Our Visual Workflow Studio can implement a process-driven identity governance infrastructure that not only meets all legal, regulatory and compliance legislation but is also based on your Enterprise requirements.
Business Process Aligned
Fully flexible and customizable to meet all requirements and directives. Supporting processes driven by business, not tech.
Governance Across All Systems
Our Identity Warehouse meets compliance demands, and our Universal Connector encompasses all systems.
Audit and Recertify
Providing an up-to-date, accurate review of critical resource access as well as making validate and tasks simple.
Business-Driven Identity Governance
EmpowerID’s identity governance and user lifecycle management capabilities mitigate access risks and minimize segregation of duties incidents. Our unique visual workflow approach allows organizations to create an identity governance infrastructure based on business requirements rather than on IT processes. Our model incorporates IT, compliance and business points of view. By leveraging a business-friendly role foundation, EmpowerID presents information to users in the context that makes sense to them. This approach helps simplify the user access process, as well as roles design, review and certification.
Governance for All of Your Systems
EmpowerID provides a central Identity Warehouse to support compliance efforts. The Identity Warehouse supports all an organization’s applications and directories including, those that were custom developed. The Identity Warehouse uses a purpose-built data model that imports and inventories directory entitlements. Connectors automatically inventory users and their access for standard systems such as Office 365, Google Apps, Amazon Web Services, SalesForce.com, and Exchange mailboxes, while custom-developed applications can be supported by the EmpowerID Universal Connector.
Audit and Recertify User Access
EmpowerID’s access recertification process empowers organizations to periodically review and validate user access to Cloud and on-premise applications. EmpowerID continuously inventories most systems to ensure an accurate picture of user access to critical resources. Non-inventoried systems can also periodically import their data into the Identity Warehouse for analysis. A built-in access review engine disseminates this information so that auditors save time reviewing access privileges by user.
Business users can quickly perform reviews from a web-based interface using their desktop or mobile device to affirm or to deny that appropriate access is granted to the users they manage. The access certification functionality is closely integrated with our IT shopping cart function to provide a closed-loop system for access requests and reviews. Reviewers can then quickly ascertain how the access was granted, why it was granted, and when it was granted.
Risk Management and Optimization
A key component of compliance efforts is quantifying and managing risk. Risk cannot be completely eliminated without denying necessary access to users, but excessive risk must be measured, managed, and mitigated. EmpowerID’s risk engine calculates a risk score for each person, group, and role, based on a weighted calculation of the access each holds. Excessive risk or outliers quickly bubble to the top and are visible in reports and dashboard views. Once quantified, an organization’s overall risk profile can be managed, to decrease it over time through active management. Toxic combinations of access defined in policies can be detected no matter how the access was granted. These violations raise alerts which can be corrected or mitigated with exception handling policies.
Risk-Based Analytics, Reports, and Dashboards
EmpowerID brings intelligence and in-depth visibility to assist with an organization’s compliance efforts. Systems are continuously inventoried and monitored for changes, enabling on demand reporting on all aspects of security. The Identity Warehouse becomes the hub for all security audit activities as it can answer who has access to what, when access was granted and by whom, and when was the access last certified.
Hundreds of built-in statistics, metrics, and risk scores are displayed in user-friendly dashboards. Instant visibility lets users monitor how the environment is changing and where the greatest risk lies. A large library of out of the box reports also enables deeper, scheduled reporting that can be shared with other stakeholders.