The purpose of access governance is to reduce the risk of data theft or abuse that arises when employees are assigned incorrect access rights.
The introduction of regulatory measures, such as the General Data Protection Regulation (GDPR), and other country or industry-specific standards and laws, has motivated companies to start dealing with the risks of data abuse (and how best to avoid them) at a more strategic level.
tenfold makes it possible to efficiently set up and implement IT access policies that help to avoid incidents that may lead to data theft. At the same time, these policies help to save the costs that would have been otherwise incurred for the manual implementation of these measures.
You can assign profiles in tenfold manually, but you may also choose to simply link them to specific departments, positions or locations – which makes manual assignments obsolete, as tenfold is able to recognize automatically which profiles an employee needs, based on the department he or she works for (among other attributes). Profiles that are no longer needed are also removed automatically (respective of a transition period, where required). This finally puts an end to the continuous and unnecessary accumulation of access rights.
Companies are often reluctant to tackle business roles because they fear that a disproportionate amount of effort will be involved in the process.
The tenfold Profile Assistant makes setting up business roles extra easy. Using statistical methods, tenfold automatically generates profile recommendations, based on the existing access rights of other users within a department or team.
Every work environment is subject to dynamic changes that will inevitably affect the area(s) of responsibility of your staff. Each shift in duties, in turn, means that any correlated IT access rights are subject to the same changes and dynamics and must therefore be adjusted accordingly. Without the right form of support, IT departments and business units have great trouble keeping up with these changes.
With re-certification, tenfold provides a mechanism that ensures that the relevant persons in charge can regularly review and update user accounts and access rights, according to certain risk classifications.
All settings can be defined according to specific policies:
- Group of persons
- Included systems and access rights
- Intervals for automatic start
- Maximum duration and procedures
All processes involved in re-certification are 100% system-based: from notifications to data owners, to the tenfold interface, down to the extensive evaluation functions of the IT auditor.
The ability to track and retrace data is vital to IT compliance. Most regulations – including the General Data Protection Regulation – demand an increased level of alertness from IT departments when granting access to critical data. Special focus is placed on personal data. The growing number of revealed incidents of data protection violation illustrates how great the potential for damages related to incorrectly assigned IT privileges really is.
Sign up now for our free webinar. Helmut Semmelmayer, Senior Manager Channel Sales at tenfold, will guide you through the software and answer any questions you may have.
To guarantee seamless traceability, it is not enough to monitor the processes for user and access rights data that were conducted in tenfold itself. The tenfold auditor allows you to also view those modifications that bypassed proper tenfold workflows and were, instead, made directly in the target systems.
To do so, tenfold regularly synchronizes itself with all connected systems to recognize differences in workflow data. This function is supported by all plugins and thus allows you to monitor deviations and external changes across all systems.