Problem
Certifications play an important role in any access governance program. Almost any regulatory framework organizations will have to comply with will require some form of access review, approval and / or certification.
During these certifications, reviewers are required to go over large numbers of access rights to review, and make a governance decision to approve or reject. In an attempt to provide more contextual information to make these decisions more informed, we add various data elements and attributes which can overwhelm reviewers. Mostly arranged in a tabular form, these reviews can often exhaust reviewers after a while, which leads them to just bulk approve access. This syndrome, known as “Certification fatigue”, can often lead to “rubber-stamping” - which in turn exposes organizations to risk of data breaches or leakage due or over-provisioning, over-privileged access, and lingering permissions.
Proposed Solution
In most cases, the majority of access decisions can be resolved quickly, and the same decision to approve or reject access, can be applied to a large subset of the access items or identities. Simply put, most access is clearly acceptable or clearly unacceptable. The minority of cases are border-line cases that need careful examination to make the right determination. These are the cases the reviewer need to spend their time and focus their attention on - while they can easily reject or approve much of the other access, based on basic rough criteria.
Instead of simply relying on tabular representation, we want to allow reviewers to visually group reviewed access items by common attributes - such as data locations, permission types, department, Job / Role , and other identity attribute to make access decision on the entire group. For example, group access by permission type, and make a decision to approve or reject access to all identities with that permission type (ie. no one should have full-control access to these data assets)
Interested??
We’d love to hear from you! Feel free to use my Calendly link to schedule some time to chat!
Don’t have to talk in person? No problem! We’d love for you to fill out this 5 minute survey here!