Former boxing champion Manny Pacquiao found out last weekend in his bout with Juan Manuel Marquez that it takes just one blow to bring positive plans to a crashing end. Pacquiao went into the fight having defeated Marquez three out of four times and with future championship bouts in his sights. But in spite of leading on all of the judges’ cards through the first five round in his fight last Saturday, Pacquiao ran into a stiff right hand from Marquez, knocking him out cold, leaving him prone on the canvas for several minutes and putting his all his future plans in question.
It’s the same in business. All it takes is one bad blow to ruin a company’s future. Just one improper access, one inadvertently divulged password, one employee with the wrong set of access controls, one poorly executed case of user access provisioning can result in a serious blow to a company’s enterprise risk management efforts. And like the punch Pacquiao received from Marquez, the results can be staggering — lost revenue, damaged customer relationships and a sullied brand.
Avatier’s innovative answer to this threat is Group Requester, which it launched this week. Group Requester is a rule-based group management solution that applies business rules to HR or Directory attributes, effectively eliminating IT cyber security risks because group membership and distribution lists are automatically updated on a scheduled basis. New members are added and outdated or unauthorized members are removed as often as necessary, which ensures unrivaled group risk management.
- Data-Driven Group Membership — Group members receive appropriate access to applications or email distribution lists based on their job title, department, location or any other available attribute.
- Active Directory Group Management — Automatic group management with Group Requester is based on business changes made to source systems’ employee attributes and end-user account property values found in directories like Microsoft Active Directory, and Web-service feeds.
- Rule Based Group Management Engine — Group membership is based on defined data points. A wizard-driven rules engine leverages business data and rule exceptions to drive automated group membership.
- Automatic Group Management Software Rule Tests — Users may view identity matches from the target and source prior to placing the rule into production. This includes missing, removed and new members.
- Group Management Software Scheduler — Group Requester’s powerful scheduling engine allows the user to define when rules will be automatically executed according to the user’s frequency and time stipulations.
- Automatic Group Management Software Alerts — Automated alerts continuously monitor group integrity and detect potential security exceptions as they happen.
- IT Cyber Security Risks Report and Audit Controls — Reports detail who was added or removed in a group, and who remained, after each business change and rule application.
- Rule Based Group Management Exception Handling — With group membership exception handling, users may statically add members to groups even if they do not meet the rule criteria.
If Pacquiao’s defenses had been as staunch at assessing and preventing the risk of a knockout as the automatic group management of Group Requester is in protecting against IT cyber security threats, he’d be on his way to arranging his next championship bout.
With Compliance Auditor, identity and access governance audits are simple to conduct and make part of your continuous improvement operations. Watch the Avatier Compliance Auditor Production Introduction to learn more.
Learn the top 10 Access Governance Best Practices for successful implementations from experts. Sidestep the challenges that can derail GRC software and compliance management projects.