Skip to main content

Privilege Accumulation - Hitachi ID Access Certifier

Business Challenge

Over time, most employees and some contractors move from job to job. As employee responsibilities change, so do their required access to systems and applications.

Users can be counted on to request and acquire entitlements they need to do their job. Unfortunately, they cannot be relied on to ask for no-longer-needed entitlements to be removed. Most users:

  • don't understand the technical details of entitlements.
  • prefer to retain entitlements, in case they are needed again.

Reliable entitlement acquisition combined with unreliable entitlement removal mean that users tend to accumulate unneeded entitlements over time. This creates security exposure, as no-longer-needed entitlements may be abused.

Hitachi ID Access Certifier Solution
  • Access Certifier is an effective tool to periodically review the access rights held by each user and to flag inappropriate access rights for termination.
  • Access Certifier invites managers, application owners and data owners to review entitlements within their domain of responsibility and either accept or reject each one.
  • Whereas users can be counted on to request new entitlements, Access Certifier can be counted on to request that old entitlements be re-examined.

Access Certifier acts as a counter-balance to reliable entitlement acquisition business processes by periodically inviting responsible parties to review current entitlements and request removal of those which are no longer needed.

page top page top