How to identify possible threats in the access control system using Control Compliance Suite (CCS).
Last Updated February 02, 2015
In a typical environment, IT compliance is confined to configuration management, the firewall, the antivirus systems, and the vulnerability assessment. However, there is a difference between managing security configurations and vulnerabilities and managing access controls and data entitlements. Incidents can occur when a valid user can have access to the data that the user should not access.
Control Compliance Suite facilitates the monitoring of access rights in the organization. The Control Compliance Suite identifies false entitlements. The Entitlements view in the Control Compliance Suite lets you define the data a user is entitled to access. The Entitlements view also monitors whether the system adheres to the defined access controls.
Before you begin to monitor the entitlements of the control points, it is recommended that you review the basic concepts in entitlements management.
Steps to identify threats in the access control system:
Locate the potential control points in the asset system
Mark the assets as control points
Create Review Cycle Settings
Configure the control points
Monitor the control point status throughout the review cycle
Generate entitlements report
Imported Document ID: HOWTO60741
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe