Role Assignment

Overview

Assign Users to Roles in a Policy-Controlled Environment
By leveraging the integration between IdentityIQ and provisioning solutions, organizations benefit from improved consistency of granting user entitlements to critical IT resources and streamline their overall compliance and identity governance efforts. This approach enables organizations to build compliance into the provisioning process by applying centralized business policy to new user role assignments and changes.

Capabilities

• Flexible Role Assignment – IdentityIQ role assignments can be rule-based or they can be directly assigned to users with IdentityIQ's Access Request Manager.
• Provisioning Integration – Role Manager translates business roles into detailed entitlement level changes and communicates them to provisioning systems, help desk solutions, and other change management systems.
• SoD Policy Checking – Before assigning a new role, IdentityIQ performs separation-of-duty (SoD) policy checks to prevent the introduction of violations into the production environment. Policy checks for new user role assignments and changes build compliance directly into the provisioning process.
• Change Auditing – For closed-loop audit control, IdentityIQ verifies that any role or entitlement changes sent to provisioning are implemented within an appropriate time frame.

Features

• Flexible Role Assignment – Allows role assignments to be rule-based or directly assigned by the Access Request Manager
• Provisioning Integration – Integrates seamlessly with user provisioning systems for role assignment using open industry-standards
• SoD Policy Checking – Proactively checks SoD policies before making user role assignments to ensure compliant provisioning
• Closed-Loop Change Auditing – Verifies that any role or entitlement changes sent to provisioning are implemented in a timely manner

Resources

• SailPoint IdentityIQ Product Overview – A high-level introduction to SailPoint IdentityIQ, an innovative identity governance solution that delivers risk-aware compliance management, adaptive role management, access request management and identity intelligence.
• IdentityIQ Role Manager Data Sheet – Offers a complete view into the benefits, key capabilities and features supported by the role management component of SailPoint IdentityIQ including role creation, role lifecycle management and role assignment.
• Viewpoints: Role Management and Risk – This educational paper reviews how effective role management can provide the business context necessary for non-technical personnel to oversee and verify user access policy. It reviews three ways that role management helps organizations to manage information security risk and ultimately corporate risk.
• Best Practices: Practical Role Management – This paper identifies common pitfalls on the road to role management and which best practices can pave the way to solving real business problems.
• Role of Roles in Compliance Podcast – Jackie Gilbert, VP of Marketing and Founder, interviews Darran Rolls, CTO for SailPoint, on the subject of role-based access control (RBAC), and its relevance to identity management and compliance projects. Darran tackles the controversial topic concerning the difference in roles for provisioning and roles for compliance and where they can, ultimately, come together.
• Why Enterprises Need More Roles – SailPoint speaks with Forrester Research Senior Analyst, Andras Cser, to discuss the growing importance of enterprise role management. Cser, a leading expert on identity management, explains why role management is becoming increasingly strategic to organizations as business users become more involved in identity governance, particularly during the recent economic turmoil. He also provides recommendations for companies considering an enterprise role management project.

Demo