Auditing user access rights is hard:
- Data about user entitlements is spread over multiple systems and applications and only available to administrators.
- Access request history, including who requested rights, who approved them and when they were granted, may not be available at all.
Performing audits is costly and disruptive. In some organizations, half of all access administration time is dedicated to responding to audit queries.
Hitachi ID Identity Manager Solution
- Identity Manager includes infrastructure to aggregate data about identities and entitlements from every integrated system into a single, accessible database.
- Access certification is used to periodically review and correct excess rights.
- Identity Manager tracks request and entitlement history, empowering auditors to answer questions about who had any given access in the past and how they came to have it.
- Actionable analytics can automatically identify new policy violations and risks, and either request human intervention or, where resolution is predictable, automatically remediate the problem.
Identity Manager moves the burden of responding to audit queries to a combination of automated processes and self-service for auditors. Auditors can focus more on process integrity than individual entitlement history.