Hitachi ID Identity Manager Business Case

Developing a business case for deploying an identity management and access governance system such as Hitachi ID Identity Manager -- improve internal controls, reduce IT administration cost and accelerate user service.

The Challenge

Creating, maintaining and deleting login IDs for a large user population on multiple systems is complex. This complexity produces user service, security and cost problems:

New hires that join an organization may wait a long time for system access. Employees who change roles may likewise wait for new access. In both cases, the organization loses staff productivity while access administration processes lag.

High staff mobility or a large number of target systems lead to a large number of add / change / delete actions on login IDs. Approving and implementing these changes requires numerous IT support and security administration staff.

When people leave an organization, their systems access frequently persists -- for a long time or indefinitely. Orphan accounts represent a significant security risk and in some cases contribute needlessly to software license costs.

Other security problems that arise due to complex multi-system administration include users with excess or inappropriate privileges, weak or un-enforced password policies, violations of segregation of duties rules and improper approvals for security changes.

Hitachi ID Identity Manager Benefits: Security, Internal Controls and Regulatory Compliance

Identity Manager strengthens security by:

  • Quickly and reliably removing access to all systems and applications when users leave an organization.
  • Finding and helping to clean up orphan and dormant accounts.
  • Assigning standardized access rights, using roles and rules, to new and transitioned users.
  • Enforcing policy regarding segregation of duties and identifying users who are already in violation.
  • Ensuring that changes to user entitlements are always authorized before they are completed.
  • Inviting business stake-holders to periodically review user entitlements and either certify or remove them, as appropriate.
  • Reducing the number and scope of administrator-level accounts needed to manage user access to systems and applications.
  • Providing readily accessible audit data regarding current and historical security entitlements, including who requested and approved every change.

Identity Manager Benefits: Cost Savings

Identity Manager reduces the cost of managing users and security entitlements:

  • Auto-provisioning and auto-deactivation leverage data feeds from HR systems to eliminate routine, manual user setup and tear-down.
  • Self-service eliminates IT involvement in simple updates to user names, phone numbers and addresses.
  • Delegated administration moves the responsibility for requesting and approving common changes, such as for new application or folder access, to business users.
  • Identity synchronization means that corrections to user information can be made just once, on an authoritative system and are then automatically copied to other applications.
  • Built-in reports make it easier to answer audit questions, such as "who had access to this system on this date?" or "who authorized this user to have this entitlement?"

Read More:

  • Features:
    Auto-provisioning, identity synchronization, authorization workflow, RBAC, segregation of duties, reporting and more.
  • Business Case:
    Developing a business case for deploying an identity management and access governance system such as Identity Manager
  • Screen Shots:
    Snapshots of the Identity Manager web user interface.
  • Screen Recordings:
    Recordings of user interaction with Identity Manager, Access Certifier and Group Manager.
  • Concept Animations:
    Animated demonstrations illustrating user interaction with Identity Manager and data flow between components on the network.
  • Slide Decks:
    A variety of slide presentations about identity management and access governance in general and Identity Manager in particular.