Monthly Archives

November 2015

Payable and Receivable – User has access to both

By | IAM | No Comments
The general premise of Separation of Duties is to prevent one person from having both access to assets and responsibility for maintaining the accountability of those assets. The failure to segregate the duties of Account Payable and Account Receivable is a critical mistake for any business. The basic idea underlying SOD is that no employee or group of employees should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties.
In general Accounts payable function and Account receivable function should be separated among employees. Purchase officer may have the authority to bind the company to purchase orders. Purchase officer’s Manager should be required to approve purchase order over that amount. After the product is received, the accounts payable officer matches the purchase order and invoice before payment is made.
For example if one person having access to both Account Payable and Account Receivable, the person can perpetrate and conceal their fraud for longer periods of time. The person can take advantage of his position as a trusted employee and can defraud his employer. This fraud would have been much harder to commit if her duties were properly segregated to others within the organization.
Separation of duties is a security method to manage conflict of Access, the appearance of conflict of Access, and fraud. Separation of duties restricts the amount of power held by any one individual. It puts a barrier in place to prevent fraud that may be perpetrated by one individual. Segregation of duties is critical to effective internal control; it reduces the risk of both erroneous and inappropriate actions.

Top 500 Companies and Corporate Awards 2014 by D&B

By | recent announcement | No Comments
Dun & Bradstreet India, the leading provider of business information & insights successfully hosted the event Top 500 Companies and Corporate Awards 2014 on 28th May. ILANTUS was proud to be associated with D&B as the technology partner.
Binod Singh – CEO ILANTUS was one of the panel speakers at the event where he spoke about the significance of Identity and Access Management. He received a very encouraging response from the audience. Binod also presented awards to the winners of the Top 500 Companies in different categories.

Who has access to what?

By | IAM | No Comments

Enterprises across the world are trying to remain focused on their core business, the challenge “who has access to what application and data resource within an organization” is arguably one of the most complex issues facing business today. As most of the application become cloud based SaaS, security and compliance challenges grows in the organization, more employees, contractors, outsource providers requires access to more complex and critical applications and data resources, the need for efficient access also grows.

Any mistake in who has access to what application, could lead to strict penalties and loss of reputation. All types of organizations needs much greater visibility into who can access their key resources and how. The goal of identifying “who has access to what” give you the view and control that is reliable and relatively easy to manage.

When you have information such as who has accounts on what systems, when those accounts were last used, what the accounts have permissions, and who has responsibility for approving the access provided, you will have a platform from which to spot vulnerable accounts(orphan accountsstale accounts) & excessive access and to determine what to do to resolve these issues.

There should be some mechanism that allows business managerssupervisors to periodically verify employee rights across heterogeneous systems. This process should ensure that only appropriate individuals have access to the sensitive information. This process will improve improved regulatory compliance and reduces information security risk.

Three Ways to filter IAM vendor and service providers

By | IAM | No Comments
While the Identity market is still defining itself, in terms of products, services and vendors, IDaaS (Identity and Access Management-as-a-service) has already become the next exciting thing in this market. Exercising due diligence in the selection of vendor and technology becomes fairly significant factor in such situations.
3 simple tips for evaluating service providers and product vendors:
Buyer specific vendor and technology selection –
Technologies and vendor with lower marks often suite you more; it depends on what you are looking for?
For example – Looking for a commodity solution like SSO (Single Sign-On) and deeper functionality of governance and administration requires two completely different type of vendors.
Better deliverability of core functionality –
Vendors may show up their shining armor in their hyped up functionality on BYOD, Mobility, Big Data etc.; Question is can they support functionalities of administration and governance that is beyond skin deep?
For example – Provisioning to active directory and cloud applications may not be sufficient when you need approval for workflows and enterprise application connectors for your needs.
IDaaS leveraging Managed Services –
Organization have often failed in deploying and sustaining Identity Management not because of the product but their inability to deploy and manage. IDaaS does not necessarily take that away! So watch out for failing a second time as you select a vendor/ technology since some of the ground rules for success and failure remain the same.

Inviting Partners to Accelerate their Growth

By | IAM | No Comments

ILANTUS is a pioneering force in the identity and Access Management domain. For more than 15 years ILANTUS has been passionately providing unprecedented service to its customers addressing their pain points in record time and at reasonable cost. ILANTUS products have won acclaim from customers across the globe winning all possible recognition, including being in the magic quadrant. According to analysts ILANTUS customers give it high marks for implementation and rapid deployment. With more that 4 patents filed ILANTUS products are unique in the market place.

 

ILANTUS believes the best way to ensure “atleast one of its products are at all customer locations” partnering in the way. While ILANTUS can focus in its core competency to build, deliver and support best products in the world plus us partners will build market penetration through their existing relationship with customers. ILANTUS objective for their partners is to ensure they are able to improve their sales and profit by investing minimum time and effort.

ILANTUS invites companies delivering managed security solutions, cloud and other value added services in any applications vertical to partner with it to immensely increase their value addition capacity for their existing and new customers.