Saviynt ARMS - Automated Role Maintenance Solution
IAM Experts
Overview
Maintaining up-to-date roles in response to changing access needs, ad-hoc requests, and evolving organizational structures is a complex and ongoing process. Roles frequently become outdated, and the access they grant may no longer be relevant. Saviynt’s Detective Roles jobs can reassign access that is no longer needed by the organization. Not maintained, role definitions can inaccurately reflect user roles, leading to erroneous access reviews. This solution automates the removal of unnecessary roles and assigns new ones based on users’ current access. It also supports customers migrating from legacy systems to Saviynt, facilitating role bootstrapping by accurately assigning roles based on available entitlements
In essence, this Solution addresses the following situations required to align roles for efficient governance controls.
a) An application onboarded into Saviynt with pre-existing access: Their entitlements will be visible in Saviynt, but the role made up by those entitlements will not be automatically assigned to the users.
b) Updating Roles Definition: You areusing Saviynt for governance controls such as access review, however application access provisioning is not configured yet for those applications. Someone or something else takes care of the provisioning. In such a case, the roles are not maintained in Saviynt. Entitlements assigned to users are maintained, however roles are not deduced automatically leaving users without the roles and users with role assignment they should not have. This functionality helps to improving Role Certification for non-managed applications.
c) Align Roles as per User’s Access: An end-user who is granted the entitlements of a role through an unauthorized backdoor or unauthorized process, is an access violation. Such violation will remain undetected.
In essence, this Solution addresses the following situations required to align roles for efficient governance controls.
a) An application onboarded into Saviynt with pre-existing access: Their entitlements will be visible in Saviynt, but the role made up by those entitlements will not be automatically assigned to the users.
b) Updating Roles Definition: You areusing Saviynt for governance controls such as access review, however application access provisioning is not configured yet for those applications. Someone or something else takes care of the provisioning. In such a case, the roles are not maintained in Saviynt. Entitlements assigned to users are maintained, however roles are not deduced automatically leaving users without the roles and users with role assignment they should not have. This functionality helps to improving Role Certification for non-managed applications.
c) Align Roles as per User’s Access: An end-user who is granted the entitlements of a role through an unauthorized backdoor or unauthorized process, is an access violation. Such violation will remain undetected.
Features
- Automated Role governance
- Backdoor unauthorized access detection
- Reduction of manual effort in regards to role management
- No additional license cost required
Benefits
IAM EXPERTS - ARMS is completely transparent to the end users. It runs automatically at defined frequency on Saviynt Connect.
Support
Please contact the Provider for Support related information.
Provider Information
IAM Experts is a leading consultancy firm offering professional services in the Identity and Access Management domain (IGA, PAM, AM, and CIAM) to organizations worldwide. With over 16 years of industry recognition, IAM Experts has established itself as one of the industry’s major players, dedicated to delivering expertise and quality in every project.
Pricing
Details
Published by
IAM Experts
Resources
Additional Information ↗
Solution Type
Product Accelerators
Category
Implement
Operate
Pricing
Contact Us