Authored by Cameron Wilson, Product Marketing Manager
Whenever you hear the term “In case of emergency, break glass,” it’s often a fire hose or a crisis communications professional that comes to mind. However, in the realm of IT, it means providing temporary, elevated access to employees for a certain period. But this is almost easier said than done. Why?
Enterprise Resource Planning (ERP) systems are complicated and prone to break down. Having your ERP processes offline can wreak havoc on your business with financial losses that can pile up quickly, sometimes in the hundreds of thousands of dollars. During these events, everyone’s priority is getting systems operational again, but if you allow unmonitored super-user access, that could result in SOX (Sarbanes Oxley) deficiencies during audit time. At that point, there may be no way to prove to auditors that unsavory activities didn’t occur while IT was fixing the problem, and substantial penalties can result. Having emergency access control in place can dramatically reduce the chances of such issues arising.
Because of its critical nature, it is not only essential to be able to grant access quickly and efficiently, but it is just as essential to remove it after the period elapses. In this case, especially, automation is vital. Automation keeps the wheels of business turning even in times of emergency, and our updates to Access Risk Management and the Emergency Access Management (EAM) feature are designed to do just that.
Within Access Risk Management, EAM provides a rapidly configured, SOX-compliant out-of-the-box workflow process to manage temporary elevated access. It gives security and risk owners the ability to control the granting, monitoring, and activity review of temporary elevated access to users in a compliant manner without exposing the company to audit or compliance concerns. This allows organizations to automate and track the process at each step – from requesting access, approving, and provisioning access; to the automatic revocation of access when the request period has elapsed, and then through review and acceptance of both utilization and change logs made by requestors during elevated access.
Emergency Access Management enables organizations to:
- Streamline audit prep and ensure compliance with detailed tracking and automated report preparation of all elevated request periods
- Pre-authorize critical support personnel for emergency access profiles, streamlining the approval process while maintaining compliance around logging and review
- Approve requests on the go and automatically revoke elevated privileges once the access period is over
- Improve oversight and control for sensitive period-end-close activities
- Save time by performing and documenting their reviews through our user-friendly online dashboard
Emergency Access Management Enhancements
Today, we are announcing several significant improvements to EAM that provide organizations with an even more seamless experience.
- We have created an easier and expanded search functionality with faster navigation through an updated UI experience.
- Another time-saving enhancement is our “restart step” feature. Previously, if an admin made an error, they would have to open a support ticket and wait hours to days for the issue to be resolved. However, our new “restart step” feature allows admins to backtrack when something goes wrong, saving admins time and headaches.
- We have also added an updated online reviewer dashboard to help requestors, approvers, and reviewers stay in communication throughout the review process, with automated audit evidence capture and auditor-ready report preparation.
Emergency Access Management is typically utilized in response to a pressing business need. Our new and revamped version of this feature will ensure a continued high level of support for getting business done while simultaneously providing the highest level of control and compliance. This makes it a vital component of any ERP access control solution and is included in our Access Risk Management product.
Visit us here to learn more about Emergency Access Management and Access Risk Management.