Skip navigation
All Places > Products > RSA Identity Governance & Lifecycle > Blog
1 2 3 Previous Next

RSA Identity Governance & Lifecycle

101 posts

One of our RSA PS rockstars (Ahmed Nofal)  has been working on a fantastic new dashboard, as shown below in the image and quick demo video. This dashboard shows various risk items found within RSA IGL and displays in it a simple to understand format using a traffic light system.

 

All the data is dynamic and has the "drill-down" functionality, so you can click into the area to find out more!

We are looking for a beta tester client, who would like to work with us on this.

If you are interestred, please email me: jamie.pryer@rsa.com

 

Please note that this will require some time from your side, maybe 30min - 1hour on a Zoom sesssion to review the results and discuss the dashboard overall.

 

For this to work, you must be on version:

  • 7.1.0 P04 or higher
  • 7.1.1 (any version)

 

For a quick demo, please see this video:

 

An example screen shot of the dynamic risk based dashboard

Please find attached our November 2019 Edition of the newsletter.

 

DONT FORGET - please register for the December RSA IGL Webinar, with our customer "Dell Technologies" joining me to discuiss their success journey so far - Click Me

 

Our goal of this newsletter, is to help share more information about what's happening and key things for you to be aware of, specifically for RSA Identity Governance and Lifecycle.

This is a monthly release, so you can expect a new Newsletter at the start of each month.

Please feel free to leave comments/suggestions (positive or negative!) below and don't forget to hit that "like" button too 

 

Current Edition:

  • Issue #9, November 2019: See attachment below 
    • Note:you should be able to view this in a browser, or download/preview the document too. Any issues/questions, just reply to this!

 

Previous Newsletter Editions:

Hello RSA IGL Community!


I'm Megan, the RSA University Practice Lead for RSA Identity Governance and Lifecycle. Following October's amazing webinar (found here), I wanted to create a follow-up blog to highlight all the great things we have going on for RSA IGL to help you learn more and get more value from the product.  

  • A full revamp of our curriculum is underway! We're looking to offer high-level courses for those who are just getting started or just need to know the basics, as well as hands-on/working with an instructor, deeper looks into the admin side of things. If you have a need for training on a specific area or for a specific audience, please let me know!
  • Main link to RSA University - IGL Training Page with links to all available training: Click Here
  • The attached PDF includes the slides presented in October, with a summary of what's available now and what's coming soon!
  • Coming soon: A quarterly On-Demand live session with one of talented IGL Instructors. This is a great opportunity to dial in and ask questions that arose following any training you've taken through us.
  • And finally, here are some recent Q&As about RSA University:

    Question:Answer:
    The same training course is available in a number of different formats. Are the different formats priced differently?You may be seeing courses like the Admin series available in live (in person), live (virtual), and On-Demand Classroom formats. As each of these formats still gives you the full content and lab experiences, they are all priced the same.
    Pro tip: See our subscription option for one low price for all courses available in an On-Demand format, plus one certification exam voucher!
    I've been working with IGL for many years. Am I allowed to take the certification exams without first attending training?Absolutely! Training is not a prerequisite to taking the certification exams. We offer practice tests on RSA Link for you to gauge your level of readiness for each exam.
    Are the certification exams lab-based?Not at this time. Currently, all certification exams are multiple-choice only.
    How do keep the certification? Is there a CPE requirement?Exams currently expire after 2 years. To renew your certification, you simply take the most current exams. No tracking of CPEs is required!
    Are there any IGL live (in person) courses scheduled near me?Our schedules are posted online and are updated regularly. If you have a specific city or region where you would like us to offer a public course, please let us know!

 

Any questions, queries or ideas, please let me know. My proverbial door is always open, and I'm highly interested in making great training available that meets your needs!

 

All the best,
Megan

Date formats in workflows, typically come in a very long and "un-useful" format, which is: "YYYY-MM-DD HH:MM:SS" eg: 2019-11-05 10:46:54.0

This format is not very useful for business users and so changing it to be something more "readable" is a good idea in general. 

 

Thanks to the help from our resident rock star...Mostafa Helmy, we have the following example that you can use today for your review esclation emails. The below could be applied to any dates in other areas of the product too, however review esclations is a widely used area and a good place to start.

 

The process is as follows, where we want to update the review "end date" value.You could apply this to the "start date" too, if you wanted.

 

  1. First, establish the format of how you want the date to look. e.g.. "29-01-2019" or "Feb-22-19" etc..
  2. To do this, open a query analyser (e.g. SQL Developer) and test with the following SQL to find the date you want to display.
    Note, this example has 2 different options to get you started. Also, see the table below to get more ideas of the date formats that you could use.

    select to_char(sysdate,'MM/DD/YYYY') as new_date from dual;

    select to_char(sysdate,'DAY DD-MON-YY') as new_date from dual;


    Image of the above SQL example

  3. Once you have the correct format that you want to use
    Always start in DEV, NOT prod
  4. Log into RSA IGL as a user who can edit/create workflows
  5. Find the workflow/escalation you want to edit and open it
  6. Add a new "SQL Select" object to the workflow, at the start
    It must be before the "email" or what ever you want this better date format to be
  7. Edit the "SQL Select" object to be the following SQL.
    Note: This SQL will create a new value called "new_end_date" which can then be added into your email.
    Format SQL
    MM-DD-YYYY
    (08/21/2019)

    select to_char(end_date,'MM/DD/YYYY') as new_end_date from pv_review where id='${jobUserData_acm.ReviewId}'

    DD-MM-YYYY
    (21/08/2019)

    select to_char(end_date,'DD/MM/YYYY') as new_end_date from pv_review where id='${jobUserData_acm.ReviewId}'

  8. Make sure you now hit "SAVE"
    The new value wont show until you have done this!!
  9. Select your email node and "right-click" where you want to add the new value (new_end_date) to add it in. (See image below)
  10. Test this has worked by generating a new email and confirming the date format is correct and as expected.
  11. Migrate to production

 

 

 

 

Other formatting suggestions:

Note:

  • The format, MUST be in the correct CASE
  • See this link for Oracle datetime format models: Format Models 
YEARYear, spelled out
YYYY4-digit year
YYY
YY
Y
Last 3, 2, or 1 digit(s) of year.
IYY
IY
I
Last 3, 2, or 1 digit(s) of ISO year.
IYYY4-digit year based on the ISO standard
QQuarter of year (1, 2, 3, 4; JAN-MAR = 1).
MMMonth (01-12; JAN = 01).
MONAbbreviated name of month.
MONTHName of month, padded with blanks to length of 9 characters.
RMRoman numeral month (I-XII; JAN = I).
WWWeek of year (1-53) where week 1 starts on the first day of the year and continues to the seventh day of the year.
WWeek of month (1-5) where week 1 starts on the first day of the month and ends on the seventh.
IWWeek of year (1-52 or 1-53) based on the ISO standard.
DDay of week (1-7).
DAYName of day.
DDDay of month (1-31).
DDDDay of year (1-366).
DYAbbreviated name of day.
JJulian day; the number of days since January 1, 4712 BC.
HHHour of day (1-12).
HH12Hour of day (1-12).
HH24Hour of day (0-23).
MIMinute (0-59).
SSSecond (0-59).
SSSSSSeconds past midnight (0-86399).
FFFractional seconds.

Reports, Charts and Dashboards are a useful and powerful feature of RSA Identity Governance and Lifecycle.

However, it would seem that many are not using this to its full potential...so we are here to help change that!

 

I've created this video and presentation, to help you understand the fundamentals of how this feature of the product works, along with a real example you can apply yourself, in your environment. 

 

 Please watch the video to learn more and leave you thoughts/comments below! 

Hit "like" above if you found this useful!

Zoom Video Link --> RSA Reports, Charts and Dashboards - Overview and Live Demo - Zoom 

 

Other Useful Links:

 

Example of what is created in the video

 

Useful SQL for finding tables you might need

Replace "xxx" with a lower case search, like "user" or "app" or "role"

select * from user_views
where lower(view_name) like '%xxx%'
order by view_name asc

 

SQL used in the video and presentation.

Please note that this SQL might not be relevant for your environment, so always test this in Dev before testing in Production. Some of this SQL might produce too much data and so adding a date filter (e.g.. in the last year) might be useful. The below is shared to give you examples of the SQL which was used in the demo and presentation/video. 


Active Review Details (Report)

(SELECT 
pR.NAME,
pR.END_DATE,
pRS.REVIEWED_ENTS_COUNT,
pRS.TOTAL_ENTS_TO_REVIEW,
pRS.REVIEWED_USERS_COUNT,
pRS.TOTAL_USER_COUNT,
concat(CAST(((pRS.REVIEWED_ENTS_COUNT/pRS.TOTAL_ENTS_TO_REVIEW) *100) AS NUMERIC(10,0)),'%') AS Percent_Complete
FROM AVUSER.PV_REVIEW pR
LEFT JOIN AVUSER.PV_REVIEW_STATUS pRS
ON pR.ID = pRS.REVIEW_ID
WHERE pR.STATE = 'InProcess')

 

Outstanding Review Items (Report)

(SELECT * FROM 
(SELECT R.NAME AS Review_Name,
U.FIRST_NAME,
U.LAST_NAME,
U.DEPARTMENT,
TOTAL_ENTS_TO_REVIEW AS Total_Review_Items,
REVIEWED_ENTS_COUNT,
CAST((REVIEWED_ENTS_COUNT /TOTAL_ENTS_TO_REVIEW) AS NUMERIC(10,2)) AS Input_Pct,
concat(CAST(((REVIEWED_ENTS_COUNT/TOTAL_ENTS_TO_REVIEW) *100) AS NUMERIC(10,0)),'%') AS Percent_Complete
FROM avuser.PV_REVIEW R
JOIN avuser.PV_REVIEW_REVIEWER_SUMMARY REVIEWER_STAT_BY_COMP
ON R.ID = REVIEWER_STAT_BY_COMP.REVIEW_ID
JOIN avuser.PV_USERS U
ON REVIEWER_STAT_BY_COMP.REVIEWER_ID = U.ID
WHERE R.STATE= 'InProcess')
WHERE PERCENT_COMPLETE <> '100%'
ORDER BY TOTAL_REVIEW_ITEMS DESC)

 

Active Reviews (Chart)

(SELECT 
pR.NAME,
pR.END_DATE,
CAST(((pRS.REVIEWED_ENTS_COUNT/pRS.TOTAL_ENTS_TO_REVIEW) *100) AS NUMERIC(10,0)) AS Percent_Complete
FROM AVUSER.PV_REVIEW pR
LEFT JOIN AVUSER.PV_REVIEW_STATUS pRS
ON pR.ID = pRS.REVIEW_ID
WHERE pR.STATE = 'InProcess')

 

Overall Review Summary (Chart)

(select 
state as review_state,
count(*) as total_items
from AVUSER.PV_REVIEW
group by state)

 

 

Thanks!

please comment below and hit like if this is helpful!

Please find attached our October 2019 Edition of the newsletter, presented in a slightly new and updated format. 

 

 

DONT FORGET - please register for the October IGL Huddle - Click Me

 

Our goal of this newsletter, is to help share more information about what's happening and key things for you to be aware of, specifically for RSA Identity Governance and Lifecycle.

This is a monthly release, so you can expect a new Newsletter at the start of each month.

Please feel free to leave comments/suggestions (positive or negative!) below and don't forget to hit that "like" button too 

 

Current Edition:

  • Issue #8, October 2019: See attachment below 
    • Note:you should be able to view this in a browser, or download/preview the document too. Any issues/questions, just reply to this!

 

Previous Newsletter Editions:

In the recent  RSA Identity Governance and Lifecycle 7.1 release, you can now require a user to specify if a mitigating control is in place for when granting an exception to a Segregation of Duty (SOD) or User Access (UA) policy violation.

During a policy violation review, and when granting an exception, the remediator can specify if there is a mitigating control in place. They can choose if control is:

  • In-Place – there is a control that has been implemented
  • Pending – there is a control defined and is in the process of being implemented
  • None – there are no controls in place or defined at this time

This feature compliments New Feature: Customer Specific Business Justifications that can also be selected when granting a policy exception.   

The configuration for adding mitigating controls for granting exceptional access to policy violations can be found within the rule definition. 

For more information on this feature – please check out this additional content. 

Mitigating Controls for Violation Remediation 

In the recent RSA Identity Governance and Lifecycle 7.1 release, the user interface can customized to better brand the product for the customer's environment.  One new key customization available is the background image displayed when user's are on the login screen.  The file must be a JPEG file that is called login-background.jpg.  The file should be uploaded to the Admin→User Interface→Files page under the images section.  When new users login, they will be shown a customized login screen like the following:

Things to consider when customizing this:

  • The image should be a decent resolution so it renders on various client screen resolutions
  • The file size should not exceed 10MB so it doesnt impact the speed to load the screen the first time too much
  • The uploaded image is audited as part of the events found under Admin->System→Audit

 

Included in this blog is a set of background images (see attachments) to try out.  Rename the image to login-background.jpg and upload.  The image will be shown the next time you login to the product.

We are excited to introduce a new virtual deployment option in the recent RSA Identity Governance and Lifecycle 7.1  release which makes it easier to deploy our solution in a VMWare virtualization environment!

Provided as an OVA file, all the neccessary componets are supplied to connect your RSA Identity Governance and Lifecycle application to an existing database instance.  Using the supplied configuration wizard, which prompts and ensures that all the necessary configurations are set, customers can quickly stand up the RSA Identity Governance and Lifecycle application. 

For more information and to view an example installation and setup, please refer to the following video tutorial:

Virtual Application Installation and Setup 

I'm very excited and happy to share our latest edition of the RSA Identity Governance and Lifecycle Newsletter. 

 

 

DONT FORGET - please register for the September IGL huddle, with info found here

 

Our goal of this newsletter, is to help share more information about what's happening and key things for you to be aware of, specifically for RSA Identity Governance and Lifecycle.

This is a monthly release, so you can expect a new Newsletter at the start of each month.

Please feel free to leave comments/suggestions (positive or negative!) below and don't forget to hit that "like" button too 

 

Current Edition:

  • Issue #7, September2019: See attachment below (note: 1 page this month)
    • Note:you should be able to view this in a browser, or download/preview the document too. Any issues/questions, just reply to this!

 

Previous Newsletter Editions:

After updating Google Chrome to 76.x or higher, many areas of the RSA Identity Governance & Lifecycle user interface are missing tabs. Symptoms include:

  • Missing tabs when editing a connector, collector, form or review definition.
  • Missing tabs when viewing review result items.
  • Missing tabs when performing a change request approval.
  • Inability to create an AFX connector due to missing tabs preventing the input of required information

 

For more details, please review 000037927 - Missing tabs and skewed buttons in the RSA Identity Governance & Lifecycle user interface after Google Chrome updates 

I'm very excited and happy to share our latest edition of the RSA IGL newsletter.

 

DONT FORGET - please register for the TechHuddle found here

 

Our goal is to help share more information about what's happening and key things for you to be aware of, specifically for RSA Identity Governance and Lifecycle.

This is a monthly release, so you can expect a new Newsletter at the start of each month.

Please feel free to leave comments/suggestions (positive or negative!) below and don't forget to hit that "like" button too 

 

Current Edition:

  • Issue #6, August 2019: See attachment below
    • Note:you should be able to view this in a browser, or download/preview the document too. Any issues/questions, just reply to this!

 

Previous Newsletter Editions:

I'm very excited and happy to share our latest edition of the RSA IGL newsletter.

 

DONT FORGET - please register for the TechHuddle found here

 

Our goal is to help share more information about what's happening and key things for you to be aware of, specifically for RSA Identity Governance and Lifecycle.

This is a monthly release, so you can expect a new Newsletter at the start of each month.

Please feel free to leave comments/suggestions (positive or negative!) below and don't forget to hit that "like" button too 

 

Current Edition:

  • Issue #5, July 2019: See attachment below
    • Note:you should be able to view this in a browser, or download/preview the document too. Any issues/questions, just reply to this!

 

Previous Newsletter Editions:

(Authored by Steve Schlarman, Portfolio Strategist, RSA)

 

 

It was Mark’s big shot.  He finally had a meeting with Sharon, the CIO.  Her schedule was so busy it was legendary and for her to spend time with a risk analyst was a clear indicator she recognized the new challenges facing their company.  Although he only had 15 minutes, Mark was prepared - notepad at the ready, brimming with nervous energy.   After some brief chit-chat he got down to business – ready to drill into a conversation about their company’s biggest obstacles; the most impactful concerns; the top of mind issues; the coup de grace that could spell disaster for the organization.  He took a deep breath and went to his big money question… ‘So, what keeps you up at night? What are you worried about?’ 

Sharon beamed.  She spun around to her white board and spewed a litany of projects fueling their company’s digital transformation – an IoT project, the SalesForce.com implementation, a massive VMWare migration and their hybrid cloud, the new employee work-at-home program, the impending customer mobile portal…

While that question got Sharon started, let’s think about this a bit differently.

With all the benefits the new digital world offers, there are a host of risks that must be managed.   The major areas of risk remain the ‘usual suspects’ such as security, compliance, resiliency, inherited risks from third parties and operational risk. However, digital business amplifies uncertainty for organizations today.  For example:

  • Digital business, by its very nature, increases the threat of cyber incidents and risks around your intellectual property and customer data.
  • The expanded connectivity and expectations of the ‘always on’ business stresses the importance of resiliency.
  • Business has evolved into an ecosystem of internal and external services and processes leading to a complex web of ‘inherited’ risks.
  • The disappearing perimeter and digital workforce is challenging how organizations engage their customers and employees.

Factors such as these are why digital initiatives are forcing organizations to rethink and increasingly integrate their risk and security strategies. 

The objective for today’s risk professional is not just about defending against the bad.  Just like Mark discussing the parade of initiatives with Sharon that clearly impact their company’s future, you must be ready to help usher in a new age of digital operations.  Merely riding the buzzword wave - IoT, social media, big data analytics, augmented reality… - is not enough. 

You must look at opportunities to enable innovation in your business while building trust with your customers and throughout your enterprise.  Your business must be comfortable with embracing risk and aggressively pursuing market opportunities offered by new technology.  To do that, risk associated with the use of emerging or disruptive technology in transforming traditional business processes needs to be identified and assessed in the context of fueling innovation.   You also must keep focus on the negative side of risk.  Your business today demands an open, yet controlled, blend of traditional and emerging business tactics.  You must help manage the ongoing risk as these transformed business operations are absorbed into the organization fully, i.e. the new model becomes the normal model of doing business.

Risk is, by definition, uncertainty.  Everyone is concerned about uncertainty in today’s world.  However, if we go back to the simple equation (risk = likelihood * impact), risk should be something we can dissect, understand, and maybe even calculate.   While you are helping your organization embrace the advantages (positive risk) of technologies like IoT, data analytics, machine learning and other emerging digital enablers, the volatile, hyperconnected nature of digital business amplifies the negative side of risk.  It is anxiety about the unknown that leads us into that executive conversation, but it shouldn’t lead to worry.

Worry is about fear.  Your executives shouldn’t be afraid in today’s world.   They should have informed concerns.  And you – as the security or risk person in the room – should be feeding insights to raise their visibility of the likelihood of events and diminish their distress on the negative impacts.  Risk is part of riding the waves of business opportunities.

Risk is not something you should WORRY about…  it is something you should ACT on.

***********

To learn more about digital risk management, click on our new Solutions Banners located in the right-hand column of each RSA product page: Third Party RiskCloud TransformationDynamic Workforce, and Cyber Attack Risk.

I'm very excited and happy to share our latest edition of the RSA IGL newsletter

 

Our goal is to help share more information about what's happening and key things for you to be aware of, specifically for RSA Identity Governance and Lifecycle.

This is a monthly release, so you can expect a new Newsletter at the start of each month.

Please feel free to leave comments/suggestions (positive or negative!) below and don't forget to hit that "like" button too 

 

Current Edition:

  • Issue #4, June 2019: See attachment below
    • Note:you should be able to view this in a browser, or download/preview the document too. Any issues/questions, just reply to this!

 

Previous Newsletter Editions: