Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

6/22/2011
02:42 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Aveksa Announces Version 5.0 Of Its Access Governance Automation Solution

New product capabilities in Aveksa 5.0 include Data Access Governance for Windows File Shares and SharePoint

Waltham, Mass.— June 20, 2011— Aveksa, Inc., the leading provider of enterprise Access Governance automation solutions, today announced version 5.0 of its industry-leading suite of Access Governance automation solutions. With this new version, customers are now able to realize the full potential of Access Governance through a combination of robust, business-centric Access Compliance integrated with complete Access Lifecycle Management.

“The basis for good IAM involves a very active role by the enterprise (i.e., the business or institution people) — only they can truly say what and how accountability and transparency of access should work for them,” wrote Earl Perkins, research Vice President in the Security and Privacy team at Gartner. “In an era where accountability and transparency are required (and must be formalized), this means a more focused and structured approach for all parties affected, not just IT.”

(Source: “A Process View of Identity and Access Management Is Essential”, Earl Perkins, 26 January 2011, ID:G00210192)

New product capabilities in Aveksa 5.0 include Data Access Governance for Windows File Shares and SharePoint, and VMware certification to enable virtualized data centers and cloud-readiness. In addition, Aveksa announced significant enhancements to the efficiency and scalability of its data storage and processing engine, and added support for application server and Oracle RAC clustering.

With the new enhancements in Aveksa 5.0, organizations can now reliably and efficiently obtain a clear and complete picture of access across the enterprise. This allows the organization to treat the access data warehouse as more than just a data repository – it serves as a centralized, single source of truth – an Access Management Database (XMDB™).

“With its 5.0 release, Aveksa significantly expands the reach of Access Governance to include not just applications, but also unstructured data and Cloud Computing,” said Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity management and information security. “Data Access Governance is particularly critical to IT organizations as it represents a major source of potential security risks, as seen in recent security breaches. As most IT organizations are susceptible to these types of data-related breaches, they should be looking at solutions such as Aveksa 5.0 in order to ensure that access to their structured and unstructured data is secured.”

Aveksa’s 5.0 Platform introduces many innovations for automating Access Governance including:

Data Access Governance

Aveksa’s new Data Access Governance module provides enterprises with the ability to easily implement Access Management and Governance for unstructured data, including Microsoft SharePoint and Windows file shares. With this solution, enterprises can:

Gain visibility of ownership and user entitlements for Windows Servers, file shares and Microsoft SharePoint sites.

Automate data access certification processes for the lines-of-business, including identification of business owners.

Remediate inappropriate access and put in place a consistent methodology for group-based access to file shares and SharePoint.

Enable a closed-loop validation process for change to data access permissions.

Determine whether access policy and control objectives are being met.

Manage data access risk and provide auditable evidence of compliance.

Scalability

Designed to meet the needs of the largest enterprises, this release includes enhanced enterprise-grade performance and scalability, with new support for application server clustering and Oracle RAC. In this release, Aveksa also invested in improved data collection, more efficient data processing and storage, and enhanced system administration. As a result, Aveksa, which is already the most widely-deployed Access Governance solution with over 75,000,000 user entitlements under management, has raised the bar for scalability and performance, while still maintaining a small-footprint option for rapid deployment into smaller environments.

Improved User Effectiveness

Enhanced User Interface that empowers business users to take deeper ownership of Access Governance activities through improved dashboards, “My Tasks” and “My Requests” which allow end users to easily check the status of their Access Governance actions or pending requests.

Enhanced configurability so users can get up and running much faster.

Enhanced Role reviews to enable enterprises to more efficiently manage the full role lifecycle.

Augmented Access Request capabilities that enable precise matching of users with appropriate entitlements, help determine whether or not to display rule violations at the time of user access request, and provide the ability to actually prevent users from requesting access that violates a policy.

XMDB

Aveksa’s XMDBTM (Access Management Database) is a new architectural concept, in which the access repository, due to its expanded scope and scale, now serves as the authoritative source for user access within the enterprise. Much like a Configuration Management Database (CMDB) provides a full picture of configuration information for IT operations, aiding IT with its tasks of managing and controlling IT infrastructure, Aveksa’s XMDBTM empowers business users to properly see user access, manage entitlements, and respond to access lifecycle events and changes. By doing so, Access Governance becomes a critical asset for business efficiency as well a tool for enabling continuous compliance. The Aveksa XMDBTM enables enterprises to:

Provide business managers with a complete view of what their employees have access to, above and beyond those systems required for compliance purposes.

Establish solid business processes around the complete set of user access lifecycle events, such as employees joining, moving and leaving.

Enable more holistic and more effective role initiatives, based on a richer and more complete set of data.

Support other enterprise applications that need a unified source for identity and access information such as user profiles, role definitions, policy definitions and policy violations.

Cloud Computing Ready

Avkesa 5.0 has been certified as “VMware Ready” by VMware, the global leader in virtualization and cloud infrastructure. This achievement is a key milestone in Aveksa’s overall cloud strategy, designed to give organizations confidence that their operations remain secure and compliant, as they deploy, operate, and utilize cloud computing inside and outside of their enterprise. With this certification, customers can now deploy Aveksa’s Access Governance automation software solutions onto VMware’s virtualization and cloud platforms, with complete confidence that they’re using a fully-tested and supported configuration. This is in addition to Aveksa’s ability to collect and manage entitlements for cloud computing infrastructures and applications.

“With the recent rash of publicized security breaches, Access Governance has moved to the forefront of IT security initiatives as enterprises work to ensure that access to mission-critical applications and data is accurate and up-to-date,” said Deepak Taneja, Founder and CTO of Aveksa. “The release of Aveksa 5.0 represents a significant advance in the evolution of Access Governance automation solutions with the introduction of groundbreaking technology such as our new Data Access Governance module and the Aveksa XMDB. These new innovations will enable our customers to manage the business of access both across the enterprise and as they move applications into the cloud.”

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...