Category: Audit & Compliance
-
Mainframe applications continue to run significant business processes, and IBM RACF remains the preferred mainframe security system. Creating users and providing them access into mainframe applications (aka User Provisioning) is done either manually, or using an identity management system like SailPoint IdentityIQ. However, certifying access to specific data in mainframe systems is a challenge. Specifically, … Continue reading IdentityForge Integration with SailPoint IdentityIQ
-
As a leader in the Identity and Access Management space, IDMWORKS always tries to stay on top of new advancements in technology as it relates to our areas of expertise. And there’s no denying that Blockchain is one of the most talked about and potentially impactful tech inventions to permeate almost all areas of technology … Continue reading Blockchain & Identity
-
Over the years, I have worked with a lot of different customers architecting, developing, deploying, and maintaining their identity provisioning solutions as part of their identity management programs. As both a consultant and working for enterprises, the challenge and expectation is around what the identity provisioning solution can do and how far its reach is. … Continue reading Automated vs. Manual Identity and Access Provisioning – Breaking Down the Stigma and SOA Task Routing
-
After installing the Sentinel Identity Tracking solution pack, page 13 step 8 of the installation document tells you to “Select the Create PDF button to generate complete, detailed PDF documentation for this Solution Pack”. Page 5 Of this document talks about Solution Pack Controls, and the first sentence in the Description section says “The Global Setup … Continue reading Setting up Global Setup controls for the Identity Tracking Solution Pack on Sentinel 7.4
-
This is a custom solution that will auto-delegate a review once a Certification round is activated using the Core Compliance product. Reviewers do not need to manually login to the Certification portal each time a review cycle is initiated in order to assign a delegate for their review. This solution caters to executive management who … Continue reading Automatic Delegation for Certification using Core Compliance Portal
-
During a PeopleSoft SSO project using OAM, we came across an issue that there was not a lot of information on. When using PeopleSoft at our customer, they need to allow access for a particular group of users directly into PeopleSoft for administration / testing. This is normally fine and would just add the users … Continue reading OAM PeopleSoft SSO Verification Check
-
Many of our clients face the decision between which system change requests should originate from (e.g. ServiceNow, Cherwell, or the IAM tool). When the enterprise has chosen an external system to originate the change requests, one common Use Case is immediate terminations. Organizations need a way to help mitigate the current risk around manual terminations, … Continue reading ServiceNow Can Immediately Terminate Users In RSA L&G (Aveksa)
-
One of the goals of a certification is to provide certifiers with a succinct list of items to be reviewed. Default values, low-risk entitlements, and distribution groups can commonly be removed from a certification. It is also common to have application entitlements reviewed by one user and other entitlements by a separate user. To remove various items from a … Continue reading SailPoint Certification Exclusion Rules
-
Recently while building a test instance of OIM 10g (to be used to test out an OIM 11g upgrade process for a customer) I was reading the documentation and going through the steps to upgrade from OIM 9.1.0.1 to 9.1.0.2 and I found something I hadn’t noticed before that may come in handy for the … Continue reading OIM Post Install: Audit & Compliance Module
-
I’ve seen it time and time again from the number of organizations that we’ve worked with in the past – security auditing is treated with low priority – specifically firewalls between intermediary components and devices and in some extreme cases data encryption between those same devices. So it goes without saying that any component accessing … Continue reading Auditing SiteMinder Policy server connections to LDAP backend stores (policy+user)