Identity access rights and historical analysis for compliance and governance
-
Upload
gordon-kiser -
Category
Technology
-
view
157 -
download
3
Transcript of Identity access rights and historical analysis for compliance and governance
Benefits of Historical Analysis Related to Access Governance
Beta Systems Software of North America
Beta Systems of N.A. Company Overview - Key Figures
R&D spend close to 20% of revenue
Publicly listed on Frankfurt Stock Exchange
12 Offices in Europe + North America
Development labs in Berlin, Calgary, Cologne, Neustadt
“Garancy Access Intelligence Manager is pushing the
envelope in terms of identity analytics and intelligence
through the adoption of a BI approach.” - Gartner
300+ employees
1,500 customers in 30 countries
Berlin Headquarters
Tech Support Center in Berlin + Calgary (24x7)
24.07.2015 ©Beta Systems Software AG 2
- Gartner singles out Beta Systems Software
for outstanding Customer Satisfaction for
Product, Support and Maintenance. And,
expertise with highly complex environments.
50% of Europe’s largest banks
secure business processes with
solutions from Beta Systems
7 of Europe’s 10 largest
insurers use solutions from
Beta Systems
The new Garancy AIM 2.1Two main directions:
Time Traveler:
Historical analytics
made easy and
complete
Comprehensive
dashboards and
analytics3
GARANCY Time Traveler: business oriented benefits
Using Garancy Time Traveler makes life much easier. I t enables customers to answer the questions on all historical
data regarding the access rights in IT audit situations or investigations , based on snapshots as well as on
continuous data loads . Customers can compose the needed information even on short notice , it is information
at your f ingertips .
Investigate changes
within a day
Detect at-risk
situations
Reduce the risk of
fraud and data
leakage
Review access
rights at any time
Continuous data
load
Provide answers for
the auditors
Deep-dive forensics
Better Protection
against internal
attacks
Time Traveler has all the answers to key questions
All the access right changes
in a selected time span?
Within a specific time
range, what access right
changes occurred for a
particular user?
Want to see all the
changes within a day in a report instead of just
getting snapshots ?
Time PeriodsStatus View
Want to check the status of
access rights at a specific point
of time ?
Which access rights did a
user have on a particular
date?
Which users had access on
a specific date to a special
resource?
What access rights did a
specific user have on their
off boarding date?
Which roles provide access
to a special resource?
Consider it
solved:
Historical
Analyses
made easy
24.07.2015 ©Beta Systems Software AG 6
Empowering Data Model Approach
Trace successive Changes
7
Continuous Data Load uncovers every change
Timet1 t2
Status 2
- Overview
- Details
Status 1
- Overview
- Details
Change?
Not discrete but continuous!
The Concept: All issues for the history view of user are relevant!
8
24.07.2015 ©Beta Systems Software AG 9
Investigate through HistorizationStandard Analyses to make your life easier
« History Detail
Analyses »
10
Time
Traveler
« Change Histories »
« Status
Histories »
« Timespan Option »
All you need for Historization: The GAIM Time Traveler
24.07.2015 ©Beta Systems Software AG 11
View every single user at
any given time
New Analysis Front Page provides five new analyses and new icons
©Beta Systems Software AG 12©Beta Systems Software AG 12
„Status“
„Access Changes“
„Attribute Changes“
Flag important analyses
and see how many
peers did the same!
User Change History Overview
24.07.2015 ©Beta Systems Software AG 13
Start with an overview
Use Cases
Business User:
Get the manager view on
the user for the whole
department at any given
time or time span: analysis
at your fingertips
History Overview
as starting point for the
management or auditors
Drill Down for more details
Easy to print for handouts
to the auditors
24.07.2015 ©Beta Systems Software AG 14
Frage
24.07.2015 ©Beta Systems Software AG 15
Look out for the details
History Detail Analyses on Changes
24.07.2015 16
Changes on
account,
role,
group,
authorization and
resource.
24.07.2015 ©Beta Systems Software AG 17
Find the Maverick
User Status History
24.07.2015 ©Beta Systems Software AG 18
(1) The first level shows
all entitlements.
(2) The second level
"User" shows the
entitlements per user.
(3) The third level shows
a detailed users
status which lists all
entitlements that were
assigned within a
timespan.
24.07.2015 ©Beta Systems Software AG 19
Look at the Resource Access
History User Resource Access
Answers Audit
Questions e.g.
Which users had
access to a resource
in a defined time
period?
Who had access to a
special resource in
the past?
24.07.2015 ©Beta Systems Software AG 20
24.07.2015 ©Beta Systems Software AG 21
Find out what happened when
Forensics and Compliance
Get all the needed information for a selected time period, not just snapshots
and investigate out about every change in access rights
e.g. for audits, protection against internal attacks
uncovering the sources of data losses
Compose audit data with just some clicks instead of keeping everybody busy for long
All the historical data is archived in a data warehouse based on MS SQL database.
24.07.2015 ©Beta Systems Software AG 22
24.07.2015 ©Beta Systems Software AG 23
Change the perspective
Ad Hoc
Ad Hoc Analyses
Use Ad hoc Analyses
for all the questions
that will not be
answered by standard
analysis: Define your
own reports and get ad
hoc answers.
24.07.2015 ©Beta Systems Software AG 24
Further Enhancements of Garancy AIM 2.1
24.07.2015 ©Beta Systems Software AG 25
Get further Enhancements
Discover new ways: Additional enhancements of Garancy AIM 2.1
26
New User Dashboard (in addition to the group and role dashboards of
Garancy 1.2)
The information details increase
from top to bottom
(1) First Level shows the quantity of
changed and/ or new users
(2) Second Level provides the
information % of changed/ new
users User changes grouped by
entitlement and risk
(3) The last level shows the most
frequently changed
assignments for users
29
New enhanced Analyses New variant of “User Indicator”
grouped by “User Manager” to support the manager view.
24.07.2015 ©Beta Systems Software AG 28
New variant of “User &
Resource Access” grouped by
“Jobfunction”. The job function is a great peer
group for analyses based on the
assumption that user with the same
job function should have the same
access rights
New variant of “User Group
Risk Analysis” grouped by
“Jobfunction”. This grouping allows a
comparison of risks based on the job
functions.
The largest independent and European IAM Software Provider:
Beta Systems Software AG
www.betasystems-iam.com