Given the sensitive nature of many organizational IT resources, and the complexity of current regulatory and oversight initiatives, maintaining the transparency of "who has access to what, where, and when" in a readily available format requires more than just following the path of an audit trail layered with page after page of reports. Although these are indispensable to any compliance strategy, employing an "after-the-fact-only" approach to resource security can prove to be disastrous, as many recent insider breaches have shown. EmpowerID provides a powerful Attestation and Recertification platform that gives any organization the ability to take a more proactive approach to rectifying rectify potential security issues before they occur through the crafting of EmpowerID Audits and Recertification Policies.
...
Recertification Policy Type | Creates a snapshot of | |
|---|---|---|
Account Validity | Account Validity, validity checks that the account should exists, exist. It routes the request to the account owner first and then fall-falls back. | |
Business Role and Location Membership | Members of Business Role And Location, includes business role and location include person primary business role location, secondary as well as group and management role membership. | |
Direct Reports | This recertification policy is used to audit who reports to whom. | |
Exchange Mailbox Permissions | This recertification policy is used to audit who currently has what type of access to a given Exchange exchange mailbox. | |
Folder Permissions | This recertification policy is used to audit who currently has what type of access to a given Windows windows folder. | |
Group Membership | This recertification policy is used to audit who currently has membership in a given group. | |
Group Owner | Attestation for Ownership of GroupsThis recertification policy is used to audit the attestation for ownership of groups. | |
Group Validity | Group Validity, checks that the account should exists, routes the request to group owner first and then fall-back. | |
Management Role Access Assignmentcurrent | Resource Roles assigned to a Management Role, allowing you to quickly glean the resultant access to resources people have by virtue of their assignment to the Management RoleThis recertification policy is used to audit the access granted by the management role. | |
Management Role Membership | This recertification policy is used to audit the current assignees of a Management Rolemanagement role. | |
Management Role Validity | This recertification policy is used to audit the current validity of a Management Rolemanagement role. | |
Person Access Summary | All Access Assigned This recertification policy is used to audit all the access assigned directly to a person. | |
Person Direct Entitlements | All This recertification policy is used to audit all the entitlements given directly to a person. | |
Person Validity | Person Validity, checks that the account should exists, routes the request to Person owner first and then fall-back. |
...