<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=523033&amp;fmt=gif">

Identity Manager: Intelligent User Provisioning for your System

Fast and Secure User Provisioning

The Fastpath Assure® Identity Manager module lets business process owners request application access with the security of an approval process, without the need for IT intervention. Identity Manager streamlines user setup while adding approvals and audit trails into the process.

For many business systems, adding or editing users is a manual process, with email serving as the primary tool to submit requests and approvals to IT. This type of process is fraught with the potential for errors and mistakes, including a lack of clarity on specific access required.

Identity Manager allows change requests to be made online, generating emails for management approval. When combined with Segregation of Duties (SoD), requestors and approvers gain visibility into SoD risks present in the request, prior to granting access. Once approved, users are created automatically without IT intervention. Easy, intuitive reporting tracks all changes to security access for later audit, making for a more efficient, automated, and accountable process.

FEATURES

  • Request user creation and role assignments in Identity Manager
  • Visibility into SoD risks during requests and approvals
  • Multi-level management approval structures
  • Flexible approval rule scenarios – user to user, user to group, group to user, group to group, role to user
  • Restrict users from approving their own requests
  • Multiple Active Directory scenario configuration options for Microsoft Dynamics
  • Comprehensive reporting on requests and approvals
  • Assign emergency or temporary access

Who is Responsible for Deciding When User Access is Risky?

Most businesses have an approval process as it relates to user access, but still fall short identifying risks in access requests. Depending on your process, requests may be approved by an immediate supervisor, director, or IT manager, but are any of these people able to see all the risks associated with assigning access? This is even more important in the context of a system that may have hundreds of access points within a single permission or role. Understanding segregation of duties (SoD) risks is an area where many user provisioning plans fail.

With Fastpath Assure, you can link the Identity Manager module and the SoD module to include conflict risk reports with every user access request. When a user adds roles or specific permissions to a user request the SoD module automatically runs the new access against the user’s current access and reveals any areas of risk. The requesting user can then edit the request or send the request for approval, where each approver can see the conflicts and decide if the risks go above allowable levels or need mitigation before signing off.

User Role Assignment

Identity Manager 

Sometimes Users Need More Access, And Then They Don’t

There are times when a user needs additional access to perform a onetime task. Projects come up, contractors are hired, users need to cover for someone, and all of them may require special access. Supplying this access may be necessary, but usually comes with risks. The challenge becomes mitigating the specific conflicts inherent with the access, and ensuring that access is adjusted once the need has passed.

Identity Manager adds security and efficiency to temporary access needs. The scheduling feature lets you add effective dates to both user and permission access requests. This way, new hires can have a start date, employees who have given notice can have an end date, and temporary access can be fully planned, which relieves the need to remember to change security afterwards. To mitigate new risks, the included SoD report in every request allows you to plan for associated conflicts and implement controls before the access is granted.

Schedule Access

Schedule Access 
Schedule Access ×

 

Attain and Keep SOX Compliance by Controlling Access from the Start

SOX Auditors review user access for SoD conflicts as well as controls to limit access to sensitive data. Over time, user access may change, with users being added, changed and deleted. When those changes occur, new risks are created. To maintain security and compliance you need to have a process in place to review access for conflicts before the access is given, so you’re better prepared for audits.

User provisioning with SOX in mind can be easy and certainly simplify audit preparation. Using Identity Manager, access requests go through automatic approval workflows. The approvers can see what access the user currently has, along with the requested change, and conflicts that come with the new access. Identity Manager makes SOX compliance easier for user management.

Key Considerations When Selecting GRC Software | Fastpath GRC

Key Considerations When Selecting GRC Software

Sarbanes-Oxley regulations are complex, but there are ways to simplify it. In this short E-book, Norman Marks focuses on simplifying your controls and other considerations when choosing your GRC software.

Download the Paper

Innovation in User Experience for Automated Controls_2020_Award

GRC 2020's Innovation in User Experience Report

GRC 20/20 Research, LLC (GRC 20/20) provides clarity of insight into governance, risk management, and compliance (GRC) solutions and strategies through objective market research, benchmarking, training, and analysis. Read their report on Fastpath Assure®, the security and compliance platform which won their "Innovation in User Experience for Automated Controls" Award in 2017!

Get the report here!

Others_Template_Role Duty Matrix for D365-1

Dynamics 365FO Matrix


Building roles and implementing strong security in D365FO can be a daunting task, so we created a tool to assist in designing security roles for Dynamics 365 for Finance and Operations.

Get the Matrix!

Others_Template_Access Controls in SAP

Access Controls in SAP - The What and How of SAP Security

Whether you know the importance of access controls or not, implementing and maintaining them can still be a difficult part of your SAP security plan. The audit and security expert, Keith Goldschmidt, goes over what access controls are, how SAP handles them, how you should implement and maintain them, and even suggests some tools to make the process easier on you.

Download the Paper

RAPID INSTALL
AUDIT EXPERTS ON STAFF INCLUDING CIA, CISA, CPA & CRISC
SKILLFUL AND ATTENTIVE SERVICE & SUPPORT PROFESSIONALS
UNLIMITED USERS

Why You Should Use Object-Based Security Analysis

Attention to Detail With a risk-based audit approach, you can leverage your understanding of your own organization to define how you approach risk and compliance. No longer do you need to apply a “one size fits all” approach to appease your auditor – instead, you can choose to focus on what matters to you. When it comes to assessing access risk in your ... Read More

3 Reasons You Can’t Count on Spidering as an Audit Tool for NetSuite

There is a rumor floating around that could have very serious implications for your business. The claim is that “spidering”--a technology that takes an inventory of data on a given website at a specific point in time—is an effective way to continuously monitor changes to NetSuite environments. Unfortunately, this claim is dead wrong. In an informal poll across the Big 4 and Certified ... Read More

Fastpath Completes SOC 1 Type 2 Examination

Demonstrating Continued Quality and Integrity of the Fastpath Assure® Cloud Platform Des Moines, IA, November 27, 2018 - Fastpath, a leader in audit, security, and compliance software, announced today that it has successfully completed the Service Organization Control (SOC) 1 Type 2 ... Read More