Skip to main content

Unreliable Deactivation

Business Challenge

In many organizations, user access to systems and applications remains long after the users themselves have gone. These orphan and dormant login accounts pose a serious security threat, since they can be compromised without anyone noticing.

Hitachi ID Identity Manager Solution
  • Identity Manager can automatically terminate user access to systems, triggered by changes to user status on a system of record, such as HR.
  • Identity Manager can identify orphan and dormant accounts -- orphans in the sense that they have no known owner and dormant in the sense that nobody has signed into them for some time. Such accounts are subjected to extra review and removed if they are truly not needed.

Using Identity Manager, organizations can make access deactivation processes fast, reliable and complete -- exactly what manual processes are not.

Read More:

  • Slow Onboarding:
    It can take too long to create login IDs for newly hired or reassigned users.
  • Costly Security Administration:
    Processes to manage users and entitlements are costly and time consuming.
  • Unreliable Deactivation:
    Access deactivation can be slow, unreliable or incomplete.
  • Policy Violations:
    Manual security administration leads to users whose access profiles violate corporate policies regarding appropriate access or segregation of duties.
  • Auditing User Entitlements:
    Auditing user entitlements that span multiple systems.
  • Ambiguous User Access Requests:
    Users understand files and folders, but not groups and ACLs. This makes change requests hard to interpret and both costly and time consuming to fulfill.
  • No History for Security Rights:
    When security entitlements are granted or revoked using native administration tools, there is no audit trail to show who made the change, when or for what reason.
page top page top