Eurekify - Identity Management Preparation and Gap Analysis

Home

Products

Solutions

Partners

	Read a Customer Story

	Download a Brochure

	5C’s of Role Management

	Request More Information

	Sign Up for Announcements

	Request a Demo

•	Enterprise Role Management

•	Role-based Identity Management

•	Entitlement Compliance Management

•	Privileges Quality Management

•	Identity Management Preparation and Gap Analysis

•	Eurekify Sage Survey

•	Single Platform Solutions

“We have used Eurekify's Sage to build a few roles for thousands of users. It is clearly an easy method to create roles and maintain them”, Peter Zuenti, Consultant.

“Sage Discovery and Audit provides a quick and easy insight of the authorizations within a company’s infrastructure. Sage helps customers realize the benefits of RBAC”, Koos Jennekens, Senior Consultant.

“Sage provides instrumental tools for managing Roles. With Sage, our customers can very simply and quickly add new Roles or modify current ones according to organizational demands”, Franco Rasello, CEO.

“In order to control user permissions as well as being compliant with regulations, the Identity Management solution alone is not enough. The right way to start with a provisioning solution should be optimizing Roles”, Franco Rasello, CEO.

"In my experience, role-based management is critical for achieving the true benefits and ROI of Identity Management implementation.", Marc Sel, Director - Security Solutions, PwC Belgium.

“We have made incredible leaps forward by applying Eurekify technology to speed up the process aimed at pinpointing user profiles and roles”, Rob Bus, Managing Director.

“Sage is the perfect tool for assessing specific needs within a large organization. It is also important for attaining administrative efficiency, reduce employee downtime and to improve security”, Ophir Zilbiger, CEO, Secoz Ltd.

“Role definition applications can significantly reduce the cost of the process (by 40-60% according to a leading systems integrator). To our knowledge, Eurekify and Beta Systems are the only vendors in this space.”, Michael Tieu and Andrey Glukhov.

“From Years of experience in implementing enterprise user administration systems in large environments, we strongly recommend a structured and business-aligned approach to the implementation method...”, Jesper Oestergaard, CEO.

Overview

Many organizations contemplate deployment of Identity Management (IdM) solutions. One of the more promising enterprise software applications, IdM is expected to provide significant benefits in privileges manageability, security, and compliance. However, many organizations have discovered that the project is not easy, and difficult to plan for. Quite a few IdM projects failed, or at least failed to achieve the promised gains.

The Need

Prior to starting an IdM projects, most analysts recommend that customers perform a gap analysis to evaluate the current set of privileges and to detect flawed privileges management practices. Such analysis is needed to:

Determine, demonstrate, and prioritize most important IdM needs
Justify the project and prepare a business and technical case
Evaluate and quantify the complexity of systems to be deployed in IdM
Identify potential roadblocks to IdM deployment and plan around them

Studies of IdM projects clearly show the importance of clear and quantified information in successful business cases and project plans. Since such studies often show that the target systems are ill-prepared for IdM deployment, it is often necessary to

Cleanup and streamline systems in preparation for IdM deployment

Finally, either before or during the deployment of a new provisioning system, analysts recommend to

Prepare an initial role-based privileges model for automated provisioning

Organizations that feel that their IdM deployment can be improved can use a similar approach to understand the main points of failure and to determine where they should invest more.

How it Works

Advanced pattern recognition technology makes it much easier to perform a gap analysis very quickly and at a very modest investment. Same technology also supports quick and effective cleanup and role engineering effort.

Eurekify offers three types of projects for customers that wish to prepare for Identity Management:

Identity Management gap analysis and business case preparation survey
Pre-IdM privileges cleanup project
Pre-IdM role engineering project

IdM Gap Analysis Survey. In a typical 5-day Survey project it is often possible to thoroughly review 1-2 major enterprise systems. During the Survey, privileges are reviewed manually and automatically using Eurekify’s pattern recognition and compliance verification technology. Alternative role engineering methodologies are also tested and compared. General statistics are also collected and reported on. Customers often use the results of such analysis of the current privileges and privileges management practices to build a strong business case for IdM, based on hard and quantified facts. They also use it to identify best deployment paths, avoiding potential roadblocks.

Typical Eurekify Identity Management Gap Analysis Survey

Cleanup. Privileges cleanup is a separate project that starts with an initial assessment, and continues with the generation of a list of potential privileges quality issues. Issues are generated automatically using Eurekify’s pattern recognition technology, and/or using Eurekify’s compliance verification engine, and are then tracked and reported on using Eurekify’s AuditCard technology. Business users and managers may also participate in the cleanup process using Eurekify’s easy-to-use privileges attestation facility.

Role Engineering. Role engineering is the process in which a role-based privileges structure is created to serve for automated provisioning. Eurekify provides the richest set of top-down and bottom-up role engineering and role/rule mining capabilities, making it easy to quickly create a substantive role model which goes beyond the obvious role definitions, and doing so in time for immediate deployment in the newly deployed IdM system.

Key Deliverables

A typical 5-day IdM Gap Analysis Survey provides the following deliverables:

Statistical reporting on the users, groups/profiles, and individual privileges in all and across target systems, and in all levels of granularity
Initial evaluation of privileges quality in all and across target systems, and in all levels of granularity
- Mismatches between target systems and between target systems and the HR system(s).
- Quantification of incorrect and out-of-pattern privileges
- Quantification of incorrect and redundant group/profile definitions
Review of privileges in target systems to assess readiness for IdM deployment
Assessment of alternative role engineering methodologies and their fit to the organization’s culture and current privileges structure

A typical cleanup project results in:

Removal of a large number of bad privileges
Removal of unnecessary and redundant accounts and group definitions
Streamlining and standardization of privileges
Attestation report, legitimizing remaining privileges

A typical pre-IdM role engineering project result in an initial but substantive role model. A modest effort, timed to coincide with the overall IdM deployment schedule, shall result in a model that covers at least 40-50% of the overall privileges, providing for automated provisioning from day one. To capture business substance, it is important to go beyond the obvious 50 roles. In large IdM projects, where it takes long time to deploy the IdM system, it is possible to embark on a more comprehensive effort, reaching the eventual role modeling target of covering 70-80% of all privileges.

No surprises! With Eurekify you are prepared for a successful IdM deployment project.