Attestation & Reconciliation - what is it and why do you need it?

Identity and Access Management (IAM) is a framework of policies and high standard technologies built to ensure organizational users are granted the appropriate access to resources. Many factors come in play to make this process successful. Attestation and reconciliation are on the list of requirements.

Attestation is a familiar term when it comes to approval and/or providing evidence that something is true. In access Identity management, attestation is an ongoing review and confirmation process that helps organizations reduce risk by granting users the right access to systems and applications, evaluating the risk associated with that access and reviewing access deemed as risky or inappropriate.

Attestation is not only a good business practice, but required for all sorts of restrictive and compliance reasons.

By definition, reconciliation is the process of verifying consistency and compatibility. Across different access control systems. Failure of addressing access issues often creates high levels of corporate risk and exposes the organization to compliance risk, especially when duplicate instances of the same record exist, or records with orphan unique identifiers, i.e. employee ID or social security number, exist. Then manual fixes take place to eliminate these data quality issues to avoid risk exposure. The labor involved cost the organization a significant amount of hours and work. Automating this with IAM eliminates IT intervention as all verifications and access validation is done automatically, based on specific elements previous designated. If we look at the life cycle of a user, once a new hire request is placed, a user is created and provided with initial access at hire date. Down the road, if the user is promoted different access is granted. This can be done automatically by adding the user to the right group. IAM handles the access rules and grants once the manager approves the request.

In a large environment where thousands of changes are made to user accounts on a daily basis, it is hard to track down events. Who has access to what and who granted the access? This is not an issue with IAM as it allows mapping business process to identity processes, and provides a unified view of the physical identity by providing the ability to match identity records from multiple databases and identify multiple records across data sources.

IAM fully integrates reconciliation and attestation processes to increase accountability. It runs in real time and achieves accuracy and dramatically reduces the time and cost associated with manual intervention.

Single Sign-On (SSO)- the greatest thing to happen to employees since designated parking spots!

Like many other professionals, I used to have a hard time remembering all the passwords to every system I utilized on a daily basis. Trying to recall the various requirements for each password, for each system, can be a cruel and daunting task. My biggest fear is forgetting said passwords, and as a result, having to spend an hour or more on the phone with the IT help desk, just trying to get them reset. That is an hour that could be spent standing by the water cooler, discussing last night’s Game of Thrones episode, or if my boss is reading this, calling clients.

Read more

Password management woes- “i have to call the helpdesk again?!?!”....

How many times over the course of your career have you forgotten the password that logs you in to your computer? It’s safe to assume that some days start out the same; drinking a cup of coffee in front of the computer screen wondering if an “ !” or a “ $” was put at the end of your password. Usually after a couple of failed attempts, a call to the IT help desk is required to have the password reset. This process can take anywhere from 20 minutes to an hour depending on how busy they are. I’m sure we can all agree that it is a frustrating task.

Read more

Dealing with the password issues which security measures produce

Customer and employee privacy is vital within every organization. However, some could argue that in the financial industry, security is of the up most importance. Because of this, government rules and regulations are put in place to protect personal information and determine who can gain access to accounts.

Read more

Need to reset your password after you have left the office?

What would you do if you got home from a long day at the office and you realize that you have forgotten to send an important presentation to your boss? It is saved on your laptop, and you have it with you, so crisis adverted, right? Wrong! You can’t remember your password and the help desk is closed. What do you do?

Read more

Do Identity and Access Management (IAM) solutions make sense for both large and small businesses?

In many cases, organizations have fairly large IT infrastructures, which can make it difficult to stay in compliance with numerous regulations. Businesses are required to keep a record of who did what and when. Without an Identity and Access Management (IAM) solution, this task can become extremely difficult and time consuming.

Read more