In a typical environment, IT compliance is confined to configuration management, the firewall, the antivirus systems, and the vulnerability assessment. However, there is a difference between managing security configurations and vulnerabilities and managing access controls and data entitlements. Incidents can occur when a valid user can have access to the data that the user should not access.
Control Compliance Suite facilitates the monitoring of access rights in the organization. The Control Compliance Suite identifies false entitlements. The Entitlements view in the Control Compliance Suite lets you define the data a user is entitled to access. The Entitlements view also monitors whether the system adheres to the defined access controls.
Before you begin to monitor the entitlements of the control points, it is recommended that you review the basic concepts in entitlements management.
Table: Identifying threats in access control
Task |
Description |
---|---|
Locating the potential control points in the asset system |
Go to Manage > Assets > Asset system. Consider the following to locate the potential control points in the asset system:
See Control points. |
Mark the assets as control points |
Go to Manage > Assets > Asset System > Global Tasks > Mark as Control Point. Consider the following to mark the assets as control points:
|
Create Review Cycle Setting |
Go to Manage > Entitlements > Review Cycle Settings. Consider the following to create a review cycle setting:
|
Configure the control point |
Go to Manage > Entitlements > Control Points. Consider the following to configure the control points:
|
Monitor the control point status throughout the review cycle |
Go to Manage > Entitlements > Control Points Before you begin monitoring the control points in the review cycle, it is recommended that you understand the various control point states. See About the control point status. Perform the following tasks in the given order as an Entitlements Administrator:
The control points are then approved by the data owners or the data owners request changes in the control point entitlements. To know more about the entire approval workflow visit the following link: |
Generate entitlements report |
Go to Reporting > Report Templates You can generate the following types of entitlements reports:
|