Common Repository..
• Build an Identity Access Management(IAM) (common repository) within the SRM tool to load the application security extracts with user entitlement data for SoX Compliance ManageMent critical applications.
• Recreate the Business-Unit hierarchy structure at client within the Sun Role and Compliance Manager (SRM) tool to define and display 40000+ User-Manager relationships with the organization.
• Maintain records for 350k+ users with access to financially critical transactions across the different platforms and applications.
Simplify Certification Process..
• Automate and enhance Identity Certification and Identity Audit [Segregation of Duties] module to perform certifications of user access to financially critical transactions across multiple applications.
• Certify users’ access based on roles where available and application security setting definitions in all other cases.
• Certify accesses of 350k+ users distributed across 40000+ business units with more than 100k accounts with access to high risk transactions
• Ensure certification takes place within 60 days
• Ensure Segregation of Duties are defined implemented and continuous monitoring of transactions of users in available
Miscellaneous..
• Perform clean up of orphaned accounts (system and user) identified during the data loading phase for various applications by associating the orphan accounts with appropriate data owners.
Solutions..
The latest version of SRM v4.0.1 with enhanced features was implemented by the Simeio Solutions consultants to help the client achieve their Certification and Audit goals. The enhanced AJAX UI Interface, administrative dashboard, advanced Business Unit - Users correlation and an enhanced Identity Certification and Audit module provided by the new version was an ideal identity management solution to meet audit requirements.
The data imports process for building the Identity Warehouse for the 350k + users and their hierarchical entitlement data was completed by utilizing the ability of SRM to automate and schedule the process of users, accounts and glossary (business descriptions for the entitlements).
About Us..
Simeio Solutions is a professional services and management consulting company with a strong collective background in implementing Identity and Role Based Access Control solutions, supporting Fortune 1000 clients.
We offer a unique perspective, utilizing leadership team experience and best practice knowledge which was gained while on the client side of multiple identity management implementations. Our clients appreciate this perspective. They find that it adds substantial value when defining their own sustainable operations processes, developing roll out plans and building collaborative successful project teams.
Thursday, July 2, 2009
Monday, June 29, 2009
Business Process Management(BPM), Role Based Access Control (RBAC) and Enterprise Role Management...
Like most organizations the need to comply with both government regulations, internal security audit controls and Business Process Management(BPM) are an ever-present challenge. The client had identified the need to implement a Role Based Access Control (RBAC) model to address some internal audit findings. The client had a well-defined process to handle the disabling and deleting of user accounts upon termination, but the challenge was the transfers of existing users and provisioning of new users with the correct level of access for their job. Transferred users would often have entitlements that were carried over from their previous job function. In the case of new user creation the process was to create a new user by mirroring an existing account. This often resulted in the new user gaining extra access rights that they don’t need to perform their daily job function. In addition, there was no complete and efficient process to review user entitlements to make informed decisions about whether to clean up or retain that level of access.
The client’s primary requirement was for a tool that provided comprehensive Role Engineering and Enterprise Role Management functionality, to define and manage roles moving forward. The client engaged Simeio to utilize the RBACx technology to assist in the creation of roles to migrate to an RBAC model. Utilizing the proven methodology and the advanced data mining algorithms in RBACx, the client was able to define enterprise and departmental roles across 3 platforms and 88 applications. Once users were assigned to roles, the client was able to leverage the Role vs. Actual Analysis feature in RBACx to identify any entitlements that were not required for a user to perform their job. Additionally, the client was able to empower the Business Unit/Manager representatives to certify/revoke user entitlements utilizing the glossary feature in RBACx that allows for business friendly terms and descriptions to replace technical entitlement names.
The Global User information was imported into the RBACx Identity Warehouse from an authoritative source that the client maintains for its users. RBACx is scheduled to receive nightly feeds from the authoritative source to imported data for approximately 5000 Global Users which were part of two business units under scope in this project.To meet the needs of this client Vaau used a hybrid approach for role mining. Users were grouped according to Managers and mining was conducted for each group which represented every employee reporting a particular Manager. Initial mining was carried out across the three major platforms to identify clusters of users based on their entitlements.
The client’s primary requirement was for a tool that provided comprehensive Role Engineering and Enterprise Role Management functionality, to define and manage roles moving forward. The client engaged Simeio to utilize the RBACx technology to assist in the creation of roles to migrate to an RBAC model. Utilizing the proven methodology and the advanced data mining algorithms in RBACx, the client was able to define enterprise and departmental roles across 3 platforms and 88 applications. Once users were assigned to roles, the client was able to leverage the Role vs. Actual Analysis feature in RBACx to identify any entitlements that were not required for a user to perform their job. Additionally, the client was able to empower the Business Unit/Manager representatives to certify/revoke user entitlements utilizing the glossary feature in RBACx that allows for business friendly terms and descriptions to replace technical entitlement names.
The Global User information was imported into the RBACx Identity Warehouse from an authoritative source that the client maintains for its users. RBACx is scheduled to receive nightly feeds from the authoritative source to imported data for approximately 5000 Global Users which were part of two business units under scope in this project.To meet the needs of this client Vaau used a hybrid approach for role mining. Users were grouped according to Managers and mining was conducted for each group which represented every employee reporting a particular Manager. Initial mining was carried out across the three major platforms to identify clusters of users based on their entitlements.
We, Simeio Solutions, offer a unique perspective, utilizing leadership team experience and best practice knowledge which was gained while on the client side of multiple Identity Management implementations. Our clients appreciate this perspective. They find that it adds substantial value when defining their own sustainable operations processes, developing roll out plans and building collaborative successful project teams.
Tuesday, June 23, 2009
Sarbanes-Oxley(SOX) Compliance Management to Improve Role Based Access Control (RBAC) and Identity Access Management(IAM)..
Requirements •••
As part of their ongoing Sarbanes-Oxley compliance efforts, a global Broadcast Service Provider determined they needed to fully assess their process for managing user access to company resources, and to develop a sustainable future state process that could be quickly implemented to manage the entire life-cycle of enterprise identities within the organization.
The client defined the following business drivers for this project:
* Comply with the user access related provisions of the Sarbanes Oxley Act
* Increase operational efficiency by automating user access tasks and allowing delegated administration of users
* Improve security by incorporating a Role Based Access Control (RBAC) structure
* Improve customer service levels by reducing the time to approve user requests
* Centralized and aggregated data store for all identities in SOX critical applications and one global view for a User Object.
Solutions •••
CA leveraged Simeio Solutions personnel to perform an Identity & Access Management (IAM) assessment for the client to analyze and document the “current state” of their user access management process and to define a “future state” process that would meet their business requirements.
The CA and Simeio team delivered a comprehensive assessment report that defined the strategy and roadmap for implementing an IAM platform, provided a comparison of several vendors offering IAM solutions, and outlined detailed requirements to be used in an RFP. Simeio interviewed over 50 client personnel as part of the IAM assessment. The team proposed a software solution consisting of CA’s Identity Manager and Siteminder and Role Management from a Simeio partner. The services proposal included a comprehensive role engineering phase that would prepare the client for the provisioning stage by following industry standards for Role Based Access Control (RBAC). The primary responders to the RFP for this project included Sun and IBM.
As part of their ongoing Sarbanes-Oxley compliance efforts, a global Broadcast Service Provider determined they needed to fully assess their process for managing user access to company resources, and to develop a sustainable future state process that could be quickly implemented to manage the entire life-cycle of enterprise identities within the organization.
The client defined the following business drivers for this project:
* Comply with the user access related provisions of the Sarbanes Oxley Act
* Increase operational efficiency by automating user access tasks and allowing delegated administration of users
* Improve security by incorporating a Role Based Access Control (RBAC) structure
* Improve customer service levels by reducing the time to approve user requests
* Centralized and aggregated data store for all identities in SOX critical applications and one global view for a User Object.
Solutions •••
CA leveraged Simeio Solutions personnel to perform an Identity & Access Management (IAM) assessment for the client to analyze and document the “current state” of their user access management process and to define a “future state” process that would meet their business requirements.
The CA and Simeio team delivered a comprehensive assessment report that defined the strategy and roadmap for implementing an IAM platform, provided a comparison of several vendors offering IAM solutions, and outlined detailed requirements to be used in an RFP. Simeio interviewed over 50 client personnel as part of the IAM assessment. The team proposed a software solution consisting of CA’s Identity Manager and Siteminder and Role Management from a Simeio partner. The services proposal included a comprehensive role engineering phase that would prepare the client for the provisioning stage by following industry standards for Role Based Access Control (RBAC). The primary responders to the RFP for this project included Sun and IBM.
Monday, June 22, 2009
Simeio Solutions Appoints Identity Management(IAM) and IT-GRC Expert Naynesh Patel..
Simeio Solutions (www.simeiosoutions.com) today announced the addition of industry veteran Naynesh Patel as a partner in the company. He joins Simeio from KPMG LLP, where he served as the
“We are thrilled to have an executive of Naynesh’s caliber join the Simeio team," says Hemen Vimadalal, founder and managing partner, Simeio Solutions. “He has achieved remarkable success in developing IAM, compliance and security strategies for some of the world’s largest enterprises. We know he will play an integral role in Simeio’s continued growth and innovation, building opportunities for our suite of services.”
“I’m very excited to join Simeio, a company broadly recognized as a thought leader in identity and access management,” says Patel. “This is a fantastic opportunity to show customers how to leverage IAM technologies to standardize and automate business processes management, reduce corporate risk, improve audit performance and minimize implementation costs. I look forward to making the best contribution possible to Simeio’s growth.”
Subscribe to:
Posts (Atom)