Governance workflows are a business strategy to ensure and verify appropriate access between business users and their data. Business owners verify access, and inform IT staff of any necessary changes. This verification is an ongoing process, that should be conducted often enough to keep up with the needs of the business. Stealthbits provides several workflows to facilitate this process.
Periodic reviews of user entitlements are integral to any business in order to ensure that the right people have access to the right data, without exposing data unnecessarily. Being able to perform these reviews in a streamlined manner is necessary in order to keep up with the regular growth and change most organizations experience, both in terms of data and personnel. A consistent entitlement review process enables organizations to maintain data security by regularly monitoring and remediating excessive permissions.
With Stealthbits, the right people review the right access, with relevant context to make good decisions, all from a simple to use web browser interface.
A Sensitive Data Review starts with Sensitive Data Discovery. Access to sensitive data that is stored in applications and databases is relatively easy to manage. But once data is exported, analyzed, processed and emailed, it gets much more difficult to control.
Stealthbits enables sensitive data discovery across the enterprise no matter where it’s stored. The data owner can then conduct a thorough review to determine if it is in fact sensitive, and to make a determination of how the data should be handled. Can the data be deleted? Archived? Moved to a more secure location? With Stealthbits, you have full control.
In many cases determining who should have access to resources and data is a simple matter of asking the owner. But what if the data is a shared resource used by multiple users in a department? Should the department head make decisions about who has access? Wouldn’t a group manager be more familiar with the data and be in a better position to make that determination?
The StealthAUDIT Management Platform offers visibility into the necessary data points to provide proven ownership workflows to identify probable owners based on content ownership, common managers, and user activity events, while providing a streamlined approach to confirm ownership, making sure the right people have been put in charge of important access decisions.
In many cases, a thorough Entitlement Review may turn up situations where users need access and have access, but they don’t need full administrative access to resources. A permissions review asks the questions: Does this user have more permission on this resource than they need? Is read-only access sufficient for them to do their job? Does their permission level pose an undue level of risk to the business?
With Stealthbits, permission reviews are comprehensive and efficient to guarantee that users have access to the information and resources that they need to do their job, without excess permissions.
Active Directory group membership is a powerful and efficient means to control access to information and resources, both at the AD Domain level and at the Windows desktop and server levels. Membership in security groups and admin groups allows super user levels of access making group membership an important part of Data Access Governance.
StealthAUDIT automates the discovery and auditing of access provided by group memberships and allows for the identification and remediation of excessive privilege granted by those memberships.
With sensitive data identified and controlled, access rights carefully managed, permission levels and group governance verified, end users need a way to request access to data and resources as the needs of the business change.
Self service access requests via StealthAUDIT offer an automated and fully documented way for users to request access to resources and data that they need. A simple browser interface allows end users to request access from the data or resource owner for a specified level of access for a specified amount of time. Once approved the end user is notified and can begin work immediately.