Skip to main content

Lack of Accountability - Hitachi ID Access Certifier

Business Challenge

In many organizations, users move between projects, departments and locations. As this happens, users acquire new access rights but rarely relinquish old ones.

To meet regulatory requirements, organizations often must attest to the relevancy of sensitive entitlements: should user X have entitlement Y? Who authorized that assignment? When was the entitlement last reviewed and approved? These questions form a trail of accountability.

Hitachi ID Access Certifier Solution
  • Even in organizations where no record is kept of how a user first came to have a entitlement, Access Certifier can be used to invite relevant stake-holders to review and recertify user rights.
  • Access Certifier works by sending managers, application owners and data owners invitations to review lists of users and their entitlements.
  • Certifiers review and either accept or reject each of the the entitlements in a list they are shown.
  • At the end of a certification round, there is a clear record of who approved each remaining entitlement.

Access Certifier creates accountability for access rights, even where original records are unavailable.

Read More:

  • Incomplete Deactivation:
    Access deactivation can be slow, unreliable or incomplete.
  • Policy Violations:
    Manual security administration leads to users whose access profiles violate corporate policies.
  • Privilege Accumulation:
    Over time, as users move through an organization, they accumulate new privileges and retain older, no-longer-needed rights.
  • Lack of Accountability:
    There is often no history indicating who approved security privileges and when they were last reviewed.
  • Auditing User Entitlements:
    Auditing user privileges that span multiple systems.
page top page top