IDEAS bridges the gap between compliance policy and IT infrastructure to enforce access policies in all aspects of identity and access management.
Benefits
With IDEAS, businesses can:
- Define and enforce access policies across the whole enterprise
- Reduce the risk of fraud, conflicts of interest and human error in business processes
- Automate risk remediation processes
- Retain an auditable record of identity transactions
- Reduce the cost of audits and regulatory compliance
- Promote management accountability for user authorizations
- Give users the exact permissions required for their jobs - no more, no less.
Segregation of Duty
Segregation of Duty (SoD) is a powerful approach to managing risk in business processes. By requiring that certain activities be performed by different people, errors and conflicts of interest can be avoided, and transparency is improved.
IDEAS offers advanced native support for modeling SoD conflicts with an innovative activity-based approach, which drastically reduces SoD cost. The same SoD engine can be used to enforce SoD for SAP systems.
Access Risk and Remediation
Access risk is always present when people have access to information. IDEAS provides solutions to analyze and manage access risk.
Where access risk cannot be avoided, IDEAS allows a manager to assign a suitable remediation measure, such as transaction monitoring or attestation. Compliance administrators have a full view of identity risk and remediation status.
Compliant User Provisioning
Compliant user provisioning implements an organization's processes for requesting and approving access requests, while enforcing access policies. IDEAS provides Secure Workflow for Identity Management (SWIM) - a powerful tool for implementing custom web-based workflow quickly and without programming.
Access Certification
Access certification is the periodic review of user permissions, as required by regulations such as Sarbanes-Oxley. IDEAS Access Certifier automatically triggers the review process and drives the workflow to coordinate a certification campaign.
Role Management
Roles are a powerful and proven way to reduce the complexity of managing many user permissions. By creating collections of permissions that reflect a business' real organization and business processes, roles streamline access management and improve transparency.
IDEAS provides sophisticated tools for role management and role mining. IDEAS Role Constructor uses cutting-edge techniques to automatically identify a set of roles that is both intuitive and minimizes the cost of access management.
Enterprise Entitlement Resolution
IDEAS allows enterprise applications to completely delegate access control. IDEAS Enterprise Entitlement Server provides entitlement resolution as as SOA service to applications, breaking down authorization silos and cleanly separating application management and access policy management.
Enterprise Application Connectors
IDEAS provides a rich set of connectors to consolidate and synchronize user entitlements with most common enterprise applications, including SAP and Oracle applications, Active Directory, LDAP and many others. IDEAS may also be integrated with a company's existing identity management infrastructure.
SOA Integration
IDEAS integrates seamlessly with SOA and enterprise service bus architectures. Built-in SPML support and open web-service APIs allow IDEAS interface directly with enterprise services
Production Ready
With IDEAS' Production Ready model, even complex use-cases can be addressed without software development. IDEAS provides ready-made components for workflow, SoD and role frameworks, to give your IAM implementation a quick start.
Lowest Project Risk
Project risk is a significant factor in IAM implementations. IDEAS' robust and proven implementation methodology greatly reduces this risk and facilitates predictable project costing. In full production since 2003, IDEAS is mature technology, with reference customers in Banking, Manufacturing, Energy and Government.