“The basis for good IAM involves a very active role by the enterprise (i.e., the business or institution people) — only they can truly say what and how accountability and transparency of access should work for them,” wrote Earl Perkins, research Vice President in the Security and Privacy team at Gartner. “In an era where accountability and transparency are required (and must be formalized), this means a more focused and structured approach for all parties affected, not just IT.”
(Source: “A Process View of Identity and Access Management Is Essential”, Earl Perkins, 26 January 2011, ID:G00210192)
New product capabilities in Aveksa 5.0 include Data Access Governance for Windows File Shares and SharePoint, and VMware certification to enable virtualized data centers and cloud-readiness. In addition, Aveksa announced significant enhancements to the efficiency and scalability of its data storage and processing engine, and added support for application server and Oracle RAC clustering.
With the new enhancements in Aveksa 5.0, organizations can now reliably and efficiently obtain a clear and complete picture of access across the enterprise. This allows the organization to treat the access data warehouse as more than just a data repository – it serves as a centralized, single source of truth – an Access Management Database (XMDB™).
“With its 5.0 release, Aveksa significantly expands the reach of Access Governance to include not just applications, but also unstructured data and Cloud Computing,” said Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity management and information security. “Data Access Governance is particularly critical to IT organizations as it represents a major source of potential security risks, as seen in recent security breaches. As most IT organizations are susceptible to these types of data-related breaches, they should be looking at solutions such as Aveksa 5.0 in order to ensure that access to their structured and unstructured data is secured.”
Aveksa’s 5.0 Platform introduces many innovations for automating Access Governance including:
Data Access Governance
Aveksa’s new Data Access Governance module provides enterprises with the ability to easily implement Access Management and Governance for unstructured data, including Microsoft SharePoint and Windows file shares. With this solution, enterprises can:
Gain visibility of ownership and user entitlements for Windows Servers, file shares and Microsoft SharePoint sites.
Automate data access certification processes for the lines-of-business, including identification of business owners.
Remediate inappropriate access and put in place a consistent methodology for group-based access to file shares and SharePoint.
Enable a closed-loop validation process for change to data access permissions.
Determine whether access policy and control objectives are being met.
Manage data access risk and provide auditable evidence of compliance.
Designed to meet the needs of the largest enterprises, this release includes enhanced enterprise-grade performance and scalability, with new support for application server clustering and Oracle RAC. In this release, Aveksa also invested in improved data collection, more efficient data processing and storage, and enhanced system administration. As a result, Aveksa, which is already the most widely-deployed Access Governance solution with over 75,000,000 user entitlements under management, has raised the bar for scalability and performance, while still maintaining a small-footprint option for rapid deployment into smaller environments.
Improved User Effectiveness
Enhanced User Interface that empowers business users to take deeper ownership of Access Governance activities through improved dashboards, “My Tasks” and “My Requests” which allow end users to easily check the status of their Access Governance actions or pending requests.
Enhanced configurability so users can get up and running much faster.
Enhanced Role reviews to enable enterprises to more efficiently manage the full role lifecycle.
Augmented Access Request capabilities that enable precise matching of users with appropriate entitlements, help determine whether or not to display rule violations at the time of user access request, and provide the ability to actually prevent users from requesting access that violates a policy.
Aveksa’s XMDBTM (Access Management Database) is a new architectural concept, in which the access repository, due to its expanded scope and scale, now serves as the authoritative source for user access within the enterprise. Much like a Configuration Management Database (CMDB) provides a full picture of configuration information for IT operations, aiding IT with its tasks of managing and controlling IT infrastructure, Aveksa’s XMDBTM empowers business users to properly see user access, manage entitlements, and respond to access lifecycle events and changes. By doing so, Access Governance becomes a critical asset for business efficiency as well a tool for enabling continuous compliance. The Aveksa XMDBTM enables enterprises to:
Provide business managers with a complete view of what their employees have access to, above and beyond those systems required for compliance purposes.
Establish solid business processes around the complete set of user access lifecycle events, such as employees joining, moving and leaving.
Enable more holistic and more effective role initiatives, based on a richer and more complete set of data.
Support other enterprise applications that need a unified source for identity and access information such as user profiles, role definitions, policy definitions and policy violations.
Cloud Computing Ready
Avkesa 5.0 has been certified as “VMware Ready” by VMware, the global leader in virtualization and cloud infrastructure. This achievement is a key milestone in Aveksa’s overall cloud strategy, designed to give organizations confidence that their operations remain secure and compliant, as they deploy, operate, and utilize cloud computing inside and outside of their enterprise. With this certification, customers can now deploy Aveksa’s Access Governance automation software solutions onto VMware’s virtualization and cloud platforms, with complete confidence that they’re using a fully-tested and supported configuration. This is in addition to Aveksa’s ability to collect and manage entitlements for cloud computing infrastructures and applications.
“With the recent rash of publicized security breaches, Access Governance has moved to the forefront of IT security initiatives as enterprises work to ensure that access to mission-critical applications and data is accurate and up-to-date,” said Deepak Taneja, Founder and CTO of Aveksa. “The release of Aveksa 5.0 represents a significant advance in the evolution of Access Governance automation solutions with the introduction of groundbreaking technology such as our new Data Access Governance module and the Aveksa XMDB. These new innovations will enable our customers to manage the business of access both across the enterprise and as they move applications into the cloud.”