RSA Archer and RSA IMG - Zift Solutions
RSA ARCHER AND RSA IDENTITY MANAGEMENT AND GOVERNANCE
IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE INTRODUCTION Changing regulatory requirements, increased attack surfaces and a need to more efficiently deliver access to the business are putting pressure on many organizations, to reduce their overall risk exposure. The foundation of any risk management program is the ability to monitor, identify, assess and treat risks consistently across the organization.
AT-A-GLANCE Automate testing of Identity Controls for Regulatory and Corporate Compliance Improve effectiveness of investigations with business and identity context Automate access rights monitoring and compliance reporting of application entitlements to reduce the risk of inappropriate access Drive access decisions based on Application Risk
The systems and processes utilized by the Identity and Access Management (IAM) team can reduce risks associated with regulatory / corporate compliance and security incidents. From a compliance perspective, IAM systems and processes can attest to access controls, restrict access to authorized users and manage access based on business roles. Additionally, these systems can help security analysts answer questions around appropriateness of user access during the investigation process with identity context and intelligence.
CHALLENGES Many organizations have a team responsible for Governance, Risk & Compliance (GRC), and another team that manages their Identity and Access Management (IAM) program. However, these teams often work in silos with limited communication or sharing of intelligence across and between the domains. Forward-thinking organizations recognize that today’s risk and compliance landscape demands that these silos be connected. Bridging the gap between GRC and IAM teams can deliver considerable value by reducing risk, more efficiently meeting compliance and audit needs, and improving security posture. With integrated GRC and IAM solutions, an organization can prioritize business decisions and align risk objectives by using business and identity context. By integrating industry leading-solutions such as RSA Archer and RSA Identity Management and Governance (IMG – formerly known as Aveksa), an organization can harness and exploit risk with identity and business context.
RSA ARCHER AND RSA IMG: DELIVERING MORE VALUE TOGETHER By integrating RSA Archer and RSA IMG, an organization can effectively bridge the gap between the GRC and IAM teams. Visibility with enhanced analysis and improved metrics enables the business to move quickly and predictably, without compromising risk. Leveraging risk intelligence from the GRC solution, the IAM team can design access request and approval workflows, and access review frequency to be aligned with the risk level of applications. And conversely, the identity intelligence available through the IMG solution can be Solution Brief
leveraged by the GRC team to automate attestation of regulatory and corporate policies and to drive more effective security investigations with identity context. MONITOR IDENTITY CONTROLS TO MINIMIZE COMPLIANCE RISK The effort required for monitoring, reporting, and testing against regulatory and corporate compliance can become a barrier to effective compliance. Organizations that maintain a siloed compliance approach, using disconnected tools and manual processes, will be at a competitive disadvantage. These organizations will likely see reductions in productivity and market effectiveness, as well as increased risk of regulatory or audit findings. As a result, organizations recognize that they must proactively create efficiencies in their compliance programs. Focusing on prioritizing, making risk actionable, and automating/sharing compliance processes and data will lead a company to achieve the competitive advantage that’s possible. RSA Archer is the preferred solution of choice when managing regulatory and corporate compliance. RSA Archer drives efficiencies across the organization with prebuilt, out-of-the-box regulatory content, which provides an intuitive mapping to help to test once and use the results across many requirements. In the case of identity controls, RSA Archer control procedures can be mapped to reports and processes in the RSA IMG solution. The results of access reviews, reports on business and technical roles, enforced access policies, Segregation of Duties results, and orphaned account reviews can serve as attestation of the control objectives.
IMPROVE EFFECTIVENESS OF SECURITY INVESTIGATIONS WITH CONTEXT Visibility, analysis and action are the three pillars that enable effective detection, investigation and response to security incidents. RSA Archer Security Operations Management (SecOps) provides the framework and alignment for customers building out their security incident response teams. SecOps provides a workflow-driven incident response process with business context so security analysts can prioritize incidents. For example, when an event happens, a security analyst can prioritize investigation of an event that
Solution Brief
is occurring on a business-critical asset. This prioritization is accomplished through business context. Identity intelligence is another aspect of context that can drastically improve the effectiveness of security investigations. In this case, a security analyst can use identity context to see if the access is appropriate for that specific incident and application. The combination of RSA Archer SecOps and RSA IMG solution enables that next level of context with Identity intelligence. Through this integration, a security analyst will have the ability to investigate appropriate and inappropriate access for business critical applications.
Visibility and Governance of RSA Archer Entitlements with Identity Management and Governance RSA Archer accounts, groups, roles, and entitlements can be fully managed within the RSA IMG solution. This allows users’ access to Archer to be included in an organization’s identity governance processes, including access request and approval, reviews, and enforcement of access policies. This ensures that business users have efficient and appropriate access to Archer.
Managing Identity Lifecycle and Access Decisions Based on Application Risk RSA Archer is a solution that can help organizations catalog applications and determine the risk and criticality of those applications. This is a foundational process to manage the overall risk and compliance of those applications with respect to regulatory and corporate compliance. Application risk information from Archer can drive the access governance processes in the RSA IMG solution. With the integration of Archer and IMG, business owners can adjust the frequency and focus of IAM business processes based on an application's risk rating, and a gain a clear understanding of the risk context. For example, in the case of high risk applications, requests for new access could be easily configured to require a multi-step approval process that includes the supervisor, application owner, and risk team. Requests for access to low-risk
Solution Brief
applications may only require supervisor approval. This is a great example of how integrating risk information can balance the efficiency that the business demands, with the compliance and risk requirements that the organization needs. Another example is the frequency of access reviews – a business process where managers review “who has access to what”, validating that it’s appropriate for each user’s role and job function. With this integration, the organization can prioritize their efforts and review high-risk applications frequently, while placing low-risk applications on a slower review cadence.
CONCLUSION Organizations have made tremendous progress improving the maturity and efficiency of both their GRC and IAM programs. As a result, they’ve reduced their risk, improved compliance with regulatory guidelines, and obtained significant business value. And yet, there’s untapped potential for even more value by breaking down the barriers and connecting GRC and IAM systems and processes. Integration between RSA Archer and RSA Identity Management and Governance solutions can help organizations develop a common, consistent, and highly effective risk and compliance model across the enterprise.
Solution Brief
IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE INTRODUCTION Changing regulatory requirements, increased attack surfaces and a need to more efficiently deliver access to the business are putting pressure on many organizations, to reduce their overall risk exposure. The foundation of any risk management program is the ability to monitor, identify, assess and treat risks consistently across the organization.
AT-A-GLANCE Automate testing of Identity Controls for Regulatory and Corporate Compliance Improve effectiveness of investigations with business and identity context Automate access rights monitoring and compliance reporting of application entitlements to reduce the risk of inappropriate access Drive access decisions based on Application Risk
The systems and processes utilized by the Identity and Access Management (IAM) team can reduce risks associated with regulatory / corporate compliance and security incidents. From a compliance perspective, IAM systems and processes can attest to access controls, restrict access to authorized users and manage access based on business roles. Additionally, these systems can help security analysts answer questions around appropriateness of user access during the investigation process with identity context and intelligence.
CHALLENGES Many organizations have a team responsible for Governance, Risk & Compliance (GRC), and another team that manages their Identity and Access Management (IAM) program. However, these teams often work in silos with limited communication or sharing of intelligence across and between the domains. Forward-thinking organizations recognize that today’s risk and compliance landscape demands that these silos be connected. Bridging the gap between GRC and IAM teams can deliver considerable value by reducing risk, more efficiently meeting compliance and audit needs, and improving security posture. With integrated GRC and IAM solutions, an organization can prioritize business decisions and align risk objectives by using business and identity context. By integrating industry leading-solutions such as RSA Archer and RSA Identity Management and Governance (IMG – formerly known as Aveksa), an organization can harness and exploit risk with identity and business context.
RSA ARCHER AND RSA IMG: DELIVERING MORE VALUE TOGETHER By integrating RSA Archer and RSA IMG, an organization can effectively bridge the gap between the GRC and IAM teams. Visibility with enhanced analysis and improved metrics enables the business to move quickly and predictably, without compromising risk. Leveraging risk intelligence from the GRC solution, the IAM team can design access request and approval workflows, and access review frequency to be aligned with the risk level of applications. And conversely, the identity intelligence available through the IMG solution can be Solution Brief
leveraged by the GRC team to automate attestation of regulatory and corporate policies and to drive more effective security investigations with identity context. MONITOR IDENTITY CONTROLS TO MINIMIZE COMPLIANCE RISK The effort required for monitoring, reporting, and testing against regulatory and corporate compliance can become a barrier to effective compliance. Organizations that maintain a siloed compliance approach, using disconnected tools and manual processes, will be at a competitive disadvantage. These organizations will likely see reductions in productivity and market effectiveness, as well as increased risk of regulatory or audit findings. As a result, organizations recognize that they must proactively create efficiencies in their compliance programs. Focusing on prioritizing, making risk actionable, and automating/sharing compliance processes and data will lead a company to achieve the competitive advantage that’s possible. RSA Archer is the preferred solution of choice when managing regulatory and corporate compliance. RSA Archer drives efficiencies across the organization with prebuilt, out-of-the-box regulatory content, which provides an intuitive mapping to help to test once and use the results across many requirements. In the case of identity controls, RSA Archer control procedures can be mapped to reports and processes in the RSA IMG solution. The results of access reviews, reports on business and technical roles, enforced access policies, Segregation of Duties results, and orphaned account reviews can serve as attestation of the control objectives.
IMPROVE EFFECTIVENESS OF SECURITY INVESTIGATIONS WITH CONTEXT Visibility, analysis and action are the three pillars that enable effective detection, investigation and response to security incidents. RSA Archer Security Operations Management (SecOps) provides the framework and alignment for customers building out their security incident response teams. SecOps provides a workflow-driven incident response process with business context so security analysts can prioritize incidents. For example, when an event happens, a security analyst can prioritize investigation of an event that
Solution Brief
is occurring on a business-critical asset. This prioritization is accomplished through business context. Identity intelligence is another aspect of context that can drastically improve the effectiveness of security investigations. In this case, a security analyst can use identity context to see if the access is appropriate for that specific incident and application. The combination of RSA Archer SecOps and RSA IMG solution enables that next level of context with Identity intelligence. Through this integration, a security analyst will have the ability to investigate appropriate and inappropriate access for business critical applications.
Visibility and Governance of RSA Archer Entitlements with Identity Management and Governance RSA Archer accounts, groups, roles, and entitlements can be fully managed within the RSA IMG solution. This allows users’ access to Archer to be included in an organization’s identity governance processes, including access request and approval, reviews, and enforcement of access policies. This ensures that business users have efficient and appropriate access to Archer.
Managing Identity Lifecycle and Access Decisions Based on Application Risk RSA Archer is a solution that can help organizations catalog applications and determine the risk and criticality of those applications. This is a foundational process to manage the overall risk and compliance of those applications with respect to regulatory and corporate compliance. Application risk information from Archer can drive the access governance processes in the RSA IMG solution. With the integration of Archer and IMG, business owners can adjust the frequency and focus of IAM business processes based on an application's risk rating, and a gain a clear understanding of the risk context. For example, in the case of high risk applications, requests for new access could be easily configured to require a multi-step approval process that includes the supervisor, application owner, and risk team. Requests for access to low-risk
Solution Brief
applications may only require supervisor approval. This is a great example of how integrating risk information can balance the efficiency that the business demands, with the compliance and risk requirements that the organization needs. Another example is the frequency of access reviews – a business process where managers review “who has access to what”, validating that it’s appropriate for each user’s role and job function. With this integration, the organization can prioritize their efforts and review high-risk applications frequently, while placing low-risk applications on a slower review cadence.
CONCLUSION Organizations have made tremendous progress improving the maturity and efficiency of both their GRC and IAM programs. As a result, they’ve reduced their risk, improved compliance with regulatory guidelines, and obtained significant business value. And yet, there’s untapped potential for even more value by breaking down the barriers and connecting GRC and IAM systems and processes. Integration between RSA Archer and RSA Identity Management and Governance solutions can help organizations develop a common, consistent, and highly effective risk and compliance model across the enterprise.
Solution Brief
