Home
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

Hitachi ID Access Certifier


About Hitachi ID Access Certifier

Hitachi ID Access Certifier is a solution for distributed review and cleanup of users and entitlements. It works by asking managers, application owners and data owners to review lists of users and entitlements. These stake-holders must choose to either certify or revoke every user and entitlement.

Access Certifier is included with Hitachi ID Identity Manager at no extra cost.

Business Challenge
Solution and Features
  • As users move through an organization, periodically changing job functions, they tend to accumulate privileges.
  • Over time, a user who has had many different jobs will accumulate many privileges:
    • Some of the privileges are no longer required and
    • some of them may be inappropriate to that user's current job.

  • This process is called privilege accumulation and can lead to situations where users have so many rights that they can bypass internal controls, possibly violating regulatory requirements for privacy protection or transparent corporate governance.

Access Certifier enables organizations to automate access certification (also known as attestation) processes, which ultimately help to find and deactivate inappropriate security entitlements.

  • Access Certifier can invite managers, group owners or application owners to review a list of users and entitlements within their scope of authority.
  • These business users either certify that security rights are appropriate or flag them for further review.
  • Flagged entitlements are routed to other users using a built-in approvals workflow.
  • Security rights that are both flagged and subsequently approved for removal are deprovisioned on integrated systems and applications.
  • System administrators may be invited to manually deactivate entitlements on un-integrated or partly integrated applications.