Flexible Control of User Authorities
iSecurity Authority on Demand simplifies the process of granting special authorities when necessary, and incorporates easy-to-use reporting and monitoring mechanisms to ensure that this extremely sensitive and potentially dangerous capability is not misused. It also enables recovery from different types of emergency situations with minimum chances for human error.
One of system administrators’ greater challenges is to reduce authorities while still allowing the organization to function properly. However, permissions are generally granted on a permanent basis. This means that people receive full authorities even if they use them rarely. Because of this, too many people have too much authority – a potentially dangerous situation which could lead to security breaches.
Authority on Demand (AOD) is a unique product for controlling user permissions while flexibly responding to emergency security needs of an organization. AOD can provide temporary authorities to a user when needed, while fully monitoring the user’s activity when the authorities are active.
AOD reduces the number of profiles with high authorities, while enabling relevant personnel to easily obtain access to processes and business-critical information when needed.
AOD uses advanced logging and reporting facilities to provide internal and external auditors with complete audit trails including actual user screenshots and lists of user activities while running with higher authority. All these capabilities enable AOD to save valuable time and resources.
- Easy to Use – AOD simplifies the process of granting special authorities when necessary, and incorporates advanced reporting and monitoring mechanisms.
- Add/Swap Security Levels (unique feature) – AOD can grant an alternative authority level or add additional security rights to an existing user profile.
- Fully Monitored Temporary Permissions – AOD provides temporary authority, then prints the system audit log (QAUDJRN), and captures user screen images while the temporary authority is valid.
- Authority Transfer Rules & Providers – AOD enables pre-defining special authority “providers” and special authority transfer rules such as time-limited authority transfers and optional PIN codes.
- Safe Recovery from Emergency – AOD enables recovering from different types of emergency situations with minimum risk of human error.
- Extensive Monitoring – AOD logs and monitors relevant activities, producing regular audit reports and real-time e-mail, SMS or SYSLOG alerts when higher authority is requested.
- Controlled Access – AOD allows only relevant personnel to access critical data and processes.
- Multiple Reports – AOD creates reports by time, time range, the user who requested authority (requester), the user who provided authority (provider), operation type, job name (workstation), time groups and more.
- Three levels of product usage: Full, Auditor (read-only) and Emergency.