Identity Intelligence and Analytics is the process of producing, collecting, cleansing and correlating data about administration, authentication and authorization events and then transforming this data into actionable intelligence with respect to compliance regulations, business security policies and corporate risk management objectives.
Evidian DirX Audit provides auditors and security compliance officers with identity intelligence and advanced analytics for identity and access. DirX Audit complements the core IAM capabilities for administration, authentication and authorization by providing means to analyze and report on IAM operations and deliver the information necessary to support IAM governance and manage risks. With its analytical features, DirX Audit helps enterprises and organizations to ensure sustainable compliance and provide identity intelligence for the identity and access management processes.
Improve the effectiveness of security controls.
Simplifies analysis and reporting with the advantage to drill down into detail.
Stores audit events from different sources in a single database.
Fast and convenient insight into IAM operations and historical data.
Additional audit sources can be integrated.
Support of several databases and server platforms.
In order to support identity intelligence and analytics, DirX Audit provides the following main features:
DirX Audit collects and correlates data about administration, authentication and authorization events from different IAM audit producers and then transforms this data into intuitive and actionable identity intelligence with respect to compliance regulations, business security policies and corporate risk management objectives.
DirX Audit maintains historical data from identity repositories to reveal information about changes to identity and identity-related data over time, allowing for historical review of identities and point-in-time comparisons to demonstrate progressive compliance to governance processes, gain insight into identity and policy status or determine why an access request was permitted.
Employing OLAP (online analytical processing) techniques, DirX Audit generates identity audit KPIs (key performance indicators) that provide statistical information about audit events and historical data for fast, interactive analysis and insight into IAM operations.
To classify users into risk categories from low to high, risk factors for users are regularly calculated and stored according to a customizable configuration. Examples for risk factors are: SoD violations, imported accounts and group memberships and total number of group memberships. These values and their weighted totals are displayed in DirX Audit Manager’s History view as well as in appropriate charts and reports. Compliance managers or managers can then focus on them and try to reduce the number of high risk users.
DirX Audit provides a Web-based user interface with specific views that facilitates the correlation, analysis and reporting of audit and historical data by auditors, administrators, and security compliance officers.
The Dashboard view provides a personalized collection of KPI charts. Using the Dashboard, auditors can perform analyses, especially time-based trend analyses of selected KPI data and then drill down to details about audit events as necessary.
The Event Monitor view provides a convenient interface for filtering and correlating audit events. Using the Event Monitor, auditors are able to find answers to the “what, when, where, who and why” of user access and entitlements.
The History view provides for browsing historical identity data. Auditors can review historical data, do point-in-time comparisons and correlate audit events with historical data. DirX Audit also supports root cause analysis for privilege assignments.
DirX Audit provides pre-configured report templates. Auditors can set up scheduled reports that will be sent via e-mail to selected recipients at regular intervals. Jaspersoft iReport technology can be used to customize reports or to create new reports.
Cost pressure is combining with increased security needs to cause enterprises and other organizations to look for new ways of optimizing their business processes. That is especially true in the observance of compliance regulations such as those stipulated in the Sarbanes Oxley Act regarding the reliability of the financial data published by enterprises. One way of providing efficient support for these efforts is to roll out an Identity and Access Management (IAM) system with identity intelligence and audit support.
The sheer number and types of regulations, however, pose a challenge:
Audit data of IAM activities need to be produced that can be used to demonstrate accountability and report on the results to demonstrate control of business processes on user access and entitlements as required by applicable regulations. On a regular basis or on demand, reports must be produced on current status and history on the information in the IAM repositories – for example, the identity store in an identity management component.
The audit trails and historical data produced by IAM components can help to answer the questions that auditors ask to obtain proof of compliance. Until now, audit logs and historical data from several applications had to be analyzed to answer questions like “Who has accessed financial data in the last month?”, “Who gave the users access rights for this?” and “Who approved these rights?” Different audit formats, different user identities for the same person and parallel timelines in the individual applications make such analyses very difficult and cost-intensive.
Based on historical identity data and recorded events from the identity and access management processes, DirX Audit allows answering the “what, when, where, who and why” questions of user access and entitlements. DirX Audit features historical views and reports on identity data, a graphical dashboard with drill-down into individual events, a monitor for filtering, analyzing, correlating and review of identity-related events and job management for report generation. With its analytical features, DirX Audit helps enterprises and organizations to ensure sustainable compliance and provide identity intelligence for the identity and access management processes.
DirX Audit V6.0 offers improved analytical experience with continuous risk assessments for identities and context-based root cause analysis for access rights.
With V6.0 customers benefit from the following new features:
Ralf Knöringer, head of the DirX product unit at Atos, said: “DirX Audit V6.0 represents a major step forward in our solution for Identity Analytics and Intelligence. By continuously and contextually analyzing the identity and access lifecycle activities, customers are empowered to identify, manage and mitigate risks and to monitor and control their security policies. With DirX Audit, our customers can effectively provide accountability and auditability to help ensure compliance.’’