Identity access rights and historical analysis for compliance and governance

Benefits of Historical Analysis Related to Access Governance

Beta Systems Software of North America

Beta Systems of N.A. Company Overview - Key Figures

R&D spend close to 20% of revenue

Publicly listed on Frankfurt Stock Exchange

12 Offices in Europe + North America

Development labs in Berlin, Calgary, Cologne, Neustadt

“Garancy Access Intelligence Manager is pushing the

envelope in terms of identity analytics and intelligence

through the adoption of a BI approach.” - Gartner

300+ employees

1,500 customers in 30 countries

Berlin Headquarters

Tech Support Center in Berlin + Calgary (24x7)

24.07.2015 ©Beta Systems Software AG 2

- Gartner singles out Beta Systems Software

for outstanding Customer Satisfaction for

Product, Support and Maintenance. And,

expertise with highly complex environments.

50% of Europe’s largest banks

secure business processes with

solutions from Beta Systems

7 of Europe’s 10 largest

insurers use solutions from

Beta Systems

The new Garancy AIM 2.1Two main directions:

Time Traveler:

Historical analytics

made easy and

complete

Comprehensive

dashboards and

analytics3

GARANCY Time Traveler: business oriented benefits

Using Garancy Time Traveler makes life much easier. I t enables customers to answer the questions on all historical

data regarding the access rights in IT audit situations or investigations , based on snapshots as well as on

continuous data loads . Customers can compose the needed information even on short notice , it is information

at your f ingertips .

Investigate changes

within a day

Detect at-risk

situations

Reduce the risk of

fraud and data

leakage

Review access

rights at any time

Continuous data

load

Provide answers for

the auditors

Deep-dive forensics

Better Protection

against internal

attacks

Time Traveler has all the answers to key questions

All the access right changes

in a selected time span?

Within a specific time

range, what access right

changes occurred for a

particular user?

Want to see all the

changes within a day in a report instead of just

getting snapshots ?

Time PeriodsStatus View

Want to check the status of

access rights at a specific point

of time ?

Which access rights did a

user have on a particular

date?

Which users had access on

a specific date to a special

resource?

What access rights did a

specific user have on their

off boarding date?

Which roles provide access

to a special resource?

Consider it

solved:

Historical

Analyses

made easy


Empowering Data Model Approach

Trace successive Changes

7

Continuous Data Load uncovers every change

Timet1 t2

Status 2

- Overview

- Details

Status 1

- Overview

- Details

Change?

Not discrete but continuous!

The Concept: All issues for the history view of user are relevant!

8


Investigate through HistorizationStandard Analyses to make your life easier

« History Detail

Analyses »

10

Time

Traveler

« Change Histories »

« Status

Histories »

« Timespan Option »

All you need for Historization: The GAIM Time Traveler


View every single user at

any given time

New Analysis Front Page provides five new analyses and new icons

©Beta Systems Software AG 12©Beta Systems Software AG 12

„Status“

„Access Changes“

„Attribute Changes“

Flag important analyses

and see how many

peers did the same!

User Change History Overview


Start with an overview

Use Cases

Business User:

Get the manager view on

the user for the whole

department at any given

time or time span: analysis

at your fingertips

History Overview

as starting point for the

management or auditors

Drill Down for more details

Easy to print for handouts

to the auditors


Frage


Look out for the details

History Detail Analyses on Changes

24.07.2015 16

Changes on

account,

role,

group,

authorization and

resource.


Find the Maverick

User Status History


(1) The first level shows

all entitlements.

(2) The second level

"User" shows the

entitlements per user.

(3) The third level shows

a detailed users

status which lists all

entitlements that were

assigned within a

timespan.


Look at the Resource Access

History User Resource Access

Answers Audit

Questions e.g.

Which users had

access to a resource

in a defined time

period?

Who had access to a

special resource in

the past?



Find out what happened when

Forensics and Compliance

Get all the needed information for a selected time period, not just snapshots

and investigate out about every change in access rights

e.g. for audits, protection against internal attacks

uncovering the sources of data losses

Compose audit data with just some clicks instead of keeping everybody busy for long

All the historical data is archived in a data warehouse based on MS SQL database.



Change the perspective

Ad Hoc

Ad Hoc Analyses

Use Ad hoc Analyses

for all the questions

that will not be

answered by standard

analysis: Define your

own reports and get ad

hoc answers.


Further Enhancements of Garancy AIM 2.1


Get further Enhancements

Discover new ways: Additional enhancements of Garancy AIM 2.1

26

New User Dashboard (in addition to the group and role dashboards of

Garancy 1.2)

The information details increase

from top to bottom

(1) First Level shows the quantity of

changed and/ or new users

(2) Second Level provides the

information % of changed/ new

users User changes grouped by

entitlement and risk

(3) The last level shows the most

frequently changed

assignments for users

29

New enhanced Analyses New variant of “User Indicator”

grouped by “User Manager” to support the manager view.


New variant of “User &

Resource Access” grouped by

“Jobfunction”. The job function is a great peer

group for analyses based on the

assumption that user with the same

job function should have the same

access rights

New variant of “User Group

Risk Analysis” grouped by

“Jobfunction”. This grouping allows a

comparison of risks based on the job

functions.

The largest independent and European IAM Software Provider:

Beta Systems Software AG

www.betasystems-iam.com

Identity access rights and historical analysis for compliance and governance

Technology

Transcript of Identity access rights and historical analysis for compliance and governance