The Roles Discovery Project

Check out the latest release of Sun Role Manager at:

www.sun.com/rolemanager

Product features include:

---

360-degree view of assigned access

• Goes beyond “who has access to what” to reveal what was done with the access, including policy violations and potential violations

Provides information to make intelligent decisions concerning user access

---

Closed-loop remediation

• Provides an automated, end-to-end solution for reviewing and revoking access
• Automatically verifies remediation and sends alerts if remediation does not take place

• Helps control cost of compliance by automating processes
• Reduces risk of policy violations and compliance failures

---

Rule lifecycle management

• Applies role lifecycle management technology to audit and role assignment rules
• Proactively determines impact of rule changes on access assignment processes
• Provides API for remotely executing rule assignment and SoD rules

• Improves audit effectiveness by capturing rules history
• Provides information for decision making
• Simplifies integration with systems that utilize Role Manager as authoritative source for roles

---

Role engineering

• Conducts role mining based on organization, user, and entitlement attributes
• Performs both top-down and bottom-up role mining
• Uses rule discovery to correlate rules between approved roles and attributes for use in role assignment

• Improves alignment between IT and business organizations by mapping business roles to underlying entitlements
• Reduces the cost of defining roles by automating manual processes

---

Role maintenance

• Provides role approvals upon detection of entitlement updates
• Performs impact analysis before changes
• Allows for the definition of temporary roles
• Enables simple changes in access based on changes in job responsibilities

Improves organizational flexibility by making it fast and easy to change access based on business needs

---

Role certification

• Improves alignment between IT and business organizations

---

Access certification

• Reduces costs by automating existing manual controls
• Enhances audit effectiveness by enforcing concept of least privilege

---

Policy enforcement

• Enables enterprise-level monitoring of access for conflicts in SoD and security policy
• Supports inter- and intra- application policy enforcement
• Provides complete lifecycle management of a policy violation

• Reduces business risk associated with failed access controls
• Enhances audit effectiveness by enforcing security policies related to SoD and least privilege
• Reduces costs by automating existing manual processes for enforcing security policies

---

Compliance dashboard

• Delivers an enterprise view of certification status
• Provides an enterprise view of policy exceptions
• tracks policy exceptions by type and business unit
• Provides historical trending analysis

Improves compliance by providing an easily accessible view of activities

---

Data collection based on extract, transform, and load (ETL)

• Enables integration with any resourceful
• Eliminates the need to write connectors to applications

• Ensures ability to access entitlement data
• Increases efficiency and cuts costs by reducing time to load data by 70%