img rsa
TRANSCRIPT
RSA® IDENTITY MANAGEMENT AND GOVERNANCE SOLUTION OVERVIEW
The RSA Identity Management and Governance (IMG) platform helps organizations efficiently meet their security, regulatory and business access needs through a collaborative set of business processes. By automating manual tasks, providing evidence of compliance, reducing access-related business risk, and efficiently delivering business access, enterprises can confidently manage, control and enforce access to applications and data across the enterprise and the cloud.
THE RSA IMG PLATFORM • Provides enterprise-wide visibility into who has access to which information
resources, how they got it, who approved it and whether it is appropriate based on their business relationship with the organization.
• Automates the monitoring, reporting, certification, exception handling and remediation of user entitlements and roles, and provides full management of the role lifecycle.
• Provides an effective, business-relevant process for requesting access, and orchestrates the processes associated with access approval, fulfillment, and change management.
• Demonstrates the auditable evidence of compliance as the authoritative system of record.
• Manages user access to data and application resources in a single, unified system.
• Efficiently provisions user access and executes access changes, based on a rapidly-deployable infrastructure.
• Suggests entitlements for new and existing users based on similar users’ attributes and job roles.
• Hides “off-limits” entitlements for certain sensitive entitlements that users should not be able to request or obtain.
THE RSA IMG PLATFORM IS MADE UP OF THE FOLLOWING COMPONENTS: RSA Access Certification Manager (ACM) ACM simplifies how user access is governed across the enterprise, making it possible to achieve sustainable access compliance by fully automating the monitoring, reporting, certification and remediation of user entitlements. With the RSA solution, information security teams can bring enterprise-wide user entitlements under an automated and unified control framework, providing all necessary evidence of compliance.
ACM provides:
• Secure, Automated Collection – A patent-pending unification process automatically collects, aggregates and correlates user identities with account, group, role and entitlement data.
DATA SHEET
KEY BENEFITS • Safely Delegate Access
Decisions to the Business – Enable the line-of-business to take accountability and responsibility for making access decisions, while ensuring compliance with controls and constraints defined by Information Security.
• Purpose-Built for Access Governance – Designed to meet the technical and business challenges inherent in this arena, RSA IMG provides a combination of enterprise-class performance with a business-user-friendly interface.
• Visibility and Control Across All Application and Data Resources – By collecting identity, account, and entitlement information across both application and data resources, RSA IMG provides organizations with the visibility they need, and a means to enforce control over user access.
• Easily Extensible for Rapid Time-To-Value – RSA IMG is easily deployed and configured to meet each enterprise’s specific requirements.
• Access Certification – An automated, end-to-end solution for access certification enables IT Security to deploy a repeatable, auditable and business-oriented process.
• Configurable Workflow – Visual workflow can be easily configured to accommodate an organization’s unique access governance processes for review, approval, exception handling and remediation.
• Controls Automation – Easy-to-use business rules enable the creation of security and compliance policies associated with users, roles and entitlements. As a result, Segregation of Duties (SoD) rules can be easily defined, tested and enforced.
RSA Business Role Manager (BRM) BRM is a comprehensive, scalable solution for role-based governance, enabling organizations to deploy effective access controls that simplify user administration and compliance while streamlining access delivery.
BRM provides:
• Enterprise-Wide Visibility – Automates the collection and correlation of entitlement and role information from identity management systems and across all information resources.
• Flexible Role Model – Support for business roles, technical roles, and complex role hierarchies and inheritance models, to accommodate each organization’s unique requirements.
• Role Reporting and Analytics – A comprehensive set of metrics and reports provides the decision support to ensure that roles are compact and effective for an organization.
RSA Access Request Manager (ARM) ARM simplifies how access is delivered to the organization by providing an automated, business-friendly interface for requesting user access.
ARM provides:
• Business-Friendly Access Self-Service – Easily request new access or make changes to existing access through a simple, effective user interface.
• Proactive Policy Enforcement – Achieved through a powerful, dynamic rules engine that checks all requests for access against business policies and controls before changes are made, preventing users from requesting inappropriate access.
• End-to-End Access Request and Delivery Process – Manages access change requests through a closed-loop, workflow-driven process, which helps ensure timely and correct changes.
• Advanced Reporting and Analytics – Enables business users to track the progress of access delivery, and provides administrators with key SLA metrics.
RSA Data Access Governance (DAG) DAG provides visibility, monitoring, certification, remediation and reporting of user access permissions to data stored on Microsoft® Windows®, Linux and Unix file servers, network-attached storage devices and Microsoft SharePoint® servers.
DAG provides:
• Unmatched Visibility into Data Resources – Informs IT and the business about who owns enterprise data resources, who has access to what data resources, how they got access, and who approved it.
• Enforcement of Compliance Policies – Easy-to-use business rules enable creation of business and compliance policies for users and groups, which can be easily tested and automatically enforced.
• Extend Existing Security Investments – Leverages existing Microsoft Active Directory groups. Data classifications from DLP systems can determine controls and be used for access risk management processes.
• Owner Identification – User activity monitoring can assist in identifying the owners of the data resources, which is often a very difficult step.
RSA Access Fulfillment Express (AFX) AFX delivers fulfillment of access changes across applications and infrastructure systems, faster and more efficiently than with traditional provisioning systems.
AFX provides:
• Automated execution of user access changes, without manual effort.
• Configuration-based deployment for rapid coverage of all key applications and data resources.
• Rapid time-to-value with a modern, modular architecture.
• Integration with existing provisioning systems, enabling you to leverage them for additional value.
RSA MyAccessLive RSA MyAccessLive is an end-to-end IMG Software-as-a-Service (SaaS) solution, delivering the following capabilities: SSO, access review, policy definition and enforcement, role management, access request, and provisioning. As a cloud-based platform, MyAccessLive is simple to deploy and easy to operate.
MyAccessLive provides:
• An IMG SaaS platform to manage both cloud and on-premise applications
• Single sign-on for thousands of pre-integrated web applications
• Access review for all applications, validating appropriate access based on user roles and responsibilities
• Policy enforcement, such as segregation of duties, shared accounts, etc.
• Ability to define complex workflows for review, approval, exception handling, and remediation
• Automated provisioning for SaaS and on-premise applications
EMC2, EMC, the EMC logo, and RSA are registered trademarks or trademarks of EMC Corporation in the United States and other countries. VMware is a registered trademark or trademark of VMware, Inc., in the United States and other jurisdictions. © Copyright 2014 EMC Corporation. All rights reserved. Published in the USA. 8/14. Solution Overview. H13301 EMC believes the information in this document is accurate as of its publication date. The information is subject to change without notice.
CONTACT US To learn more about how EMC products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorized reseller—or visit us at www.emc.com/rsa.