acve state. 193 131 5 sfr sf s. 1H Invalid department descripon rce toggle of acve state. 2A Invalid state for Login disabled in producon rce toggle of acve state. 62 18 18 r sf s. 2C Invalid tle in producon rce manual sync fromSQL 377 7 2D Invalid locaon in producon rce manual sync fromSQL on locaon. 351 20209 rfis rritr jr. 2F Acve user not found in producon rce update in SQL withAcve toggle. 34 23 23 2G Duplicate workforce IDin producon rify then manually update object in producon. 4 rritjr. 2I Acve user never logged in 90J r s sjr2L Invalid associaons Vault to Prod rce double sync. 7040404 s ris i. 2O Invalid Extension in producon irfr3B Producon users not found in Acve Directory rce synchronizaon on user 10775 22 Pass 1 Pass 2 Pass 3 Pass 4 120000 96.950% 98.900% 99.235% 99.948% 56000 94.700% 98.582% 98.580% 99.948% 8000 98.475% 98.813% 98.813% 99.663% Copyright © 2009AppointLink Holdings Inc. All Rights Reserved. Acve Directory (AD) % Compliant According to Policies BASELINE® Total Condions - irProducon - eDirectory

Upload: appointlink

Post on 06-Aug-2015

159 views

Category:

Business


0 download

TRANSCRIPT

Page 1: AIWS BASELINE Audit Utility

?aiws

appo

intli

nk id

entit

y w

orkfl

ow s

oluti

ons

inc.

www.appointlink.com

Copyright © 2009 AppointLink Holdings Inc. All Rights Reserved

BASELINEWhat’s your

AppointLink Identity Workflow Solutions, Inc. has spent the past several years addressing the identity and access management concerns of our clients. Our client’s biggest concern has been simple yet perhaps the most critical. How do they accurately review their identity and access processes and gauge compliance?

AppointLink believes the first step prior to making a major decision in identity and access management is to perform a measurable test for policy compliance using our BASELINE audit utility.

BASELINE will measure the compliance level between current provisioning access and its written policy. BASELINE provides a list of results which can help identify and resolve current identity management compliance issues.

For more details contact Director of Sales, Daniel Moore at 314 968- 5129 to schedule a complete demo.

Quickly re-audit and compare results.

Pass 1 Pass 2 Pass 3 Pass 4120000 96.950% 98.900% 99.235% 99.948%

56000 98.982% 99.230% 99.950% 99.998%56000 94.700% 98.582% 98.580% 99.948%

8000 98.475% 98.813% 98.813% 99.663%Active Directory (AD)

% Compliant According to Policies

Total ConditionsVault - eDirectoryProduction - eDirectory

Clearly measure compliance.

Customized audit scripts to match your policies.

IDM BASELINE Compliance Audit - 9/17/2009 11:52AM

Requires manual fix or workflow extensions for automated resolutionCan be automatically resolved using AppointLink provisioning functions Pass 1 Pass 2 Pass 3 Pass 4

Resolved ->> 0 2340 402 856Total Errors ->> 3660 1320 918 62

Code Error Resolution Count (Users Affected)1A Workforce ID in vault not found in Employee table Verify then delete user object in vault. 7 7 71B Workforce ID is invalid Verify then delete user object in vault. 3 3 31C Active user not found in vault Force update in SQL with Active toggle. 31 22 13 11D Invalid title in vault Force manual sync from SQL 61E Invalid location in vault Force manual sync from SQL on location. 17 171F Invalid placement in vault Force toggle of active state. 193 131 51G Invalid state for Login disabled in vault Force toggle of active state. 313 2511H Invalid department description Force toggle of active state. 42A Invalid state for Login disabled in production Force toggle of active state. 62 18 18 52B Inactive user logging in last 7 days Force toggle of active state. 12C Invalid title in production Force manual sync from SQL 377 7 7 62D Invalid location in production Force manual sync from SQL on location. 351 209 209 32E Workforce ID is invalid in production Verify then delete user object in production. 17 17 17 32F Active user not found in production Force update in SQL with Active toggle. 34 23 23 32G Duplicate workforce ID in production Verify then manually update object in production. 4 4 42H Duplicate CN in production Verify then manually update object in production. 4 4 42I Active user never logged in 9022J Active user has not logged in last 120 days 3072K Invalid Object Class Manually fix in production 5 5 52L Invalid associations Vault to Prod Force double sync. 703 403 404 72M Invalid associations on active users Vault to Prod Force double sync. 143 46 46 22N Missing Associations Force migrate. 58 58 582O Invalid Extension in production 13A Active Directory users not found in production Remove AD account 21 20 20 53B Production users not found in Active Directory Force synchronization on user 101 75 75 22

Pass 1 Pass 2 Pass 3 Pass 4120000 96.950% 98.900% 99.235% 99.948%

56000 98.982% 99.230% 99.950% 99.998%56000 94.700% 98.582% 98.580% 99.948%

8000 98.475% 98.813% 98.813% 99.663%

Copyright © 2009 AppointLink Holdings Inc. All Rights Reserved.

Active Directory (AD)

% Compliant According to Policies

BASELINE®

Total ConditionsVault - eDirectoryProduction - eDirectory