Fastpath’s Segregation of Duties analysis enhances Microsoft’s Azure Active Directory Identity Governance with improved access risk detection
Fastpath has partnered with Microsoft to integrate its Access Risk Monitor with Microsoft's Azure Active Directory (Azure AD) Identity Governance platform. Azure AD Identity Governance helps organizations enforce access security by ensuring users have the appropriate access to company resources.
Using Azure AD Entitlement Management, a component of Azure AD Identity Governance, administrators can manage user identity and access across the enterprise by creating, provisioning, and deprovisioning access packages, including automating access requests, access reviews, and access expiration.
Fastpath analyzes access packages within Entitlement Management and finds Separation of Duties (SOD) violations and other access risks down to the securable-object level. With Fastpath's Access Risk Monitor integration (Figure 1), administrators can identify access risks across multiple business applications before provisioning users. Azure AD administrators can now ensure that only minimum access rights are granted to users for their jobs and that users are prevented from accessing functions they should not execute.
Figure 1: Solution architecture for Microsoft Azure AD Identity Governance with Fastpath Assure risk analysis
For example, if the same person can create a vendor within the CRM application and then authorize payment to that vendor from within the company's financial application, a potential SOD violation exists for that user, exposing the organization to possible fraud.
Fastpath's granular access can be used in automated workflows, including user provisioning, access reviews, and access certifications. Evaluating access risk and conducting periodic access reviews are gaining more attention from auditors and regulators.
And for a good reason.
System administrators and IT and information security professionals are becoming aware that threats to the business are not always from outside the organization. Often, financial fraud comes from individuals within the organization.
The Association of Certified Fraud Examiners (AFCE) 2020 Report to the Nations showed that a lack of internal controls contributed to nearly 1/3 of all fraud. And the analyst group, Gartner, has said, "Effective segregation of duties (SOD) controls can reduce the risk of internal fraud by up to 60% through early detection of internal process failures in key business systems."
"We are delighted to have worked with Microsoft on this project," said Michael Cassady, Chief Technical Officer for Fastpath. "Through our integration with Microsoft's Azure AD Identity Governance platform, Fastpath's preventative controls can be an integral part of a company's Enterprise Security Plan in their effort to achieve true enterprise security."
Fastpath Assure is a cloud-based risk and compliance management platform that helps organizations track, review, approve, and mitigate user access and Separation of Duties (SOD) risks. Fastpath helps companies achieve process efficiency, reduced costs, and enhanced control over their fraud, auditing, and compliance management efforts.