Roles are a powerful and proven way to reduce the complexity of managing many user permissions. By creating collections of permissions that reflect a business' real organization and business processes, roles streamline access management and improve transparency.

Role Engineering and Role Mining

IDEAS provides sophisticated graphical tools to build an optimum set of business roles for managing user permissions. Cutting-edge role-mining algorithms automatically identify business-relevant roles among existing application permissions.

Role Life-Cycle Management

Once a role is identified, it begins its role life-cycle. A role owner is nominated to be responsible for the role. Role policies are defined, such as role visibility - in which parts of the organization the role is available, how often the role must be reviewed, if the role may be delegated, etc. Over the course of its life, a role may be assigned to certain users, reviewed, modified, approved, replaced and retired. IDEAS directly supports this process.

Benefits:

• Reduce the complexity and cost of user permissions management
• Increase transparency of user permissions for business owners
• Assign users the exact permissions required for their jobs - no more, no less
• Use automatic role mining to derive business-relevant roles from existing application permissions

Related Products:

• Access Analytics