Identity Audit & Compliance Manager (DEEP IACM)
Account and Access Reconciliation
Reconciliation of users (employees and non-employees) against their accounts in various target systems is key to governance and administration activities. Deep IACM provides comprehensive connectors for both Trusted Source (HRMS) and target systems to enable enterprises to automate the reconciliation process and provide details across all layers of access. Bridging multiple attribute authority and automatically linking them with target systems accounts’ using dynamic attribute mapping make the discovery or mining process simpler and cleaner.
Enterprises are able to tag sensitive and hidden attributes from trusted source and target systems so that they can be managed within permissible means to meet regulatory requirements for data privacy such as PDPA, HIPAA, SoX and many more.
Deep IACM offers access certification not only of users, but also certification of roles, both business and technical. While user access certification limits who has access to what, role attestation refers to aggregation of access independent of any particular user. Both these attestations have their respective advantages and uses in an enterprise. Deep IACM facilitates user and role attestation with three phase attestation approach, serving as the best practice for enterprises to complete the attestation process.
Attestation/Access Review by Group
Attestation/Access Review by Business or Endpoint System Owners
Business roles are typically used to define individual job functions within an organization. IT roles on the other hand are created to provide valuable information to construct policies for administration of access and authorization at the target systems. Authorization includes coarse grain and fine grain authorizations. In today’s context, there are multiple approaches to perform authorization functions such as Role-based Access Control (RBAC), Attribute-based Access Control (ABAC), eXtensible Access Control Markup Language (XACML) and many more.
Role mining or discovery process within Deep IACM helps to identify association between users, accounts and groups, and whether or not associations are necessary. Given the comprehensiveness of the connectors, Deep IACM is able to mine information all the way down to actual entitlements.
Deep IACM automates the mining/discovery process and recommend candidate roles. This enables Deep IACM to provide very comprehensive role analysis, modeling, attestation, SoD and role based provisioning with Deep IM integration.
Deep IACM pattern matching technology, role-optimization algorithm and intelligence based attribute bridge helps organizations to embark on role optimization project and increase the overall security and reliability of access management across enterprise. This comprehensive approach also makes Deep IACM the preferred solution especially for organizations that have SAP as their ERP system.
Deep Identity – Identity Audit and Compliance Manager (Deep IACM) provides solutions addressing full range of compliance requirements such as excessive access rights, Segregation of Duties (SoD) conflicts, Sensitive accesses and identity and access violations. These compliance checks are in built into Deep IACM and are available out of the box. Policy adherence is checked and Deep IACM produces results for policy violations, reviews, risk scoring, reports and dashboards.
Deep IACM handles compliance checks differently from other regular IGA or GRC tools. Deep IACM spans the compliance checks across multiple layers across operating systems, databases and applications. As part of the compliance checks, Deep IACM also provides comprehensive risk scoring and evaluation of users and the users that have privilege access.
The remediation is completed automatically with Deep IM and seamless workflow approval integration. Actions such as revoke access and modify access are part of lifecycle management for user accounts, roles, groups, and profiles all the way down to entitlements/permissions.
Analytics and Dashboard
To make the governance process relevant to each organization, Deep IACM brings intelligence and computational analysis of historical data, and correlating it against operational data. Deep IACM provides flexibility to filter and search for information with ability to drill down to provide transparencies down to details. This information is presented in a personalized dashboard.
Deep IACM also provides Audit and Reporting, which can be scheduled and delivered to mailbox anytime.