Technology Report: Access Governance Architectures

Report Details

Access Governance is about the governance and management of access controls in IT systems and thus about mitigating access-related risks. These risks include the theft of information, fraud through changing information, and the abuse of IT systems for example in banking for illegal actions, to name just a few. The large number of prominent incidents within the last few years proves the need to address these issues – in any industry. There is an increasing number of tools for Access Governance. However, the implementation has to be well-thought, given that there are many different architectural approaches for Access Governance.

It is no surprise that the vendors of Access Governance tools tend to position their tools as the core element of at least the IT GRC infrastructure. From the KuppingerCole perspective, the role shouldn’t be overhyped. Access governance is important with respect to the high relevance of access risks. However, Access Governance might be accomplished using provisioning tools. And, beyond that, Access Governance is just one element within a larger GRC architecture.

Thus, successful implementations require a holistic view on GRC to ensure that all types of IT controls are covered and well aligned to the business controls. It requires as well a well-thought architecture with respect to existing or planned identity provisioning tools, which aren’t substituted by access governance tools. The report discusses the different architectural options, their strengths and their weaknesses.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Mar 23, 2010

Technology Report: Access Governance Architectures

Access Governance is about the governance and management of access controls in IT systems and thus about mitigating access-related risks. These risks include the theft of information, fraud through changing information, and the abuse of IT systems for example in banking for illegal actions,…

€165.00
excl. VAT
Get Access
Mastercard Visa PayPal INVOICE

Latest Related Reports

Leadership Compass

Leadership Compass: Access Governance & Intelligence - 71145

Leaders in innovation, product features, and market reach for access governance & Intelligence. Delivering the capabilities for managing access entitlements, always knowing the state of these, and enforcing access and SoD policies across heterogeneous IT environments on premises and in…

Advisory Note

Architecture Blueprint: Access Governance and Privilege Management - 79045

Well-designed IAM/IAG-architectures establish real-time visibility of all accounts of a person, thereby closing a formerly intrinsic security gap. Bridging between established governance silos within organizations enables full enforcement of Segregation of Duties rules for both business and…

Whitepaper

Whitepaper: Saviynt: IAM for the Hybrid Reality. Efficiently Managing On-Premise IT and the Cloud - 70364

Most organizations today run in a hybrid IT environment. However, their IAM solutions have repeatedly been built for the traditional on-premises IT. IAM needs to become a service that supports the hybrid IT infrastructure organizations run today. This whitepaper describes the paradigm…

Executive View

Excutive View: Imprivata - 71514

On October 24, 2017, Imprivata significantly enhanced their healthcare-focused enterprise SSO offering with Identity Provisioning and Access Governance capabilities acquired from Caradigm. With that offering they are broadening their portfolio while remaining focused on the healthcare…

Advisory Note

Advisory Note: Redefining Access Governance - Beyond annual recertification - 72529

Improve your level of compliance, gain up-to-date insight and reduce recertification workload. Add business risk scoring to your Access Governance Architecture, focus attention on high-risk access and extend your existing infrastructure to provide real-time access risk information. Re-think…

Advisory Note

Advisory Note: KRIs and KPI for Access Governance - 72559

This report provides selected Key Risk Indicators (KRI) for the area of Access Governance. These indicators are easy to measure and provide organizations with a quick overview of the relevant risks and how these are changing. The indicators can be combined into a risk scorecard which then…

Executive View

Executive View: Nexis Controle 3.0 - 72535

Nexis Controle 3.0 setzt intelligente Analytics-Verfahren für Rollen und Identitäten um und legt damit die Grundlage für ein strategisches Lebenszyklusmanagement von Rollen, entweder als eigenständige Lösung oder als ergänzende Komponente zu bestehenden…

Leadership Compass

Leadership Compass: Identity as a Service: Cloud-based Provisioning, Access Governance and Federation (IDaaS B2E) - 70319

Leaders in innovation, product features, and market reach for Identity as a Service offerings targeting full Identity and Access Management and Governance capabilities for employees in hybrid environments, but also delivering Single Sign-On to the Cloud and providing support for other…

Executive View

Executive View: Nexis Controle 3.0 - 72535

Nexis Controle 3.0 implements intelligent role and identity analytics while laying the foundation for strategic role lifecycle management as either a stand-alone solution or as a companion component to existing Identity and Access Management infrastructures. The integration of corporate…

Executive View

Executive View: EmpowerID - 70894

EmpowerID provides  a complete solution for IAM, CIAM, and Adaptive  Authentication.  With a highly  customizable workflow and authorization engine,  EmpowerID delivers advanced functionality for  enterprise and government  customers.

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Future-Proofing Your Cybersecurity Strategy

It’s May 25 today, and the world hasn’t ended. Looking back at the last several weeks before the GDPR deadline, I have an oddly familiar feeling. It seems that many companies have treated it as another “Year 2000 disaster” - a largely imaginary but highly publicized issue [...]

Latest Insights

Hot Topics

Spotlight

Compliance, Risk & Security Learn more

Compliance, Risk & Security

Whether public, private or hybrid clouds, whether SaaS, IaaS or PaaS: All these cloud computing approaches are differing in particular with respect to the question, whether the processing sites/parties can be determined or not, and whether the user has influence on the geographical, qualitative and infrastructural conditions of the services provided. Therefore, it is difficult to meet all compliance requirements, particularly within the fields of data protection and data security. The decisive factors are transparency, controllability and influenceability of the service provider and his [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00