idm and automated security entitlement systems
TRANSCRIPT
Traditional access management
• Challenge:• permission
management for shared resources across corporate networks.
• Sources of data:• Shared network drives• Mainframes• Cloud• DB2
Individual applications for each data source
• Problems include:• Time wasted through
repetitive data entry• Non-standardized
permissions between employees in same role.• Slow, inefficient, manual
rights administration• Locally stored forms often
outdated and inaccurate
Productivity impacts
• For each employee, obtaining complete access to all necessary shared resources can take up to one month.• Lost productivity
compounds over number of new employees per month.
Audit trail
• Each individual access application has multiple approvers. • Approval details often
stored on local spreadsheets or in email, making audits difficult, slow and expensive.
Rights rescission• Manual rights
administration combined with audit trail challenges = delays in removing rights upon employee termination or role change.• Unauthorized access =
liability.
Solution: Automated Security Entitlement System
• Characteristics:• Single, centralized database housing
current versions of all forms.• Single website linking to forms organized
by employee title.• Automatic emails sent to approvers with
bundled applications.• Streamlined approval or rescission
process.• Connectors automatically push approvals
or rescissions to data sources.• Approvals or rescissions stored in database
for audit trail.
Solution: Automated Security Entitlement System
• Off-The-Shelf Solutions:• Oracle Identity Manager Solution• CA Identity Manager• NetIQ Governance Suite
• SRI Custom Built Solutions:• Top to bottom identity management systems• Proprietary connectors to connect to Teradata,
Trivoli & Hadoop
Solution: Automated Security Entitlement System
• Benefits• Centralized, official location for all forms
= up to date permissions• Forms bundled via job role = uniform
rights across enterprise.• Employee information obtained from
Microsoft Single Sign On = efficiency.• Single application sent to approvers =
efficiency.• Approvals & rescissions completed with
one click = improved risk management.• Approvals stored in central database =
easier audit compliance & completion.