policy-based access controls
Access Controls Governor
Any ERP :: Any Application :: Any Infrastructure
Control fine-grained identity access rights embedded in security roles to meet rapidly changing technology needs, compliance regulations, and cyber threats.
As organizations adopt an increasing number of business applications along with the expansion of data sources and devices, security risks are growing at unprecedented rates. Identity Governance and User Rights Management are more complex and the security design can impede the benefits of a modern digital business platform. Role-Based Access Controls (RBAC) available in ERP applications, Identity Governance, and IT Service Management systems are no longer sufficient to deal with the modern digital paradigm, especially when it comes to policy-based cross-application access management such as Segregation of Duties, User Access Request Orchestration, Periodic Access Certification, Privileged Access Management, and Data Protection.
Managing and controlling identities that grant users access to enterprise applications, databases, servers, and cloud infrastructure is challenging without effective policy-based access controls in place. Complex ERP security design can impede the deployment of a modern digital business platform without specialized solutions and knowledge.
Business needs for effective access controls have evolved, beyond the general IGA capabilities in response to growing compliance mandates and increased cyber security risks. As a result, IGA customers are now demanding specialized capabilities based on new control objectives to address the following gaps in the general-purpose IGA systems.
AccessPaaS™
A complete controls governance platform that seamlessly integrates with ERP applications, IT Service Management (ITSM), and IDM/IGA data sources to govern role-based access controls based on access policies at the fine-grained access rights level.
Detects access policy violations to control financial, operational, fraud, and cyber risks. Define policies in terms of risk descriptions, impact, likelihood, and fine-grained rules that constitute discrete and fuzzy logic in terms of IT system security entitlements and privileges for governance models such as Segregation of Duties, Sensitive Access, Data Protection, Trade Secrets etc. Eliminate false-positive filters to improve risk analysis and response. A high-performance policy engine rapidly analyzes millions of security attribute combinations and permutations across all enterprise IT systems and ERPs and business application security snapshots to report violations. Violation Manager eliminates exceptions where risk is accepted with compensating controls, using advanced filters. Remediation Manager issues corrective actions using closed-loop workflows that expedite risk response, reduce risk exposure and automatically update violations reports to ensure audit evidence is accurate and timely. We provide:
RULES MANAGEMENT
SECURITY SNAPSHOTS
VIOLATIONS MANAGER
FALSE POSITIVES
REMEDIATION
COMPENSATING CONTROLS

