Solutions Compliance Architecture
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

Compliance Architecture

Many organizations today are implementing a strategy of building a compliance architecture, whose core component is an identity management and access governance system, to ensure that they can satisfy requirements of the compliance auditors. The business driver for these efforts is to design and implement an identity management and access governance strategy that will satisfy both current and future regulatory and policy requirements, rather than addressing ever-changing regulatory rules one at a time.

The efficiency of building a compliance architecture is derived from significant overlap in requirements raised by many corporate governance and privacy regulations. Common requirements in such regulations include:

By building a single compliance architecture, IT departments can leverage these commonalities, addressing the broader set of requirements up front, and avoiding future effort to meet every new regulation.

A sophisticated identity management and access governance system that reaches across a broad range of multiple corporate IT infrastructure can meet these requirements:

Requirement: Security Infrastructure Impact:

Strong and reliable authentication

  • Password policy enforcement.
  • Strong authentication prior to password resets.
  • Strong authentication when enrolling new authentication factors, such as filling in Q&A profiles, collecting biometric samples or handing out hardware tokens.

Effective controls over user access to systems and data

  • Controlled authorization prior to creating or modifying login IDs, using a workflow engine that includes strong authentication of requesters and authorizers.
  • Reliable access termination, including automated termination triggered by removals from a system of record, and scheduled terminations.
  • Cross-directory login ID reconciliation, to connect user objects to people, and make it possible to manage access in a consolidated fashion, rather than one system at a time.
  • Consolidated user administration, to support prompt access termination when required.

Extensive audit trails

  • Cross-directory login ID reconciliation, supporting consolidated access reporting.
  • Regular monitoring of user login accounts, including alarms triggered by unauthorized changes.
  • Open-ended audit trails, tracking all change requests by time, date, requester, recipient, authorizer and resource.