Identity and Access Management (IAM)

Enterprises applications are an indispensable business productivity tool nowadays. Employees of large enterprises use two to ten or sometimes even more business applications with different passwords and access levels. Growing number of IT systems poses a challenge with user identity management. This challenge inevitably affects informational security of the enterprise and creates a series of issues and risks in multiple areas:

• Business risks:
  • Low employee performance due to delays in access granting by IT departments
• Security risks:
  • Risk of employee credential leaks
  • Risk of classified data leaks in electronic documents
  • Risk of abuse by IT system administrators
  • Difficulties with getting actual and historical reports on employee access rights (audit)
• Risks for financial services:
  • Excessive operational costs related to IT infrastructure management
  • Excessive unused license support costs
• IT risks:
  • Inefficient access management due to too many employees being involved Need to perform routine operations related to access management

Today, Asteros Consulting helps its customers achieve the following identity and access management objectives:

• Enterprise access control process consulting and reengineering (including design of process policy, document forms, and employee access approval guidelines and principles)
• Employee access right management centralization and standardization
• Access rights audits and removal of unnecessary rights
• Enabling roles—access rights templates used according to employee responsibilities
• Automated HR event processing with employee access rights modification
• Minimizing number of ServiceDesk tickets related to password resets
• Implementing single sign-on for application systems
• Managing employee access rights to electronic documents (Office file formats, scanned documents, etc.)

Asteros Consulting offers solutions based on access management platforms developed by world-leading IAM vendors including Oracle, IBM, Microsoft and Quest:

• IDM (Identity Management) for credentials management
• RM (Role Management) for role-based employee access management
• ESSO (Enterprise Single Sign-On) for employee single sign-on
• webSSO (Web Single Sign-On) for client single sign-on to services
• AM (Access Management) for application access management
• IRM (Information Rights Management) for file content access management