Access Management: Logging and Auditing
Compliance with laws and regulations is critical for every organization. The HelloID Access Management module supports you in this area and removes a significant amount of manual work. With the module's logging and auditing capabilities, you can always easily demonstrate that you comply with laws and regulations.
What are logging and auditing?
In light of regulatory requirements, your organization must meet a range of obligations. This includes maintaining strong digital security, where Identity and Access Management (IAM) plays an essential role. The HelloID Access Management module helps you significantly with this.
HelloID records all actions it performs in log files. You can see not only when each change was implemented, but also why. Thanks to the module's logging and auditing capabilities, you can always show that you are compliant with laws and regulations without spending much time.
It is also helpful that, thanks to the logging and auditing capabilities, certification audit processes can be completed quickly and smoothly. You can demonstrate at any time that your IAM processes are correctly configured and that these processes are secure.
What are the capabilities?
The insight provided by the logging and auditing capabilities is broad. The primary data HelloID records for you includes login attempts to HelloID, the use and enrollment of Multi-Factor Authentication (MFA), and login attempts to connected applications. You can also extract various other data from HelloID, such as the number of times applications have been launched.
.webp)
Reports
The data HelloID collects is available through various reports, each with a different focus. The following reports are available:
MFA Enrollments
Logins: Successful by MFA Method
Logins: Successful by Location
Logins: Successful by Device
Logins: All Attempts
Applications: Launches
There are also reports specifically designed for audits. The focus is on changes made at the user, group, or application level. The following audit reports are available:
Users: Configuration Changes
Groups: Configuration Changes
Applications: Configuration Changes
It is important to note that the above reports only contain information about the changed object and the person who executed the change. The change itself is not stored in these reports. The reports therefore cannot be used to determine which specific data at the user, group, or application level was modified.
Do you need insights that these standard reports do not provide? You can create custom reports.
Other benefits
Logging is not only relevant for demonstrating compliance with laws and regulations and completing audit processes. Log files can also help when users experience login issues. For example, you can track the use of different web browsers and operating systems.
Also consider optimizing your organization's MFA policy. The log files provide detailed insight into the use of available MFA methods, such as authenticator apps and codes sent via SMS or email. This shows which methods users prefer and can help with the gradual phaseout of more expensive MFA methods such as SMS.
Do you use a Security Information and Event Management (SIEM) solution to keep your organization secure? You can integrate HelloID logging directly into your SIEM through an API. This allows you to run queries on your audit data and generate alerts in your SIEM based on that data. This further enhances your organization's digital security.
Get started
Want to take advantage of HelloID Access Management and get started with this module? You can find more information about the capabilities here. Do you have questions or want to discuss the options? Our experts are ready to help. Contact us!