Role Lifecycle Management
Just don’t do it using spreadsheets.
Identity And Access Solutions can develop a logical access certification model for your organization where managers and designated approvers review who has access to what in order to confirm that each user/entity and role has access only to the resources necessary to perform their job function. In doing so, your organization can prevent users/entities from accumulating unnecessary privileges and decrease their risk profile.
We understand that the risk mitigation benefits of access certification are only as good as how careful the approvers are in examining access rights.
Access certification efforts often suffer from the rubber stamp syndrome – that is when a manager or approver bulk-approves all access rights presented in a review by “selecting all” and clicking “approve.” One common reason for rubber stamps is when approvers get constantly swamped with too many access certification requests. This can be resolved by using an automated access certification tool.
These tools can automate the discovery of new roles (through pattern-based analysis), identify risks and anomalies (by highlighting excessive or unnecessary privileges), enforce centralized policies (such as segregation of duties), and apply access entitlement review workflows, audit, tracking, and reporting. As a result you can stop using that old spreadsheet driven process that isn’t really working as planned.