Auditing user access rights is hard:
- Data about user entitlements is spread over multiple systems and applications and only available to administrators.
- Access request history, including who requested rights, who approved them and when they were granted, may not be available at all.
Performing audits is costly and disruptive. In some organizations, half of all access administration time is dedicated to responding to audit queries.
Hitachi ID Identity Manager Solution
- Hitachi ID Identity Manager includes
infrastructure to aggregate data about identities and entitlements
from every integrated system into a single, accessible database.
- Access certification
is used to periodically review and correct excess
- Hitachi ID Identity Manager tracks
request and entitlement history,
empowering auditors to answer questions
about who had any given access in the past and how they came to
- Actionable analytics
can automatically identify new policy violations and risks,
and either request human intervetnion or, where resolution is
predictable, automatically remediate the problem.
Hitachi ID Identity Manager moves the burden of responding to audit queries to a combination of automated processes and self-service for auditors. Auditors can focus more on process integrity than individual entitlement history.