Businesses in all industries need to manage the exploding universe of identities, devices and data employees require to do their jobs. To help make sense of the trillions of relationships, today Courion releases Access Insight 9.0.
Access Insight identifies the risk associated with any misalignment between users and their access within your organization and drives provisioning and governance controls to manage that risk. Specifically designed to answer the critical questions “Who has access to what resources?” and “Have they been given the right level of access?” Access Insight provides IT security, compliance, business and risk professionals with the data and tools they need to successfully deal with these complex challenges.
How does Access Insight 9.0 Work?
Access Insight provides a comprehensive, continuous view and analysis of the trillions of relationships between identities, access rights, policies, resources and activities across a multitude of enterprise systems and resources. Access Insight:
- Works with Courion’s industry-leading portfolio of IAM solutions, or in conjunction with other IAM solutions to identify potential risks to the business, so you can quickly modify access as needed.
- Is platform agnostic, and integrates with virtually any data source and commonly used IAM and/or security management application (e.g., SIEM, DLP, AD and others).
- Enables you to easily configure policies that align with your organization’s corporate and regulatory policies – alerting you to intentional or unintentional violations.
The Access Analytics Engine
Access Insight 9.0 boasts a new analytics engine based on the technology Courion acquired from Bay 31 in 2015. This engine enables companies to analyze complex data at significant scale with incredible speed. Access Insight pulls large amounts of identity and access data in continuously, and stores this in its proprietary in-memory access analytics engine. The “engine” correlates identity and access relationships to identify and prioritize risks, surfacing all deeply nested relationships that exist between user identities and their fine-grained access within an organization. These analytics identify potential risk in a current or historical perspective in lines of business, governance, operations and applications.
How it Works:
- A business-friendly dashboard offers a variety of graphical displays and interactive interfaces, so that an organization’s access-related risks and risk levels can be easily viewed by line of-business managers and authorized users.
- The access analytics engine continuously gathers and synchronizes an organization’s IAM and IAG information from multiple sources to compile a complete picture of an organization’s identities, access rights, resources and activity.
- Automated data collection increases operational efficiency and reduces operational costs by eliminating labor-intensive IAM processes and drawn out efforts to demonstrate compliance.
- Continuous governance and automated policy management provides the ability to automatically evaluate and act upon risks associated with users’ access and activities in accordance with an organization’s corporate controls and government regulations, enabling you to proactively create and enforce policies.
- Automated notifications alert you to changes and non-adherence to your organization’s corporate and regulatory policies; notify you of any conflicts and enable the swift assessment of risk level so appropriate action can be taken immediately allowing you to continuously maintain compliance.
- Remediation controls automatically identify and remediate improper access, including intentional and malicious changes to user access that could harm your organization, as well as unintended changes to access.
- Access analytics provide the ability to analyze large amounts of identity and access data against policy and company defined models of activity patterns. Changes in normal access activity patterns may be a signal of dishonest or malicious behavior. Quickly identify unused or obsolete access entitlements.
- Drill-down capability allows you to further investigate details for potential threats and resolve risks immediately.