“We May Not Need an IT Compliance Manager Solution”
Written by: Ilan Sharoni/Eurekify
I heard this statement in one of my visits lately to a small, but fast growing company.
It was clear to me where and why this statement come from since it was voices by the security technical manager, which yet manages to provision and manage compliance issues manually.
By the way: this customer does not have IdM yet, and plans to use Eurekify for Role Modeling, Management and Compliance management and from Eurekify provision access right to all systems.
Before Eurekify, the provisioning scenario is done like this:
1. A new employee is registered in the HR department
2. The new employee reports to his boss
3. The boss, requests the security manager to grant this new person the required access rights
4. The Security manager ask the boss about the name of another employee which has the typical access rights that are required (the security manager plans to copy all the access right of that person to the new person)
5. The security manager now needs to check if granting new access rights do not exceed business licenses for limited software’s.
6. Since there is no automatic compliance management solution, this process is done manually, and the speed relies on how good is the memory of the security manager.
If no mistakes are done the new employee is provisioned and ready to work !!
Wow ! what a process.
Since there are no “Roles” in the organization, current employees which are considered to be “typical users” are considered as “Roles”
Since there is no automatic repository list of all resources that are limited by licenses and their limit, this checkup may take a while.
This customer deployed Eurekify and successfully manages:
1. Roles and access rights (Roles are automatically granted based on user's HR attributes)
2. Policies checkup (license limits and many other SoD policies)
3. Cleansing.
4. Grant access new hires and movers – Automatically !
5. Upload access rights to the target system
I was impressed with the results which made a huge change of how the security manager manages the business access rights today and how they are provisioned.
If you want to talk with me about your provisioning systems on role modeling, compliance and more, feel free to contact me at:
isharoni@eurekify.com
Ilan Sharoni
http://www.eurekify.com/
