October 01, 2006
M-Tech Information TechnologyProduct:
c£12 per user for 10,000 users
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Focused functionality, easy to deploy
- Weaknesses: Very large organisations may question the per-user cost
- Verdict: An extremely useful tool to ensure that your access rules are being maintained across the enterprise
We now find ourselves in a world of regulatory compliance. It didn't use to be that way, but it is a fact of life we cannot ignore. In a sense, it is good for us who administer and manage IT systems as it forces us to adopt responsible practices, especially around access control.
The snag is that some of our networks and applications have complex and dissimilar rules around the control of access, which makes common approaches to the situation quite difficult, including audits.
This is where ID-Certify comes in. It works by prompting and enforcing regular reviews of access via an automated, easy-to-use, web-based workflow. It works on the premise that individual stakeholders, such as managers, have a good understanding of their immediate area and are therefore able to review and sign off user entitlements for their subordinates.
If we consider the entire hierarchy of an organisation, we can appreciate that this is scalable from the lowest levels right up to the top. We can, however, subdivide stakeholders into managers, who look after people, application owners, who look after access to individual applications, and group owners, who understand group membership and can manage it accordingly.
Much of this information will already exist, of course, via corporate directories, application logs and other repositories, but without a means of drawing together the overall management into a single coherent entity. ID-Certify provides that entity.
It effectively manages access review for all stakeholders via an intuitive workflow, escalating the situation should reviews not be completed on time. If reviews identify that access rights are no longer needed, then ID-Certify can automatically deactivate those accounts.
Furthermore, it provides a comprehensive audit trail of all such reviews and events, ensuring that your organisation can demonstrate compliance where required. For some companies, this could be a godsend in terms of saved time alone. However, as previously indicated, it also serves to instil good and sustainable access control practice in general.
Deployment of the product will be straightforward in most cases, and the interfaces are slick and attractive. Its own authentication rules are flexible and it can help in setting password complexity and other functions as appropriate across the estate.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- The information security implications of M&A deals
- Cyber-security must reflect risk not just regulation
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success