Comments Off on What you should know about access management
companies are subject to strict regulatory requirements.
The topic of access management is important in almost all requirements.
ensure that these requirements are met, companies must be audited externally or
by their own auditors!
Here it is helpful to present targeted Audit analyses in order to be able to fulfil a fast data delivery within the scope of an audit and thus to be able to prove compliance with the right requirements.
In order to be able to meet the goals and requirements of access management, technical support is advantageous, but the purchase of a tool alone is not sufficient. Added to this is the complexity of access management:
In addition to
complexity, further problem areas arise
Our partner KMPG has to deal with a number of
errors and problems during external or internal audits, for example:
of the assigned or required authorizations (e.g. missing reporting options or
quality of the authorization descriptions)
on “legalizations” (applications / releases not comprehensible
(e.g. “trainee effect” or in relation to privileged accounts)
periodic quality assurance (“recertification”)
Lack of acceptance of responsibility
and waiting times for IT systems
with www authorizations (e.g. regarding information owners, entry in CMDB)
of the service desk due to increasing diversity of the application landscape
and the repetitive standard queries
of external employees/service providers and their access to company data not
not organized according to business functions, no role model available
Together with our partner KMPG, we have compiled a free white paper which shows how these regulatory requirements have been implemented and helps you to cope with the complexity of access management and compliance, security and efficiency. Here you can download it for free.
Reports and multi-dimensional analyses using the Access Intelligence Manager for GDPR purposes
Access Intelligence Management for GDPR Compliance
The analyses and reports deliver the whole spectrum of security-relevant information, such as number of roles, groups, accounts or target systems per user including historical analyses of access rights. Dedicated dashboards providing weighted data and key risk indicators allow staff to perform targeted follow-up measures.
Risk-based access intelligence methods can uncover critical security gaps and thus help prevent any form of data misuse. The solution offers automatic support throughout all stages of access risk management – from assessment and analysis through to monitoring and risk control, thereby being an important tool for ensuring compliance with the principles of GDPR.
The largest listed Portuguese bank Millennium bcp expands the coverage of its Identity and Access Management system (IAM) to include core banking applications and deploys Beta Systems’ risk-driven governance solution.
Millennium bcp is Portugal’s largest listed bank, with a prominent position in the financial market in Portugal. It is the second-largest Bank overall and the first listed banking institution in terms of market share – both in loans to customers and in total customer funds – with an impressive distribution network, made up of a total of 695 branches at the end of 2014. It is also a reference institution in Europe and Africa, through its banking operations in Poland, Mozambique, Angola and Switzerland. All these operations trade under the Millennium brand.
Beta Systems solutions got Access Governance Award
The European Identity & Cloud Awards 2015 were presented last night by KuppingerCole at the 9th European Identity & Cloud Conference (EIC). In the category Best Access Governance / Intelligence Project, the award was granted to Nord/LB for implementing an IAM project based on Beta Systems’ IAM suite. The project is focusing on realizing a modern, workflow-structured and role-based IAM system that mitigates existing risks and improves governance capabilities. An important element within its design and deployment was a clear segregation between management of identities and access and the technical operation. The solution was implemented by Beta Systems long-time IAM solution partner BLUECARAT.