edf40wrjww2CF_PaperMaster:Desc
Control, Create, Comply, Correlate, and Collaborate…
Overview
Many organizations face significant challenges in projects aimed at cleaning up and restructuring privileges in a way that is more manageable and better reflects the underlying business. Privileges cleanup and role-based management are often viewed as pre-requisites to successful implementation of Identity Management systems, and are often required as part of the organizational compliance efforts.
However, many such projects were less than successful because the approach that was taken did not take into consideration significant requirements.
The 5Cs of Role Management
Over the years, Eurekify customers and industry analysts have defined a minimal set of 5 critical requirements that every role-based privileges management system and project must be able to provide.
• Control. In today business and regulatory environment, organizations are required to ensure that users' access is restricted to their needs. Security administrators must always be able to tell who exactly has access to what and why, and to demonstrate that privileges are granted accurately and consistently. Traditionally, however, most organizations have granted privileges in a very ad-hoc way. These privileges were granted to a growing number of employees and external workers, and to an ever growing number of applications. As a result, very few organizations really have control over their privileges, to the point where they can effectively and immediately answer simple questions such as who has access to a resource or a group of resources, what are all the resources someone has access to, who else has access to the resource, how many peopl ...