It is important to link access to its origins, answering questions such as:
- When did this user acquire this entitlement?
- Who requested the access?
- Who authorized the access?
- Who last reviewed the access?
Few systems record this kind of detail when access is granted. Without such change logs, users with elevated privileges cannot be held accountable for granting access rights to themselves or others.
Hitachi ID Group Manager Solution
- Requests processed by the Hitachi ID Identity Manager
include business-level details, such as requester,
recipient, approver, date, etc.
Every change has a requester, a recipient and at least one
- Identity Manager records the
of every entitlement discovered on integrated systems and of
every access request it processed.
Combining business-level details with indefinite retention of change history creates accountability for every stake-holder.