Skip navigation
All Places > Products > RSA Identity Governance & Lifecycle > Blog > Authors Nathan Furze
1 2 Previous Next

RSA Identity Governance & Lifecycle

17 Posts authored by: Nathan Furze Employee

The RSA® Identity Governance Service Team recently published a new Implementation Blueprint for integrating RSA Identity Governance and Lifecycle with Varonis DataPrivilege®.  Together RSA Identity Governance and Lifecycle and Varonis deliver a data access governance solution that allows centralized management and control of unstructured data to quickly detect and mitigate access risks ensuring continuous compliance.

 

This Implementation Blueprint will help the business to quickly detect security and compliance access risks and amend access entitlements issues associated with unstructured data

 

This Implementation Blueprint provides the following benefits:

  • Enhanced visibility and control of unstructured data directly within RSA Identity Governance and Lifecycle.
  • Ensures users are granted appropriate access permissions in accordance with the organization’s access policies.
  • Reduces the attack surface and enhances regulatory compliance by limiting access privileges and deactivating stale/orphaned accounts.
  • Automate provisioning and de-provisioning of access permissions

 

Key Use Cases:

  • Unstructured data access certifications
  • Self-service access request for unstructured data
  • Data owner approval of access requests
  • Automate access requests and revocations to Varonis

 

For more information on RSA Identity Governance and Lifecycle Implementation Blueprints, please visit rsa.com/igl or contact an RSA representative.

RSA is making identity governance and administration (IGA) easier with the release of RSA Identity Governance and Lifecycle version 7.1 to simplify day-to-day governance while reducing overall identity risks.

TOP REASONS TO UPGRADE TO VERSION 7.1

Whether you are on an older version of RSA Identity Governance and Lifecycle or just recently updated to version 7.0.x, upgrading to version 7.1 provides many benefits.

Better User Experience and More Effective User Access Reviews

The new user experience for reviews provides a much simpler experience for your end users, a great advantage, but it’s more than that. The newly enhanced experience leverages underlying risk analytics to determine risky access and/or violations and prioritizes that access for the end users. By taking a risk-based approach, reviews are more effective, as the highest priority (riskiest access) is addressed first by the end users. This ultimately helps reduce rubber stamping by business users and improves your overall security posture.

More Secure Password Management for Privileged Users

Organizations that are using the current integration with CyberArk Application Identity ManagerTM (AIM)in the 7.0 platform can enable the collectors with version 7.1 for CyberArk in addition to the existing connectors. This enables passwords to be managed and rotated through CyberArk instead of being stored inside RSA Identity Governance and Lifecycle.

Improved Product Performance and Scalability

We continue to focus on advancing overall performance and scalability of the platform to ensure it meets the growing needs of our customers. Additional enhancements, including data archiving and workflow priority queuing and dashboards, help to streamline and make day-to-day administration easier and faster within the platform. The archiving feature helps organizations that have lengthy retention policies and/or compliance requirements. By archiving, you are able to meet the requirement, but move data off of production in order to improve overall performance and not bog down the system.

Broader System Support

The newly released platform supports updated versions of the operating system (SUSE 12), application services (WildFly 10, WebLogic 12.2, WebSphere 9) and Java 8. These updated version supports may be required by some environments and are available now with version 7.1.

 

ADDITIONAL FEATURES & ENHANCEMENTS

Workflow Priority Queues & Enhanced Dashboard

Improved workflow priority visibility lets users proactively understand factors that may be blocking higher-priority requests and be able to remediate.

Multiple workflow queues have been added to manage various types of requests to process the most important items first, such as termination/password reset requests, which are placed in a high-priority queue. New dashboard surfaces details on workflow performance and alerts administrators with issues that may be blocking higher-priority requests from being addressed.

 

Virtual Application for VMware

RSA has made it easier for customers to deploy a virtual image of the RSA Identity Governance and Lifecycle application in their virtual environment for VMware. This reduces the time and effort required to get RSA Identity Governance and Lifecycle up and running in a virtual environment through traditional installation processes.

.

 

READY TO UPGRADE? LET’S GET STARTED!

For more information visit RSA Announces the Availability of the RSA Identity Governance and Lifecycle 7.1 Release . To schedule a demo of version RSA Identity Governance and Lifecycle 7.1, contact your RSA representative.

In the RSA Identity Governance and Lifecycle 7.1 release we have added a data archiving feature to allow for the removal of old data from the active system.  The feature will enabled administrations to reduce the size of the database, improve system efficiency and more effectively adhere to their data retention policies.   Once archived, the data will be removed in the next scheduled data purge session. 

 

Check out this post for an overview of the previously released data purge feature - New Feature:  Database Purge . 

 

For more information on this feature – please review this additional content

 

Introduction to Data Archiving 

Data Archive Planning 

Creating a Data Archive 

Troubleshooting Data Archive Failures 

How to Stop a Data Archive 

How to Resume a Suspended Data Archive Run 

Data Archiving: Administrator Experience 

In the recent RSA Identity Governance and Lifecycle 7.1 release we are very excited to announce the release of a new User Access Review experience. 

 

We have been engaged with many of our customers and partners to understand their key challenges with access reviews. From this engagement we set out to re-imagine our end-user review experience with a focus on three goals:

 

  • Incorporate risk concepts into the governance process.   Things like open violations, exceptional access, application criticality and privileged should all be incorporated into the decision to maintain or revoke access. 
  • Arm reviewers with more context.   Reviewers should have a wide range of context at their fingertips to understand the mountain of data they are often asked to review.
  • Make reviews easier.  We want reviewers to complete their reviews faster, provide a more meaningful experience and allow them to get back to their day jobs sooner.   

 

Some notable highlights for the new design experience:

 

Review Instructions – No longer will review instructions cover the table when open by default.

 

Progress Monitor – In the upper right side of the table we include in review progress indicator that also will highlight when the review is due.  The progress indicator provides real time feedback as the reviewer takes action on items within the review.

 

Analysis and Guidance Panel -   Prioritize your attention during a review by organizing your review items into useful categories.  Also see this separate post on the Analysis and Guidance Panel.

 

Column Level Filtering - Narrow down your review items by using one or more column filters.

 

Centralized Take Action Menu – Select many items and take action in 1 click.

 

Centralized Review Data – Expand the row to view more information about the user, entitlement and business source.

 

For more information on this feature – please check out this additional content. 

 

New User Access Review Experience - Review Components 

New User Access Review Experience - Table and Review Items 

New User Access Review Experience - Analysis and Guidance Panel 

New User Access Review Experience - Review Item Delegation 

New User Access Review Experience - Take Action Menu 

New User Access Review Experience - Expanded View 

New User Access Review Experience - View and Column Filters 

New User Access Review Experience - Table Options 

 

Achieve Business Agility with RSA Identity Governance and Lifecycle. 

As an addendum to the previous release of the Password Vault Integration feature in RSA Identity Governance and Lifecycle v7.0.2 we are happy to announce the release of additional support for collectors and connectors.  The password vault feature will allow RSA Identity Governance and Lifecycle to retrieve and rotate privileged credentials from CyberArk Application Identity ManagerTM (AIM). 

 

For a list of supported endpoints, please review the Connector & Collector Application Guides  or the supported endpoint data sheet - RSA Identity Governance and Lifecycle - Supported Collectors and Connectors   

 

For more information on this feature – please review this additional content. 

 

Active Directory Application Wizard Password Vault Configuration 

Password Vault Configuration - Active Directory Collector 

 

Reduce Identity Risk with RSA Identity Governance and Lifecycle

In the recent RSA Identity Governance and Lifecycle 7.1 release we have added a new Analysis and Guidance panel for User Access Reviews.  The Analysis and Guidance panel provides more context to the reviewer to (1) improve risk awareness, (2) identify outlier access, and (3) reduce the volume of decision making. 

 

The analysis and guidance panel allows the reviewer to easily filter their review results by different categories to allow them to focus on specific set of data.  For example; show only privileged access that contains violations or uncommon access (outliers) that contain violations.   The inclusion of the panel and various analysis are configurable at the review definition level. 

 

The analysis and guidance panel focuses on three main use cases

 

Improve Risk Awareness

  • Display all items with Violations
  • Display all items with Exceptional Access
  • Display all items that were previously revoked
  • Display all items for critical applications
  • Display all items that contain privileged access

 

Identify Outlier Access

  • Display all items that are not commonly held

 

Reduce the Volume of Decision Making

  • Display all items that are commonly held
  • Display all items that were recently approved
  • Display all items that have not changed since the last review

 

In addition the analysis and guidance panel filtering can be combined with table filtering to isolate all violations for privileged entitlements within a specific role or business unit.  

 

For more information on this feature – please check out this additional content. 

 

New User Access Review Experience - Analysis and Guidance Panel 

RSA Identity Governance and Lifecycle in the news!  

 

RSA Identity Governance and Lifecycle Receives Common Criteria Certification

Check out our latest IAM blog - Yin and Yang: Two Views on IAM – Active Directory Automation, Success or Failure? by our own Steve Mowll and Chris Williams.

 

 

 

See what KuppingerCole says about RSA Identity Governance and Lifecycle!

https://blogs.rsa.com/executive-view-from-kuppingercole/ 

 

The RSA Identity Governance and Lifecycle Shopping Cart has been certified on Helsinki and Instanbul versions of ServiceNow.  

 

RSA on ServiceNow Store  

Have you ever wanted to go on vacation and not be bothered for escalated approvals, activities, and reviews?  Well now you can with the latest release - RSA Announces the Availability of the RSA Identity Governance and Lifecycle 7.0.2 Service Pack Release.    We have added a new feature to enable a user or manager to set their availability as gone fishin’ out of office and select a delegate to act on their behalf. 

 

During the out of office period the delegate will see any approvals, activities or reviews that would have normally been
assigned to the user that is currently out of office.  The delegate completes the work as if it was their own and the audit history will capture the fact the user acted as a delegate.  Once the out of office period ends - any unfinished delegated tasks will revert back to the original owner. 

 

Administrators can limit who can be selected as a delegate, change the default out of office workflow and see a clear audit trail of activity. 

 

Please check out additional content on the new feature

 

Introduction to Out of Office Task Delegation 

Out of Office Task Delegation - Delegate Experience 

Out of Office Task Delegation: Forms and Workflows 

 

Achieving Business Agility with RSA Identity Governance and Lifecycle.

Identity has emerged as the most consequential attack vector for threat actors, but risk is not evenly distributed across all user populations.  Privileged users and applications potentially pose more risk to the organization than non-privileged users.  Unauthorized access to privileged user credentials enables faster advance of a cyber-attack and the higher probability of a costly data breach or devastating disruption of service. 

 

To mitigate the security and compliance risks associated with all users, including privileged users, organizations must have control and visibility of all user access and their entitlements.     We are proud to release support for Lieberman Enterprise Random Password ManagerTM (ERPM) collection and provisioning in the latest release - RSA Announces the Availability of the RSA Identity Governance and Lifecycle 7.0.2 Service Pack ReleaseThe interoperability of Lieberman ERPM and RSA Identity Governance and Lifecycle enables organizations to gain a unified, policy-driven identity and access governance across all users. Once deployed, the interoperable solution effectively arms organizations with the information they need to quickly identify and respond to security risks involving the organization’s most powerful identities – privileged users.

 

Solution Benefits:

  • Provides enhanced visibility and control of privileged accounts and access data directly from RSA Identity Governance and Lifecycle.
  • Unifies account provisioning processes for privileged and non-privileged users.
  • Ensures privileged users are granted appropriate access permissions based on similar privileged users’ attributes (e.g. roles, job functions), and in accordance with the organization’s access policy. Allows the line of business to make access decisions
  • Reduces the attack surface and enhances regulatory compliance by limiting access privileges and deactivating stale/orphan privileged accounts.
  • Streamlines governance and compliance processes by generating reports and auditing all identities and access permissions directly from RSA Identity Governance and Lifecycle.

 

Please check out additional content on the new feature

 

Collection and Provisioning with Lieberman ERPM 

RSA Identity Governance and Lifecycle - Lieberman Software Rapid Enterprise Defense Identity Management 

 

Reduce Identity Risk with RSA Identity Governance and Lifecycle.

 

Identity has become the most consequential cyber-attack vector.  According to the 2016 Verizon Data Breach Investigations Report, 63% of confirmed breaches involved the use of weak or stolen credentials. Attacks may start with simple account compromise or control of orphaned accounts but quickly escalate to the most prized credentials—those of privileged users.   

 

With a focus on helping organizations reduce identity risk – we are proud to announce the release of the password vault
feature in the latest release - RSA Announces the Availability of the RSA Identity Governance and Lifecycle 7.0.2 Service Pack Release
The password vault feature will allow RSA Identity Governance and Lifecycle to retrieve and rotate privileged credentials from CyberArk Application Identity ManagerTM (AIM). 

 

The password vault interoperability supports the following endpoints:

 

Please check out additional content on the new feature

 

Configure Password Vault  

Password Vault: Configure Active Directory Connector 

Password Vault: Password Rollover 

 

Reduce Identity Risk with RSA Identity Governance and Lifecycle

Identity has become the most consequential cyber-attack vector.  According to the 2016 Verizon Data Breach Investigations Report, 63% of confirmed breaches involved the use of weak or stolen credentials. Attacks may start with simple account compromise or control of orphaned accounts but quickly escalate to the most prized credentials—those of privileged users.  

 

With a focus on helping organizations reduce identity risk - our upcoming v7.0.2 release includes interoperability between Lieberman ERPM and RSA Identity Governance and Lifecycle to enable organizations to gain a unified, policy-driven identity and access governance across all users. Once deployed, the combined solution effectively arms organizations with the information they need to quickly identify and respond to security risks involving the organization’s most powerful identities – privileged users.

 

 

Lieberman Software Announces Interoperability with RSA® Identity Governance and Lifecycle - Liebsoft 

 

Spoiler Alert! With a focus on helping organizations reduce identity risk - our upcoming v7.0.2 release includes a password vault feature that will enable RSA Identity Governance and Lifecycle to retrieve and rotate privileged credentials from CyberArk Application Identity ManagerTM (AIM).     This RSA Identity Governance and Lifecycle feature is a key part of today’s CyberArk C3 Alliance announcement. 

 

https://www.cyberark.com/press/cyberark-expands-c3-alliance-to-drive-greater-cyber-security-innovation-and-collaboration/

 

More details to come on RSA Link for this feature when v7.0.2 becomes generally available.