Increase Security with Portal-Based Recertification of Access Rights
We are very pleased to announce the general availability of its Garancy Recertification Center, our portal solution to boost the use of SAM Enterprise for the efficient recertification of user access rights. It enables companies to review internal and external users’ access rights and to specify which managers are able to recertify or revoke user permissions. The benefit to companies is an increase in the security and accuracy of recertifications, while making the recertification process itself auditable and compliant.
Read more →
Insider threats – how to fight the vulnerabilities coming from within the company
Recent studies have shown that 50-70% of all attacks on information security are coming from within the organization, and often the length of time that the breach existed is unknown. There are many issues involved in closing the gaps that cause such insider incidents and strenghten the protection of data.
Using the need “need to know” principal, organizations can limit who has access to data. Controls that adjust given access rights to actual needs exist and should be utilized. This webcast session will focus on how to adjust data access rights, implementing the “least privilege principal”, and the use of detective and proactive risk-oriented controls.
Join our 45 min webcast on insider threats on July 28, 2015 at and register here:
Webcast Insider Threats
Insurer gain secure access to all applications – IAM for insurance provider
IAM for insurance provider
Insurance providers are often businesses with complex, distributed structures are faced with the challenge of managing complex and heterogeneous IT landscapes centrally and effectively, all the while being under extreme pressure to save time and costs. Mergers and acquisitions have further added to this challenge in recent years. All the thousands of employees require access to a broad range of different software systems depending on their tasks.
Read more →
IT Risk Identification with Access Intelligence – Why you can’t do without it
Before access risks can be avoided, reduced or managed, they must first be identified. While this may seem trivial, it is a complex task in terms of permission management. Detecting and assessing risks among the enormous amounts of data that continuously accrue in the access management environment is a lot like finding the proverbial needle in the haystack. With a growing number of users, roles and IT systems – all of which must be granted permissions – the sheer number of risk opportunities rises exponentially.
A company with 5,000 employees and only 50 IT systems with ten permission groups each, for example, has over 2.5 million permission-granting possibilities, each of which may represent a high or low risk for the company. In light of this, the task of identifying all the existing risks from these permissions, assessing their effects and defining appropriate measures seems hopeless.
Read more →