Identity Governance and Administration (IGA)
Content sections
Text
Compliance is a key function within governance solutions and by implementing high security functions, companies are able to empower the organization and its core business.
To be able to create visibility into the Identity Governance and Administration solution (IGA), you need to connect and create a relation to both identities and applications. By implementing a governance tool, you gain both prebuild connectors to the most common systems and a rich toolbox to meet your security requirements. Together with you, our experts help to build a total view of identities, roles, assets and data. We offer you a tool which has the ability to merge and transform your data so that it is uniform and clear.
One way to merge all data into a view that facilitates the understanding and analysis of data for end users and decision-makers is role mining. All technical details and access rights in different systems are aggregated into technical roles and further into business roles. This can be done both automatically in the role mining process or manually by an administrator.
Managing critical access rights
Requests for access to systems and applications are some of the challenges that the governance tool addresses. By using the business roles above, we can create a request process that can be initiated by the end user and then through workflows seek approval from both a manager and a system owner. Also, the same system can be used by the system owner or a security officer to conduct an audit control. Hence, procedures to verify access rights through shared documents is history.
Some systems and applications are more sensitive than others. For customers with the highest need for audit and control, we implement Separation of Duties (SoD). SoD is a concept of internal control to avoid conflict of interests, wrongful acts or to detect control failures such as security breaches. To minimize vulnerability, and be compliant to audits and reviews, a company needs to keep an eye on assigning rights and requests. By implementing a real-time monitor, the SoD policies offer total control and give alerts on any violations occurring or having the potential to occur.