Following on from recent claims that access management needs to be separated from identity and that changes are needed to make business more productive, a new company entered the UK this week to shake up the access rights management space.
With a message that elevated privilege management can be easily achieved with the right tools, Protected Networks have come from Berlin with a strong footing in the German and Swiss markets following its founding in 2009.
CEO Stephan Brack said that the company was conceived in 2007 when he said that the state of IT security interested him.
He said: “With access rights then, it set groups and then found more groups within that and sorting that out could take days. Our customers said that they wanted full transparency and documentation. Every company has unstructured data and it should be accessible to those who need it, we want to generate awareness of taking care of assets.”
Stephen Bennett, head of channel in the UK for Protected Networks, said that he had seen instances where there is no overview of the organisation, so there is a discrepancy on who has access to what folders and what privileges they have.
This research led Protected Networks to launch the tool ‘8 Man', in order to categorise and retrieve information on users. Brack said that such discovery tools should be interactive and simple and easy to understand. The name, Brack explained, is ‘the man who helps you', or the 12th man in football terms.
This is a platform for transparent enterprise-level privilege management and when assigning privileges, it takes into account existing workflows within the organisation. According to Protected Networks, the clear presentation of privileges is its USP, as this makes it easy for administrators to detect and fix configuration errors or to correct inappropriately assigned privileges.
Bennett said: “It will run a first scan of the directory and give you an overview of the situation and drill down on the data. You want to know which users are addressed and allow you regulate access rights management to allow and take off users. It creates easy to read lists and makes an analysis of people and notes down who made changes, at what time and when. It can also set a date for when access rights can be terminated for a contractor.”
Brack said that support is planned for SharePoint and Exchange in the future. Another issue for the company to address is in access control for those who are able to get into the network. “People come in through a firewall but once you are in you are in and no one is taking care of those people,” he said.
“It is not going to stop access if you want to be malicious but it creates awareness of the problem and drives accountability. Companies now have more roles than employees, this will create a template to define people and adapt it as a bottom-up scale for identity management.”
Brack finished by saying that the company is looking for channel partners and to set up its support office in the UK. While this sort of problem is not really common, it is easy to understand how it could be a challenge and such technology could be welcomed with open arms.