Role Mining and Optimization
Role-based security management provides increased efficiency and other benefits, but implementation projects can become delayed as organizations work to define their initial set of roles. EmpowerID’s Role Mining engine solves this challenge by recommending an optimal initial set of roles, based on the organization’s existing access assignments.
Our sophisticated machine learning algorithms uncover the existing “implicit” roles already in use within and organization by analyzing current access assignments for users. These existing roles become the starting point for defining standardized access roles and adopting role-based access control (RBAC).
Minimizing the number of security roles reduces administrative workloads and can streamline the audit recertification campaigns. RBAC also helps eliminate access assignments that have been directly assigned to users rather than assigned through their role. EmpowerID’s Role Mining engine identifies these opportunities for optimization and can eliminate redundant direct assignments. Security becomes more manageable and the organization’s risk profile is minimized.
Request more information or a demonstration ›

Dynamic Role Automation
Each internal and external user identity has a lifecycle, and their roles and responsibilities change often. Some experts estimate as high as a 20+% internal turnover per year, creating high volumes of role churn. EmpowerID monitors your authoritative HR systems to detect these changes in a person’s job title and location. These changes can be set up to trigger query-driven and mapping-driven policies that adjust the user’s role assignments in EmpowerID to control their access across all managed systems.
Request more information or a demonstration ›
Role Self-Service Shopping
EmpowerID brings a shopping cart experience to the role access request process. Users simply search for the roles or access they need and add them to their cart. Managers may shop for multiple direct reports at the same time and submit a bulk request to save time. Requests even include the ability to request temporary access, with specified start and end times for the role. When a user is done shopping, they submit their request and the EmpowerID workflow engine manages the approval process.
The EmpowerID workflow engine determines from your organizational hierarchy and rules which items need approval, how many approvals are needed, and who must approve each. Requests are automatically routed for approval, and their status is tracked in a business-user friendly interface. All participants are kept informed by email notifications, and all requests, decisions and associated fulfillment actions are recorded and integrated into the access recertification process.
Request more information or a demonstration ›

Role Recertification and Risk Management
EmpowerID manages the entire role lifecycle including periodic recertification and risk management.
Built-in recertification policies snapshot the members for each role and the access roles grant, so role audits are quick and easy. This also generates an audit trail exists that covers all role management activities from self-service access requests to delegated role administration. Risk-based separation of duties policies allow administrators to define, detect, and remedy toxic combinations of roles if discovered.
Request more information or a demonstration ›