Behavior Driven Governance (BDG)
Using access insights in OneLogin to inform governance policy decisions in Identity Manager.
One Identity Manager 9.2
Behavior Driven Governance provides organizations continuous visibility into what access rights are being used, if any, and by whom.
Behavior Driven Governance enables organizations to easily enforce the principle of least privilege and reduce vulnerabilities, recertification fatigue and licensing costs associated with underutilized resources. In addition, Behavior Driven Governance assists administrators and application owners with notifications and actions related to entitlements that are rarely or never used. This out of the box feature strengthens security and compliance adherence and reduces administrative workload and costs. Behavior Driven Governance allows you to:
- Use access insights in OneLogin to inform governance policy decisions in Identity Manager
- Analyze access frequency and user location taken from OneLogin and use them to automatically determine access rights & entitlements in Identity Manager via policy
- Recommend removal of unused entitlements to reduce vulnerabilities
One Identity Manager evaluates event data, including application access frequency. It correlates any associated accounts and entitlements and then, using an attestation, it provides the user's manager or responsible party the opportunity to revoke access that may be unnecessary due to lack of application use.
One Identity Manager 9.0
If you are using One Identity Manager 9.0, you will require a Solution Accelerator, accessible via GitHub, to enable Behavior Driven Governance.
Top level benefits:
- Full visibility into which entitlements are being used and how they are being used
- Ability to recommend removal of unused entitlements to reduce vulnerabilities
- Governance and reduced risk by revoking standing privilege
- Better application management, cost controls and usage monitoring
Bridge the gap to comprehensive coverage with Identity Governance
Reduce risk and satisfy compliance requirements through governance, secure user access to data and enterprise applications, and unification of security information and policies from multiple sources.
One Identity Manager:
- Provides a single platform for user, data, and privileged account governance
- Secures user access and automated provisioning to any target on-premises or in the cloud, reducing risks and minimizing gaps in governance coverage
- Unifies policies and streamlines application-access decisions
Elevate the security of your business with a multi-layer protection approach
Multi-factor authentication (MFA) strengthens your defenses against unauthorized users, using independent authentication factors to verify a user's identity prior to granting access. OneLogin MFA:
- Safeguards user credentials against phishing and social engineering attacks, thwarting malicious actors' attempts to impersonate legitimate users
- Improves user experience with a frictionless and user-friendly authentication process
- Ensures compliance with industry regulations that demand stringent security requirements