No digitization without IDM

16.02.2017

Digitization is not simply a "hype" of the media, but is a profound social change with an impact on business processes as well as business models. In addition, Hut Digitization has a proven impact on customer behavior.

Digitization networks "things", such as people and devices. Each "thing" requires an identity to which certain rights are assigned. The use of the Agile Identity Management (IDM) system is indispensable for this.

The Identity Governance & Administration Suite ORG, developed by FSP, supports processes for the appropriate roll- and policy-based IT authorization allocation and the regular recertification of authorizations. MaRisk, BSI, COBIT, BDSG and others.

Find out how you can design your identity management in a revision-proof and "step by step" manner. Each introductory step already provides optimization and compliance benefits. Quite apart from the increased security of your business applications.

Functionality of ORG

Die Identity Governance & Administration Suite ORG unterstützt Prozesse für die angemessene rollen- und richtlinienbasierte IT-Berechtigungsvergabe und deren regelmäßige Rezertifizierung.

Modern IT authorization management in the age of digitization no longer only manages people, but also "things" as well as self-employed software and their relationships among themselves. This requires an IGA suite like ORG.

The ORG modules are presented below.

Flexible Administration

Initial filling of human resources, software asset management and IT asset management systems with:

  • Device and software information
  • Department, job and role information

Figure of granular authorization rules (ABAC / Externalised Access Management) Definition Application process:

  •  Who is allowed to apply for whom?
  •  Who must approve something

Definition of Segregation of Duties Audit security through the historicization of all administrative procedures (new, change, deletion) Multi-tenancy

Audit-proof and rule-based application and approval workflow

  • Entry (rights can be switched automatically to the date of entry)
  • in the case of a change of position / department (automatic loss of the previous and new rights)
  • exit (automatic loss of all rights) - Temporary limitation of rights (e.g., leave of absence)
  • "revitalization" of an expired or deleted right - Processing status acknowledgment

Automatic allocation of authorizations (provisioning)

If automatic provisioning is not possible or is not useful for other reasons, then: E-mails or tickets to authorization administrators with confirmation

Automatic allocation of authorizations (provisioning)

  • Roles-based target systems (e.g., AD, RACF, SAP, Exchange, Sharepoint, LDAP)
  • Rule- / policy-based target systems (externalized access management)
  • Cloud / External SaaS Service Providers

Flexible evaluations, e.g.

  • which employees or things have a certain role, position, ...
  • time-travel possibilities, e.g. Comparison of authorizations over time periods
  • which details are hidden behind User X
  • by user ID, position, cost center, time, ...

Regular control of the authorizations (certification)

  • Recertification reports for application administrators
  • Recertification is also understandable and feasible for specialist departments
  • Recertification reports for auditors / auditors
This website uses cookies. By using the website, you consent to the use of cookies. Privacy Information