New Brainwave GRC video on our Youtube channel!
Security and sensitivity of Active Directory for organizations
Lots of data extractors are already available on the Brainwave GRC Marketplace, allowing you to automate your data extractions and save significant time and efforts! By doing so, you can easily increase the frequency of your audits and analyses throughout the year, be more proactive and efficient and mitigate your security risks.
Data extractors for systems such as FTP and SFTP add-ons allow you to extract data from distant servers. Also, all the extractors for the Miscrosoft suite are available on the Marketplace for download: SQL servers, Active Directory, Shared folders, Exchange and Sharepoint.
You will also find an LDAP add-on, allowing you to extract data from any directory.
You can also automate easily extraction from cloud applications using the JSON REST add-on for applications that publish data on the web using JSON/REST, but also OKTA add-on for cloud applications using OKTA technologies.
If you use Forgerock OpenIDM for your identity provisioning projects, download the related extractor add-on.
You will also fin specific data extractors available for cloud applications – in the Google Drive booster for example – to highlight security risks regarding Google drive data.
By doing so, you are able to automate from end-to-end the generation of reports and dashboards, but also review campaigns’ execution, whatever the systems and applications are.
These extractors are already available on the Brainwave GRC marketplace and can be installed in just a few clicks.
With the spread of digital technology projects in your company, the number of repositories and applications are increasing more and more. This results in an often very high number of accounts and groups, difficult to govern for security and compliance requirements.
In this context, it is important to keep in mind that accounts repositories play a central role for your company and provide the access to your sensitive assets. In consequence, the key point is to implement efficient audit processes to check that your security policies are well implemented, through strong enough control plans for instance.
But this is only a start. Repositories owners need to check and approve the status of the different accounts that are in their responsabilities’ realm. Are there any acccounts to disable, remove or modify?
Due to the volume of data that organization deal with and the constant evolution of these repositories, the important question now is: how can we implement an efficient account review campaign?
Brainwave GRC provides an add-on enabling organizations to orchestrate accounts reviews per repository. This add-on is available on the Marketplace platform.
This add-on enables you to limit the account reviews to accounts which aren’t in compliance security rules. In consequence, significant time is saved during the review process, all the while saving your account from being compromised. During the account review process, technical and business owners automatically receive email notifications and are able to highlight easily accounts that need to be disabled, removed or modified. This Brainwave GRC add-on provides a decision making aid, such as contextual and HR details regarding the account owner (job title, organization, departure date, etc.)
With this add-on, it is also possible to interface review results with ITSM tools such as ServiceNow in order to automate the remediation tasks. The ServiceNow add-on is also available on the Brainwave GRC Marketplace platform.