You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Identity Governance
A primary objective of any organization should be to provide access that aligns with its business policies on risk and follows the principles of Zero Trust. This type of access, known as “compliant access,” is position-appropriate and incorporates risk policies to determine if granting a specific level of access would result in unacceptable risks.
EmpowerID's risk engine enables organizations to:
Identify cases that may pose a risk
Make informed decisions about accepting or rejecting risks
Implement mitigating controls when necessary
Utilize preventive and detective SOD simulation and validation
Streamline remediation and revocation using dashboards and automated workflows
Access Intelligibility
Understanding the real-world impact of technical entitlements is crucial for managing enterprise risk. EmpowerID bridges the gap between the technical system and business processes by introducing an "Intelligibility Layer" that connects both worlds.
Key features of Access Intelligibility include:
Functions: Business-user recognizable terms for activities performed by users with granted access (e.g., "Create Purchase Order" and "Approve Purchase Order")
Function mapping tools: Define the relationship between application permissions or roles and Functions
Pre-built library of Function definitions for common systems
Risk policies: Use Functions as building blocks to identify access violations
Comprehensive Risk Management
Organizations today face the challenge of managing enterprise risks scattered across various Cloud and on-premise systems. EmpowerID offers a solution that can connect, consume, and understand complex system-specific permissions and inheritance models.
Benefits of EmpowerID's comprehensive risk management approach:
Extensive library of connectors for on-premise and Cloud systems
Inventory engine that monitors systems for changes and security alerts
Immediate fulfillment or ticket creation in ServiceNow for selected risks requiring revocation