Implementing Identity and Access Governance (IAG)? Where you should pay attention to.

IT departments have to provide well functioning, preferably automated access to functionality and to frequently privacy-sensitive information, for example in shares. Virtually all contemporary tools for the management of rights and roles have been developed by IT-ers for IT-ers, although typically it is department heads (e.g. in hospitals) or managers who decide who should have access to which applications and information.  While a manager might talk in everyday terms such as ‘access through the front door’, IT systems employ their own terminology, perhaps referring to ‘g_front_access’ in a complex management system not known to managers (e.g. AD).  These naming conventions are too cryptic, and the software too complex, for non-IT-ers.

SmartAIM, on the other hand, is specifically designed to meet the needs of the business, while at the same time ensuring that IT requirements are fulfilled: it optimally combines both worlds. Managers can, via the very user-friendly SmartAIM web interface, take responsibility for assigning roles and rights, using a language and principles that they understand.  A manager knows best what his or her staff or team should be capable of. He or shecan not only personally assign authorisations – which frequently can also be assigned automatically by SmartAIM on the basis of department and job function information read out of the HR system – but can also periodically check assigned authorisations making use of attestation functionality.

 SmartAIM’s capabilities for automatically writing authorisations (‘provisioning’) to the AD and other (not AD-connected) applications meet the requirements of IT for high efficiency and resilience to human error. If a new employee starts work, or somebody leaves the organisation, or moves to a new department, SmartAIM continually ensures that the right people have the right access, and this fully automated on the basis of HR system information, and if required, supported by input or approval from their manager.

 SmartAIM is not limited to the management of AD authorisations. Typically, a broader range of applications and systems are connected (for example, Electronic Medical Records, access passes, telephone systems, and so on), including those on non-Windows platforms.

Usually, SmartAIM is gradually introduced, step by step, department by department and role by role, according to our well-defined methodology, which begins with the ’as is’situation, with developments at the pace that suits you best.

SmartAIM continually monitors both the desired situation (the so-called ‘SOLL’ – as specified within the SmartAIM SOLL-database) and the actual situation in the connected applications and systems (the ‘IST’ – a.k.a. ‘as is’), providing functionality to alert you to – and correct if required - SOLL-IST differences; all supported by a wide range of audit reports.

As ‘Proof of Concept’, SmartAIM can typically be installed and configured in just one FTE-week, allowing you to immediately test the solution and generate audit reports (for example, which accounts belonging to ex-employees are still active?). This provides you with immediate insight into potential risks within your organisation, and of course hands-on experience with SmartAIM.

 We look forward to seeing you at our stand, and will be pleased to answer your questions and provide more information.