Fine-grained Access Controls – Provision with Security Attributes


Introducing Fine-grained Access Request Controls
Ensure fine-grained access request controls for all major ERP systems for
compliant provisioning and de-provisioning. Provision with security attributes.
SafePaaS Enterprise iAccess™, used for provisioning and de-provisioning (user access request management), now includes security attributes to ensure fine-grained access request controls. Users can easily manage and request role access, see their current access and the current status of that access - ie. pending, approved, active in the ERP. A user can request access to a job role, such as General Ledger and Payables, select one or more attribute types (security context), for example, the business unit, and attribute name associated with that role, and submit for access policy violation testing.
Once the analysis of the segregation of duties has been completed, the access request can be submitted for manager approval or rejection via an enterprise workflow. Access will then be directly provisioned in the ERP. Managers can then reconcile the access via the User Entry access listing report in SafePaaS. This capability can be used both as a simulation and validation tool or for provisioning access.
The following page shows the enhanced Access Request page with the Security Attribute columns to enable the user to request access to a role in a specific business unit.
