Users move through organizations, and as they do so they require new access rights and no longer need old ones. Users can be counted on to request new access rights, as without them they cannot do their jobs. Unfortunately, users never call IT support to ask for old rights to be revoked. Consequently, users accumulate rights over time -- the more often their role changes, the more rights they retain.
Hitachi ID Identity Manager Solution
- Role-based access control can link
access rights to a user's responsibilities, simplifying both
adding new and revoking old rights.
- Access certification
is used to periodically invite business stake-holders to
review user rights and identify no-longer-needed ones to
- Identity Manager can compute risk scores
to identify the users who can cause the most harm and who
should consequently be subject to the most stringent controls.
Using Identity Manager, organizations can efficiently identify and remove excess rights, to minimize access risk.