Access Certification
ID-Certify® is a unique
Hitachi ID solution for distributed review and cleanup
of user entitlements.
ID-Certify closes the gap between business
process, which should determine what user rights are appropriate,
and Authentication / Authorization / Audit infrastructure (AAA),
where user rights are actually stored and enforced.
ID-Certify ensures that user access rights are current and appropriate by periodically requiring business stake-holders to review user profiles, login accounts and security group memberships. Different stake-holders can be asked to review different users: managers review their direct subordinates, application owners review the users of their applications and security group owners review their memberships.
Using access certification, stake-holders identify no-longer-employed users, unneeded accounts and inappropriate security group memberships. A workflow engine captures these changes, sends them to suitable authorizers for review and -- if they are accepted -- automatically deactivates inappropriate login accounts and group memberships on sensitive systems.
Electronic signatures capture the actions of stake-holders, creating a trail of accountability for access rights that remain after certification and cleanup are complete.