SENSITIVE DATA
Using identity to boost confidentiality
Manage your users centrally and tighten access to your sensitive applications and data, in your data centre and in the cloud.
In recent years, the proliferation of applications in data centres and the cloud and the increase in the number of users (employees, customers, subcontractors) have drastically complicated the management and security of access to information systems. Knowing and controlling who has access to what at all times is a tedious task if you aren’t properly organised and equipped. And the result is a significant increase in the risk of compromised access to systems, applications and data.
In recent years, the proliferation of applications in data centres and the cloud and the increase in the number of users (employees, customers, subcontractors) have drastically complicated the management and security of access to information systems. Knowing and controlling who has access to what at all times is a tedious task if you aren’t properly organised and equipped. And the result is a significant increase in the risk of compromised access to systems, applications and data.
A three-step approach
We offer a comprehensive three-step approach that allows you to regain control over your users’ identities and strengthen the security of their access to your information system:
Identity governance
We discover and analyse access rights across the entire information system (in the data centre and the cloud) so that we can clearly see who has access to what resources.
We link these rights to business roles to facilitate and automate management and we define controls to detect and manage violations and exceptions, such as SoD violations or orphaned accounts.
We organise and facilitate the re-certification of accesses through campaigns that stick to the schedule thanks to automatic reminders and progress updates, and we provide decision support for approvers and escalation in case of problems.
01
Centralised rights management
Once the identities and accesses are managed in full compliance with industry regulations, we automate access provisioning across all identity systems and repositories (Active Directory, LDAP, database) in real time.
Whether you need to hire a new employee, register a new customer, launch a project requiring temporary specific access or carry out a dismissal, we can take care of propagating access changes across systems in a matter of seconds, rather than hours or days.
And if a human error occurs, it is immediately and automatically rectified so that the rules defined upstream are complied with 24/7.
02
Adaptive access strengthening
We manage and provide secure, adaptive and contextual access to accredited users on any platform and in any location, while reducing risk:
- The user experience is significantly improved thanks to a single sign-on to access all applications and resources (we integrate thousands of applications natively or through federation).
- A real-time analysis is performed upon each authentication request to qualify the level of risk (based on the identity used, the context and the criticality of the application). Depending on the level of risk, additional means of authentication may be required (multiple authentication, token, smart card, SMS, mobile application, etc.) to ensure that the user is who he/she claims to be.
- A special security enhancement is performed at high-privilege user level.
03