Stephen Mowll

What’s New in RSA Identity Governance & Lifecycle 7.1.1?

Blog Post created by Stephen Mowll Employee on Mar 20, 2019

Our 7.1.1 release continues to build on many of areas of improvement we have made across the 7.x releases including enhancing the user experience, delivering analytics to make informed decisions, and reducing the complexity of Identity Governance and Administration.

As we look at our recent releases we have provided innovations such as the new user access review making it easier to understand if access is appropriate, quick start deployments, and analytics that make your processes easier to manage, while enhancing some of the screens in the product to be simpler and easier to use.

So, what about 7.1.1?

Segregation of Duties, made simple

Management of Segregation of Duties (SoD) rules and processes can be hard; when you try and scale it to hundreds or thousands of applications it can feel impossible. To meet the every increasing risk and compliance requirements of many organizations SOD management at this scale is being demanded by audit and the business. To achieve this businesses are defining SoD matrix, a set of access classifications that cannot be held in combination. These organizations are then classifying their access and in this way are able to have simple dynamic SoD detection based on access classification.

To help our customers, RSA has provided a SOD solution including a recommended practice and two new product capabilities in this area.

New SoD Remediator Experience

Working with our customer design partners, RSA has significantly enhanced the remediator experience to reduce the level of effort needed to make decisions when a violation occurs. The experience provides more analytics and data while also allowing bulk actions and reassignments to take place when needed.

SoD Recommended Practice

This recommended practice talks you through our solution for implementing SoD detection, including building the classifications matrix and implementing it within our platform.

Advanced SoD Analysis rules

The new advanced rule process allows for a third data element to be considered when detecting SoD violations. This is needed when using a classification model to detect true violations and remove false positives. For example, you could say that having front office access together with back office access is a violation, but if they have that access in two different applications or countries, it might not be. The advanced rule capabilities allow you to make these correlations .

Continued evolution of the New Reviewer Experience

After RSA released the new Access Reviews experience in 7.1, we wanted to continue to enhance reviews based on the feedback from our customers. In 7.1.1 we have added several changes based on your input. 

Custom Views/Classifications

Give your reviewers more insight into the access they review, build your own custom views of data to highlight areas of risk or provide importance context to reviewers such as critical or privileged entitlements.

Review Calendars

Give your reviewers the time to complete their review successfully, take into account weekends and holidays when setting the amount of time they have to complete a review. All review types now allow you to specify the calendar they use when setting the timing of the review.

Pending Revoke, Automatically Marked Revoke

Reviewers are always frustrated when things don’t make sense. In 7.1 when we added categories into the review we provided a category called “Pending Revoke”. This means the items in this category are already in the process of being removed. Then reviewers asked “Why do we have to mark them as revoke again?” The default now is that everything in this category is immediately marked as revoked in the review.

Diagnostics & Heuristics

Collecting and testing key performance indicators

How successful am I being? How many applications have I onboarded? How many requests have I processed? What are the trends on my system? Is the way I configured the system the best way?

These are the types of questions we want to answer with this feature, which collects over 130+ data points daily to give you a better understanding of the successes and trends in your system.

These are things like the number of users, application, entitlement, orphan accounts, or time it takes to collect the data, approve a request, or complete a review. You can also provide the data to RSA, where we can give you with deeper insights looking at best practice and your status against other similar customers.

Trending Dashboards

7.1.1 provides a number of new trending dashboards allowing you to visualize the trends in key areas such as reviews, requests, rules, and roles. Customers can create their own as well, leveraging a new public view against the diagnostics and heuristics data.

So, as you can see, there are some great innovations in this release and these are just some of the highlights. Check out the release notes for full details and look out for the RSA Identity Governance and Lifecycle quarterly webinar series here where we will give more insights into what’s coming in the future!

Outcomes