Secure and Monitor Access Control Compliance

Intel Security and Hitachi ID Systems working together to enforce compliance and monitor access control.

If you can’t see it, you can’t fix it. McAfee, a part of Intel Security, and Hitachi help you align user access rights with business needs and regulatory requirements by bringing access/segregation of duty (SoD) violations to the attention of decision makers.

Overview of Combined Solution

McAfee® ePolicy Orchestrator® (McAfee ePO™) software is the only enterprise-class software to provide unified management of endpoint, network, and data security. With end-to-end visibility and powerful automations that slash incident response times, McAfee ePO software dramatically strengthens protection and drives down the cost and complexity of managing risk and security. It can monitor access governance processes in the Hitachi ID Identity and Access Management Suite, including access certification progress and coverage, access request activity and backlog queue, checkouts of privileged access, and coverage of privileged access control.

Separately, McAfee ePO software can manage the deployment of client-side agents in Hitachi ID Identity and Access Management Suite to secure administrative access to user devices.

The Hitachi ID Identity and Access Management Suite includes:

Key features are:

  • Privileged access management: A system for securing access to privileged accounts. It works by regularly randomizing privileged passwords on workstations, servers, network devices, and applications. Random passwords are encrypted and stored on at least two replicated credential vaults. Access to privileged accounts may be disclosed to:
    • IT staff, after they have authenticated and their requests have been authorized.
    • Applications, replacing embedded passwords.
    • Windows workstations and servers, which need them to start services.

Password changes and access disclosure are closely controlled and audited to satisfy policy and regulatory requirements.

  • Access recertification: A solution for distributed review and cleanup of users and entitlements. It works by asking managers, application owners, and data owners to review lists of users and entitlements. These stakeholders must choose to either certify or revoke every user and entitlement. This is included with Identity Manager at no extra cost.
  • Workflow requests and approvals: Users can sign into the Identity Manager web portal and make updates to their own profiles. This includes changes to their contact information and requests for new access to applications, shares, folders, and more.

Agent deployment
Figure 1. Agent deployment.

Registered server
Figure 2. Registered server.

Price Model

  • Password Manager and Identity Manager are priced per (human) user.
  • Privileged Access Manager is priced per integrated endpoint system.

About Hitachi ID

Hitachi ID identity management and access governance solutions are designed to help organizations more effectively manage users, identity attributes, relationships between users, privileges, and authentication processes. Privileged Access Manager secures privileged accounts by discovering IT assets and high-value accounts, randomizing and vaulting passwords, controlling access, and creating a forensic audit trail.

About McAfee ePolicy Orchestrator Software

McAfee ePO software is the industry-leading security and compliance management platform. With its single agent and single-console architecture, McAfee ePO software provides intelligent protection that is automated and actionable, enabling organizations to reduce costs and improve threat protection and compliance.