In tenfold, you can store business roles, referred to as profiles, which can contain access rights from different systems. If an employee is assigned a profile, tenfold ensures that the necessary user accounts are created automatically (assuming they do not yet exist) and that the relevant access rights are also assigned.
In tenfold, you can assign profiles manually – or, simply link them to the relevant departments, positions or locations, thereby making the necessity for manual assignments obsolete. tenfold automatically recognizes which profiles an employee needs, based on the department he or she works for (among other attributes). Profiles that are no longer needed are also automatically removed (after a transition period, if desired). This finally puts an end to the never-ending and unnecessary accumulation of access rights.
Companies are often reluctant to tackle business roles because they fear that a disproportionate amount of effort will be involved in the process.
The tenfold Profile Assistant makes setting up business roles extra easy. Using statistical methods, tenfold automatically generates profile recommendations, based on the existing access rights of other users within a department or team.
Every work environment is subject to dynamic changes that will inevitably affect your staff’s area(s) of responsibility. Each shift in duties means that any correlated IT access rights are subject to the same changes and dynamics and must therefore be adjusted accordingly. Without the right form of support, IT departments and business units have great trouble keeping up with these changes.
Re-certification is a mechanism tenfold provides which ensures that the relevant persons in charge are able to review and update user accounts and access rights, according to certain risk classifications, on a regular basis.
All settings can be defined according to specific policies:
- Group of persons
- Included systems and access rights
- Intervals for automatic start
- Maximum duration and procedures
All processes involved in re-certification are 100% system-based, including notifications to data owners, the tenfold interface, as well as extensive evaluation functions found in the IT auditor.
The ability to track and retrace data is vital to IT compliance. Most regulations – including the General Data Protection Regulation – demand an increased level of alertness from IT departments when granting access to critical data. Special focus is placed on personal data. The growing number of revealed incidents of data protection violation illustrates how great the potential for damages related to incorrectly assigned IT privileges really is.
Sign up now for our free webinar. Helmut Semmelmayer, Senior Manager Channel Sales at tenfold, will guide you through the software and answer any questions you may have.
To guarantee seamless traceability, it is not enough to monitor the processes for user and access rights data that were conducted in tenfold itself. The tenfold auditor allows you to also view those modifications that bypassed tenfold’s workflows and were, instead, made directly in the target systems.
To do so, tenfold regularly synchronizes itself with all connected systems to recognize differences in workflow data. This function is supported by all plugins and thus allows you to monitor deviations and external changes across all systems.