Gurucul Solutions has created a second generation of Role definition and management methodology using the Access Intelligence component in its Security Risk Intelligence platform to streamline access controls. For years, roles based access control has been touted by analysts as one of the best ways to manage and streamline access to company’s valuable assets. Traditionally, role definition was done manually with extensive use of spreadsheets and significant effort from IT and Business resources. Typically, this effort would span years turning it into a gigantic never ending initiative, eventually resulting in roles that do not reflect user’s current access (user’s access changed during the long time it took to define roles). Sadly enough, most of the times this leads to a failed project and executive management scarred with the word ‘Roles’.
Less than a decade ago, automated role mining products came in the Industry. “We have helped many customers implement roles by using automated role mining products for years, pioneering the Wave Methodology for role definition, which has been adopted as an industry best practice. Though an automated approach to role mining is a paradigm shift from manual spreadsheet based analysis, we continue to see Roles have more access than needed. Most companies have access control issues ranging from access proliferation, limited insight into access usage, minimal understanding of entitlements, usage trends, and behaviors leading to garbage-in-garbage-out situation.” said Saryu Nayyar, CEO of Gurucul Solutions.
Gurucul’s new Intelligent Roles® methodology combines identity, access, and activity. For the first time, the industry has an automated role definition platform that takes a 360-degree identity-centric view of user access, activity, behavior, and usage trends into consideration for Role definition. Gurucul’s Access Intelligence platform combines user behavior and usage trends with access during the role definition process. “This innovative approach provides more context when building role / entitlement relationships, and removing unnecessary access. We find access and activity outliers during the process, which we recommend gets cleaned up. Many of our customers have seen significant value from Intelligent Roles® to protect their intellectual property and regulated information” said Nayyar.
Gurucul is a leading provider of Information Security Risk Intelligence Solutions. Gurucul products improve risk, threat, and compliance postures by applying a unique identity-centric approach of correlating identity, activity, and access information to provide actionable data and prioritized alerts. Gurucul has developed industry’s most advanced patent pending algorithms for behavior risk profiling and trend analysis to detect threats and anomalous behavior. The Gurucul Risk Analytics platform helps organizations efficiently protect intellectual property and regulated information.
Gurucul Risk Analytics Platform Capabilities
- 360 view of user Identity, Access, and Activity Profile Information
- Advanced Identity, Access, and Activity Analytics
- Identity and Access Intelligence
- Intelligent Roles® Based Access
- Privileged & Shared Account Monitoring
- Insider and Advanced Persistent Threat Detection
- Risk Based Access Controls
- Risk Based Compliance
- Activity Self Audit Statements
- Forensic / Investigation Assistance