Identity Security Management
Identity Security Management -
Delegate the ownership of identity to the enterprise
SafePaaS customers can perform periodic access reviews by identity security (identity groups) in addition to role groups. Customers can delegate ownership of identities including service accounts, operating system identities, Active Directory (LDAP / Azure) identities, database identities, and APIs, which also need protection, to the enterprise.
Some organizations allocate the task of periodic access review by assigning identities instead of roles to access reviewers to certify access to enterprise applications and infrastructure. SafePaaS now makes it more flexible to certify identities, roles, entitlements, and privileges within applications and infrastructure by assigning an owner to the identity across applications such as an employee ́s manager, who is sometimes referred to as a people manager.
SafePaaS customers can choose whether to certify access via role groups. For example, all UK procurement business unit roles in Oracle ERP Cloud belong to John, therefore, John will certify these roles or certify by identities; and, all benefit administrator identities in Workday USA region belong to Nina, therefore, Nina will certify the identities.
This capability allows for the flexibility of cross-checking access as identity access risk remains an elevated cyber security threat and a key IT general control (ITGC). This new feature gives you the flexibility to group users by identities including non-human identities. It also allows you to protect privileged identities at the infrastructure level including databases, and operating systems.
The following page shows the new feature where customers can assign identity owners to individual identity owners. You can also upload identity owner to identity relationships through spreadsheet templates for quick setup.