<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=523033&amp;fmt=gif">

Identity Manager: Intelligent User Provisioning for your System

Fast and Secure User Provisioning

The Fastpath Assure® Identity Manager module lets business process owners request application access with the security of an approval process, without the need for IT intervention. Identity Manager streamlines user setup while adding approvals and audit trails into the process.

For many business systems, adding or editing users is a manual process, with email serving as the primary tool to submit requests and approvals to IT. This type of process is fraught with the potential for errors and mistakes, including a lack of clarity on specific access required.

Identity Manager allows change requests to be made online, generating emails for management approval. When combined with Segregation of Duties (SoD), requestors and approvers gain visibility into SoD risks present in the request, prior to granting access. Once approved, users are created automatically without IT intervention. Easy, intuitive reporting tracks all changes to security access for later audit, making for a more efficient, automated, and accountable process.

FEATURES

  • Request user creation and role assignments in Identity Manager
  • Visibility into SoD risks during requests and approvals
  • Multi-level management approval structures
  • Flexible approval rule scenarios – user to user, user to group, group to user, group to group, role to user
  • Restrict users from approving their own requests
  • Multiple Active Directory scenario configuration options for Microsoft Dynamics
  • Comprehensive reporting on requests and approvals
  • Assign emergency or temporary access

Who is Responsible for Deciding When User Access is Risky?

Most businesses have an approval process as it relates to user access, but still fall short identifying risks in access requests. Depending on your process, requests may be approved by an immediate supervisor, director, or IT manager, but are any of these people able to see all the risks associated with assigning access? This is even more important in the context of a system that may have hundreds of access points within a single permission or role. Understanding segregation of duties (SoD) risks is an area where many user provisioning plans fail.

With Fastpath Assure, you can link the Identity Manager module and the SoD module to include conflict risk reports with every user access request. When a user adds roles or specific permissions to a user request the SoD module automatically runs the new access against the user’s current access and reveals any areas of risk. The requesting user can then edit the request or send the request for approval, where each approver can see the conflicts and decide if the risks go above allowable levels or need mitigation before signing off.

User Role Assignment

Identity Manager 

Sometimes Users Need More Access, And Then They Don’t

There are times when a user needs additional access to perform a onetime task. Projects come up, contractors are hired, users need to cover for someone, and all of them may require special access. Supplying this access may be necessary, but usually comes with risks. The challenge becomes mitigating the specific conflicts inherent with the access, and ensuring that access is adjusted once the need has passed.

Identity Manager adds security and efficiency to temporary access needs. The scheduling feature lets you add effective dates to both user and permission access requests. This way, new hires can have a start date, employees who have given notice can have an end date, and temporary access can be fully planned, which relieves the need to remember to change security afterwards. To mitigate new risks, the included SoD report in every request allows you to plan for associated conflicts and implement controls before the access is granted.

Schedule Access

Schedule Access 
Schedule Access ×

 

Attain and Keep SOX Compliance by Controlling Access from the Start

SOX Auditors review user access for SoD conflicts as well as controls to limit access to sensitive data. Over time, user access may change, with users being added, changed and deleted. When those changes occur, new risks are created. To maintain security and compliance you need to have a process in place to review access for conflicts before the access is given, so you’re better prepared for audits.

User provisioning with SOX in mind can be easy and certainly simplify audit preparation. Using Identity Manager, access requests go through automatic approval workflows. The approvers can see what access the user currently has, along with the requested change, and conflicts that come with the new access. Identity Manager makes SOX compliance easier for user management.

How-To Risk Assessment Guide

Step-by-Step Risk Assessment Guide

If you're looking for a step-by-step plan to help you get started on an overall risk assessment, and a plan for correction, this paper is for you. Inside you will learn how to begin, and then execute on, developing your own risk assessment plan.

Download the Guide

Designing Oracle ERP Cloud Security

How-To Guide for Designing Oracle ERP Cloud Security

Building A Strong Security Architecture for Oracle ERP Cloud - Protect your company with this Step-by-Step approach. For companies looking to move to Oracle ERP Cloud, it is critical to include a strong application security design aimed to deter fraud, and ensure that transactions performed in the cloud are appropriate and authorized. Whether you're implementing or redesigning your Oracle project, follow this guide to achieve a secure Oracle ERP Cloud system and avoid the common pitfalls in the process.

Get the report here!

Use this Dynamics 365FO Matrix to Design Your Security Roles

Use this Dynamics 365FO Matrix to Design Your Security Roles


Building roles and implementing strong security in D365FO can be a daunting task, so we created a tool to assist in designing security roles for Dynamics 365 for Finance and Operations.

Get the Matrix!

Access Controls In SAP - The What And How Of SAP Security

Access Controls In SAP - The What And How Of SAP Security

Whether you know the importance of access controls or not, implementing and maintaining them can still be a difficult part of your SAP security plan. The audit and security expert, Keith Goldschmidt, goes over what access controls are, how SAP handles them, how you should implement and maintain them, and even suggests some tools to make the process easier on you.

Download the Paper

RAPID INSTALL
AUDIT EXPERTS ON STAFF INCLUDING CIA, CISA, CPA & CRISC
SKILLFUL AND ATTENTIVE SERVICE & SUPPORT PROFESSIONALS
UNLIMITED USERS

Easy Security Fixes for NetSuite - Fiscal Periods

In this series, we’re looking at a series of quick fixes to improve NetSuite security.  The matching principle in accounting requires that a company record expenses in the period in which the related revenues are earned. That means posting transactions in the correct period. Both revenues and expenses can be manipulated by posting them in past or future periods and this results in ... Read More

Data Entity Filtering in D365FO

From the blog of Alex Meyer, D365FO and Fastpath product expert: In this blog Alex shares how to take away some of the confusion around data entities and how to access them, with a detailed look into data entity filtering in Microsoft Dynamics 365 for Finance and ... Read More