The First of its kind in the Industry based on “Pay as you go” proposition.
On analyzing the security audit in the organizations today it can be observed that almost 40% of the security concerns are built around “Application Access” and questions like “who has access to what, “who authorized it”,”is the access actually required by the individual and if not how to remove it”. These are some of the biggest pain points today for IT administrations, applications owners, CFOs and internal auditors.
Talking about attestation technology, it was built some time ago to automated the process of access reviews. Unfortunately like most other IT solutions this one also has been too costly and very difficult to implement and manage.
To solve this problem Ilantus now brings in a solution called “Access Review as a Service”. With this service the entire process can be executed literally at the push of a button.
The entire process is organized into three phases: Information, Decision and Action.
In the Information phase, the system enables you to pick information from large number of applications about who has access to what, down to the granular level of entitlements.
In the Decision phase the captured access details are passed on to the concernedManagers/Application owners/ Roles to decide which entitlements to continue and which ones to revoke.
Finally, in the Action phase the accesses not required are automatically disconnected by the system. A final reconciliation is carried out to ensure all the stated actions have been complied with.
The service hence not only enables you to gather access information and gives you a system to decide on the continuation or revocation but actually enables you to “Action” the decision and reconcile. This closes the loop ensuring you have no undesired accesses left in the system.
There are some additional benefits to it. For example, based on the pattern of access available you would be able to put in place a meaningful set of Roles in the organization.
The whole process for three to five thousand employees and ten to twenty applications can be first time implemented in a matter of a few weeks.