Compliance in the Identy and Access Management System

Provision, control and understand users

How can it be ensured that an employee always has only the access rights he needs for his daily work? What happens if an employee changes the department or gets another job? If an employee leaves the company, data protection regulations must be complied with. Its accounts must be removed from all applications.

Using smart processes in the Identity and Access Management System, you can prevent data abuse and security leaks and prevent security incidents.

Ruled access rights
Compliance with data protection
containment of security incidents
Easy to remove accounts

Lawfulness through processes

Identity and Access Management ensures compliance requirements for all connected applications.

Good processes here are the A and O.

Process

Provision, control and understand users

Joiner/Mover/Leaver

The "Joiner/Mover/Leaver" processes are about recruiting employees, changing the department or leaving the company. It is necessary to ensure that they receive the appropriate authorizations they need for their tasks; only these. With an identity management system, you can couple certain roles to HR processes and automate this process accordingly. Manual intervention for special permissions can be provided here.

Auditing

When administering user accounts and access rights, it must be possible to understand which employee has carried out the respective action. This requires an unchangeable audit log. Of course, a GDPR-compliant retention policy must also be determined here.

Provisioning

If an employee gets rights for an application, the master data of the user must be transmitted to the application. The user is created in the application. This process is called commissioning. If an employee loses access to an application, the user must be removed or at least disabled accordingly. In addition to security reasons, GDPR founders are also involved. Technically, the SCIM standard should be mentioned here, see:
IETF SCIM Working Group
SimpleCloud.info (Overview of Implementations, Standard)
Microsoft
Okta
However, individual solutions are often also implemented.

Segregation of Duty

From a company perspective, it is important that some access rights are mutually exclusive. Abuse by employees can be systematically prevented. Example: An employee should not be able to initiate orders and make payments at the same time. He could dispose of money like that without anyone coming. With an identity management system, you can formulate these rules and technically ensure them. The assignment of certain roles to one and the same employee is then no longer possible.

Uniform safety standards

Since safety-relevant processes are implemented centrally with an identity management system, it is automatically ensured that they apply to all applications. Without identity management system, you would have to program them individually in each application and monitor compliance with them regularly. The time and cost savings allow you to focus on the continuous improvement in the identity management system.
Contact us
We are happy to help
Frank Tripp Specialist in IAM
[email protected] +49 5251 5449490
Frank Tripp
free, online >
Make an appointment

We use cookies

We use cookies to provide you with the best possible experience on our website. Analysis tools help us to identify and improve the most popular content. We also want to find out how well our advertisements work. Details can be found in the Data Protection section. Please select which cookies you want to accept:

Data protection

|

Legal notice