• Site Map
• Contact Us

• Home
• Our Company
  • Customers
  • Careers
  • Contact Us
  • RSS & Blogs
• Products
  • Identity Manager
  • Password Manager
  • Group Manager
  • Privileged Access Manager
  • Download evaluation
  • Releases
  • CCC
• Solutions
  • Security / GRC
  • Reducing IT support cost
  • Improve user service
• Support
  • Shipping products
  • Supported versions
  • Portal login
  • Report problem
• Services
  • Solution delivery
  • Methodology
  • Education
  • Upgrades
  • AdMax Program
  • Hitachi ID Systems-Managed IAM
  • Guarantee
• News &  Events
  • Press Releases
  • Press Coverage
  • Archived Webinars
• Resource Center
  • White Papers
  • Independent Reviews
  • Brochures
  • Slide Decks
  • Case Studies
  • Regulatory Compliance
  • Certifications
  • Community
• Partners
  • Technology Partners
  • Channel Partners
  • System Integrators and Consultants
  • Managed Service Providers
  • Public Sector
  • Partner Portal
  • Online partner application

Challenges / Solutions No history for security rights

No history for security rights

Business Challenge

Hitachi ID Group Manager Solution

Active Directory tracks membership in security groups and uses this membership to connect users to file-system and other resource access control lists (ACLs). In short, placing a user into a security group is the main mechanism for granting security rights to users in Windows. Windows does not, however, track the history of security groups. There is no way to know when a user was attached to a security group, who authorized the change and why. This means that Windows group membership - by itself - is inadequate for forensic analysis.

Group Manager implements a work-flow to manage group membership. Every change has a requester, a recipient and at least one authorizer. Change requests are logged indefinitely. It is always possible to find out: Who requested a change. Who authorized a change. What reasons were given for the request and for the approval. When the change took place. This information is retained indefinitely -- even if the group membership has since been revoked. Using Group Manager, organizations establish an accountable log of security changes and are able to carry out forensic analysis, if required.

© Hitachi ID Systems, Inc. . All rights reserved.