Hitachi ID Access Certifier Overview
In a typical organization, where large numbers of users are hired, moved around and terminated every year, over time many users acquire more security entitlements than they require:
- Orphan accounts are login IDs that persist after their owners have already left the organization.
- Dormant accounts are login IDs that persist beyond the time when their owners need them.
- Stale entitlements are fine-grained security rights that persist beyond the time when their owners need them.
Excess entitlements represent a serious security problem: users with too
many rights may violate separation of duties rules, and may be able
to see data or make changes inappropriate to their job responsibilities.
Orphan and dormant accounts are especially attractive to intruders: nobody will notice if they are compromised.
Access Certifier is designed to address the problems of privilege accumulation quickly and simply. Unlike previous approaches to this problem, Access Certifier does not require costly role engineering or user classification. Instead, Access Certifier harnesses the business knowledge of key stake-holders to identify and remove inappropriate security rights.
Read more:
- Features:
Access Certifier features. - Business Case:
How access certification leads to stronger security. - Screen Shots:
Snapshots of the Access Certifier web interface. - Animations:
Videos of the Access Certifier web interface. - Slide Decks:
Slide presentations that discuss how Access Certifier works.