Transportation manufacturer streamlines compliance with RSA identity and access management
This leading North American manufacturer of heavy-duty vehicles designs builds and markets a wide range of trucks, buses, motor homes and emergency vehicles. The company has over 20 000 employees, and its IT infrastructure supports more than 13 000 users.
The enterprise had relied on a cumbersome manual process for access certification control but was concerned about its cost and accuracy. Ensuring compliance with the Sarbanes-Oxley regulation was difficult: just checking for segregation-of-duties violations could take weeks.
The company wished to reduce the cost of its manual process and automate SOX access certification, including automated monitoring of access to sensitive financial applications. The company also wanted an automated method of checking for segregation-of-duties violations across the enterprise (including SAP and the mainframe) and a solution that would improve audit efficiency as well as lower costs.
Policy and process automation for access oversight
Fortinet protects mid-enterprises with five times next-generation firewall performance
The company has deployed Access Certification Manager to ensure it can properly govern user access to information resources and avoid any unnecessary business risks. Through the RSA IAM solution, the organisation's information security team will now have:
* The ability to understand who has access across all information resources and entitlements, how they got it, and who authorised it.
* An automated approach for review and certification of all employees', contractors' and consultants' access to privileged information by either a supervisor or an application owner.
* Greater accuracy for access review/certification by providing entitlement data to reviewers in business-friendly terms so it can be understood in the context of a user's job responsibilities.
* An automated system that will inform the user provisioning system when user access is to be granted, and when it needs to be taken away.
* Confirmation that privileges have been granted or revoked as directed by the system.
* A system of record that provides a full audit trail for access as well as evidence of compliance.
With the RSA IAM platform in place, the company is assured of effective and automated access governance across the entire organisation.
* Reduce the cost of a manual approach to compliance.
* Automate SOX-mandated access certification requirements.
* Improve the accuracy of access reviews.
* Reduce the risks associated with access.
Access Certification Manager
* Enforces access policies in a consistent fashion across the entire company.
* Automates and streamlines the access review and certification process.
* Provides full audit trail and a system of record for evidence of compliance.
* Remediates entitlement right violations and mitigates access related risk.
To learn more about how EMC products, services, and solutions can help solve your business and IT challenges, contact your local representative or authorised reseller ? or visit www.EMC.com/rsa.