Because Active Directory Security Groups are commonly applied to multiple areas of an organization’s IT infrastructure (i.e. File Systems, SharePoint, Exchange, Applications, Databases, etc.), changing group memberships to add or remove user access in one location will in turn affect access to all other resources the group is applied to as well. As a result, simply injecting access entitlements into IAM solutions as-is can actually make matters worse by either revoking legitimate access or inappropriately provisioning more access than is necessary. STEALTHbits’ ability to situate the proper access model for unstructured data prior to IAM integration provides both the means to achieve and sustain control over unstructured data – a major win for regulated organizations and those seeking greater security over data that is under tremendous scrutiny and perpetual attack.
Jonathan Sander, Strategy & Research Officer, STEALTHbits Technologies: “We see Identity Access Management and Identity Governance programs as one of the key drivers for both Data Access Governance and Active Directory clean up. That’s being echoed by our customers and our many partners in the IAM ecosystem.”
“In the years ahead, unstructured and semistructured data access governance will represent a differentiating capability for IGA solutions in IAM markets.” EMC Gains Needed Identity Governance, Administration and Analytics With Aveksa Acquisition, 19 August 2013, Earl Perkins.