Why AvatierProductsSolutionsCustomersPartners
PricingRequest DemoResourcesSupport(925) 217-5170

Avatier Newsletter Q3 2012


Avatier Unveils Group Requester and Group Enforcer

Group Requester and Group Enforcer made their respective debuts this quarter, carrying on the Avatier tradition of innovation, fast time-to-value and operational efficiency.

Announced in July, Group Requester puts group management in the hands of those charged with overseeing their groups. By doing this, risks associated with group membership management are reduced, group sprawl is eliminated and IT professionals have more time to focus on other issues requiring their attention. Some of the solution's key self-service features and functionality include the ability for the business user to request group creation and ongoing group maintenance, including modifying membership and deleting groups. Some key features include expiring groups, preventing redundant groups, and attribute based control over group creation that prevents group requests from users in the wrong department or location.

Group Enforcer is an access governance solution that eliminates the huge security risk of allowing unapproved access associated with employee turnover, reorganization, hiring and firing. It ensures group membership and distribution lists are automatically updated whenever employee attributes on the source system are updated like title, department, and location changes. New members are added or removed automatically, which solves group risk management issues and delivers optimal control over security. Group Enforcer includes its own unique features, such as automatic membership to a group based on job title, department or location; and alerts, which are automatically generated to help continuously monitor group integrity and warn of potential security exceptions as they happen. Click here to learn more about these exciting new additions to Avatier Identity Management Suite!


Thinking Outside The Box

It occurred to me the other day that it's time the IT and information security industries start thinking in broader business terms when it comes to Identity and Access Management. With a little imagination, we have the capability to meet a whole new need within the enterprise. For lack of a better name, let's call it Universal Assignment Management. I think that if IAM can extend well beyond traditional access to security and IT-related resources, it should be able to manage any identity assignments. This would include, hardware (computers, laptops, tablets, mobile devices—the entire host of BYOD we see today and can imagine tomorrow); physical access (keys and badges); electronic and biometric access; access to applications and subscriptions in the cloud; databases; and systems—and a host of other aspects of corporate oversight too numerous to list here. Each of these elements require the same management we handle so well today in IAM: requesting, approving, granting and tracking—essentially identity assignment management.

IT could be teaming with business units to understand their needs in order to deploy a holistic assignment management solution that provides both actionable service catalog capabilities along with access and asset management and workflow capabilities. Automation of these activities would clearly improve productivity and free resources to perform more value-added work. And equally important, it makes sense that if both business value and IT operational value can be created by implementing this type of solution, the chance of receiving support—and funding—should be that much higher. Henry Kaiser, legendary builder and cement king, once said "my job is to find a hole and fill it". Sometimes marketing is just that simple. With a little innovative thinking, a plan, and the tenacity to execute an elegant, easy to operate product, our industry is capable of coming up with a solution that will fill such an obvious hole in today's enterprise. It's something to think about. And while others are thinking, We're working on it. More later...

Nelson Cicchitto
CEO, Avatier


The Cosmopolitan of Las Vegas turns to Avatier to help streamline provisioning of thousands of new "CoStars."

For The Cosmopolitan of Las Vegas, Avatier's Avatier Identity Management Software suite helped ease the stress of onboarding thousands of new "CoStars" by automating key provisioning and decommissioning processes, ultimately reducing support desk call volume and resource requirements while ensuring regulatory compliance.


Brand-new organizations need all the help they can get when faced with bringing new hires into the fold. But 4,500 of them in six weeks? A Herculean task, indeed, especially in the highly competitive, and highly regulated, commercial casino industry. Startup luxury resort and casino The Cosmopolitan of Las Vegas (TCoLV) was faced with just this challenge, and Vegas' fast pace was not about to slow to wait for the resort's operational kinks to be worked out. With minimal infrastructure in place, provisioning these new "CoStars" meant manually providing them access to various mission-critical systems across the company in compliance with SOX, PCI and Nevada Gaming Control Board regulations. Clearly, TCoLV's IT staff would have their hands full, and once on board, the new CoStars themselves would likely clog helpdesk lines with issues arising from unforeseen system access hurdles and password troubles.

"Finding a solution to help with these challenges was absolutely critical, especially since we are heavily regulated," said Kris Singleton, CIO at TCoLV. "Reducing IT costs were also significant concerns, given our highly competitive industry."


Singleton was determined to overcome the challenges associated with provisioning the huge number of new CoStars, so the search began for an IAM solution that allowed for easy installation, efficient implementation, and ongoing ease of use and maintenance while enforcing the concept of the least privilege access to critical systems. Innovation was another determining factor in the solution, as TCoLV was committed to finding the most unique solution that would yield lower costs, higher revenue or greater efficiency. Altogether, this turned out to be a tall order for many of the IAM solutions TCoLV evaluated, but Avatier's solution stood out.

"Avatier's unique approach to identity access and risk management combines significant operational efficiency and fast time to value. But equally important, it's an industry first," said Ms. Singleton. "Their Business Services Catalog with integrated IT shopping cart saves time and money, while putting many traditional IT tasks into the hands of our CoStars."

TCoLV purchased Avatier's user provisioning solutions to manage the adds, moves and changes throughout the life cycle of any given CoStar. These include account creation and access requests, and daily account management tasks that go along with promotions, demotions and leaves of absence. The password management solutions also enabled users to perform a self-service password reset. With this solution in place, TCoLV could drastically reduce incoming helpdesk calls and slash time spent on manually resetting passwords.

All of these capabilities also include the necessary reporting and auditing to meet the many compliance and regulatory requirements relevant to access control, user account and password changes.

Aside from the obvious integration with TCoLV's Infinum HR system, AIMS also easily integrated with a number of other business-critical systems, including Infinium Payroll, Infinium General and Payables ledgers, Kronos, and Agilysys Front Desk, SpaSoft, and Infogenesis POS.


The Avatier Identity Management Software suite is now fully deployed, and TCoLV is certainly reaping the rewards. The initial challenge of onboarding 4,500 new CoStars in six weeks went off without a hitch, thanks to direct integration with TCoLV's HR system. Now, AIMS provisions and grants system access based on job position, and the entire solution is managed by a single IT security resource. And when CoStars leave TCoLV, AIMS automatically disables access to the systems, ensuring TCoLV's assets and information remain protected. Singleton was able to subsequently keep TCoLV's overall headcount and resource requirements in check, which translated to lower costs.

Ultimately, AIMS has provided a reduction in support calls of over 30 percent. Now, CoStars can use the self-service feature to reset or unlock their passwords, as opposed to calling on technicians to help.

"Avatier has eliminated many of the day-to-day tasks that were important but time consuming, leaving us with more hours in the day to accomplish other things," said Ms. Singleton. "What company can't use a more streamlined approach to these types of duties?"


Now that AIMS is fully deployed, TCoLV is looking to the future, and interested what other innovations Avatier might create.

"Avatier has exceeded all our expectations," Ms. Singleton said. "We simply couldn't have asked for a better IAM solution."

Tech Tips

Debugging Demystified

Debugging is the process of locating and detecting errors (known as bugs) in a computer software program. If you come across an error in any of the Avatier AIMS modules, follow these three easy steps:

  • Enable debug logging:
    • Access and log on to AIMS Configuration user interface.
    • From the Main Configuration Screen, choose the "Support" option in the center pane.
    • Check the box to "Enable Debug Logging," then click "Save" at the top of the screen.
  • Reproduce the problem to the point of the error.
  • Send us the psnet.log that contains the debug logging:
    • Open a support ticket online by visiting http://www.avatier.com/support/. (This ensures the ticket is routed to the next available support engineer)
    • Forward the psnet.log file located in the inetpub\wwwroot\aims\admin folder to support@avatier.com. (The psnet.log contains the debugging logging output)
    • Please be sure to include the date and time you reproduced the problem, as this assists us with finding the issue in the logs.


IT Roadmap
October 30
San Jose, Calif.
Register Here

Identity Management 2012
November 6
Register Here

SC Congress
November 8
Register Here

Gartner Identity and Access Management Summit
December 3-5
Las Vegas
Register Here