Evidian DirX Audit
Evidian DirX Audit provides auditors, security compliance officers, and administrators with analytical insight and transparency for identity and access management. Based on historical identity data and recorded events from the identity and access management processes, DirX Audit allows answering the “what, when, where, who and why” questions of user access and entitlements within the business context. DirX Audit features historical views and reports on identity data, a graphical dashboard, a monitor for identity-related events and job management for report generation. Business Reports are based on template and can be extensively customized. With its analytical features, DirX Audit helps enterprises and organizations to ensure sustainable compliance and provide business intelligence for the identity and access management processes.
Evidian DirX Audit Benefits
Improve the effectiveness of security controls.
Customizable User Interface
Simplifies analysis and reporting with the advantage to drill down into detail.
Stores audit events from different sources in a single database.
Fast and convenient insight into IAM operations and historical data.
Additional audit sources can be integrated.
Support of several databases and server platforms.
How does Evidian DirX Audit work?
In order to support identity analytics, DirX Audit provides the following main features:
DirX Audit collects and correlates data about administration, authentication and authorization events from different IAM audit producers and then transforms this data into intuitive and actionable identity intelligence with respect to compliance regulations, business security policies and corporate risk management objectives.
DirX Audit maintains historical data from identity repositories to reveal information about changes to identity and identity-related data over time, allowing for historical review of identities and point-in-time comparisons to demonstrate progressive compliance to governance processes, gain insight into identity and policy status or determine why an access request was permitted.
Key Performance Indicators
Employing OLAP (online analytical processing) techniques, DirX Audit generates identity audit KPIs (key performance indicators) that provide statistical information about audit events and historical data for fast, interactive analysis and insight into IAM operations.
To classify users into risk categories from low to high, risk factors for users are regularly calculated and stored according to a customizable configuration. Examples for risk factors are: SoD violations, imported accounts and group memberships and total number of group memberships. These values and their weighted totals are displayed in DirX Audit Manager's History view as well as in appropriate charts and reports. Compliance managers or managers can then focus on them and try to reduce the number of high risk users.
Analytics and Identity Intelligence
DirX Audit provides a Web-based user interface with specific views that facilitates the correlation, analysis and reporting of audit and historical data by auditors, administrators, and security compliance officers.
The Dashboard view provides a personalized collection of KPI charts. Using the Dashboard, auditors can perform analyses, especially time-based trend analyses of selected KPI data and then drill down to details about audit events as necessary.
Event Monitor View
The Event Monitor view provides a convenient interface for filtering and correlating audit events. Using the Event Monitor, auditors are able to find answers to the "what, when, where, who and why" of user access and entitlements.
The History view provides for browsing historical identity data. Auditors can review historical data, do point-in-time comparisons and correlate audit events with historical data. DirX Audit also supports root cause analysis for privilege assignments.
DirX Audit provides pre-configured report templates. Auditors can set up scheduled reports that will be sent via e-mail to selected recipients at regular intervals. Jaspersoft iReport technology can be used to customize reports or to create new reports.
The challenge of an Identity Intelligence and Analytics solution
Cost pressure is combining with increased security needs to cause enterprises and other organizations to look for new ways of optimizing their business processes. That is especially true in the observance of compliance regulations such as those stipulated in the Sarbanes Oxley Act regarding the reliability of the financial data published by enterprises. One way of providing efficient support for these efforts is to roll out an Identity and Access Management (IAM) system with identity intelligence and audit support.
The sheer number and types of regulations, however, pose a challenge:
- Many different regulations exist today, and new ones are mandated all the time, requiring continuous revision of IAM controls.
- The policy for what is audited depends on the particular regulation, the enterprise business model in force, and the application creating the audit trail, making it difficult to establish consistent, end-to-end audit policies.
- Different regulations require different methods of analysis and reporting.
Audit data of IAM activities need to be produced that can be used to demonstrate accountability and report on the results to demonstrate control of business processes on user access and entitlements as required by applicable regulations. On a regular basis or on demand, reports must be produced on current status and history on the information in the IAM repositories - for example, the identity store in an identity management component.
The audit trails and historical data produced by IAM components can help to answer the questions that auditors ask to obtain proof of compliance. Until now, audit logs and historical data from several applications had to be analyzed to answer questions like “Who has accessed financial data in the last month?”, “Who gave the users access rights for this?” and “Who approved these rights?” Different audit formats, different user identities for the same person and parallel timelines in the individual applications make such analyses very difficult and cost-intensive.
Based on historical identity data and recorded events from the identity and access management processes, DirX Audit allows answering the “what, when, where, who and why” questions of user access and entitlements. DirX Audit features historical views and reports on identity data, a graphical dashboard with drill-down into individual events, a monitor for filtering, analyzing, correlating and review of identity-related events and job management for report generation. With its analytical features, DirX Audit helps enterprises and organizations to ensure sustainable compliance and provide identity intelligence for the identity and access management processes.
Evidian DirX Audit V7.1 is now available.
DirX Audit V7.1 offers improved analytical experience with continuous risk assessments for identities and context-based root cause analysis for access rights.
With V7.1 customers benefit from the following new features:
- Risk classification and analysis for identities
- Based on multiple risk factors aggregated to an overall compound risk level
- Dashboard charts for compound risk and simple risk factors
- Reports on identities based on risk level and risk factors
- Integration with customer data to extend reports and dashboard charts
- Additional options (dimensions) for KPIs on authentication events
- Context-based analysis and correlation of events and historical data
- History view provides answers to the question “Why has user this role?”
- Reports for root cause analysis and correlated events
- Performance improvements for event correlation
- Additional charts
- Imported accounts and group memberships
- Extended purge tool
- Supports relative dates for exporting events