Novell has announced a set of IT software products designed to manage and enforce policies governing the way users access corporate data. The Novell Access Governance Suite delivers visibility, simplicity and accuracy to the complex process of defining and managing user access. As a result, organizations can automate their certification process and make business managers accountable for meeting their compliance requirements.
Organizations are faced with managing thousands of identities for employees, partners and customers. Additionally, compliance requirements continue to add more layers of complexity, making it difficult for IT security professionals to manage the entire process. Novell Access Governance Suite enables IT security professionals to share the responsibility and process for access management with the business line managers that have a better understanding of who should have access to what information.
The Novell Access Governance Suite augments Novell's compliance management solution portfolio to provide the a comprehensive system that manages the entire life cycle of user access from policy creation, to policy enforcement, helping organizations meet compliance requirements and mitigate risk.
"IT provides tools that enable governance activities," said Kevin Kampman, senior analyst at Burton Group. "However, IT departments are increasingly being asked to enact business polices and automate business processes of which they neither have knowledge of, nor control over. To close this divide, policy decisions and compliance monitoring must be pushed to the business owners. Identity management vendors have begun to address this issue through improved workflow, delegated-administration, self-service, and access attestation functionality."
The Novell Access Governance Suite consists of two products -- the Novell Roles Lifecycle Manager and the Novell Compliance Certification Manager. The suite bridges the gap between established security mandates and each customer's unique business requirements. Both products are based on an OEM relationship between Novell and Aveksa, an access governance software vendor. The suite enables:
- Visibility: Access data is collected, aggregated and normalized, providing a composite view of a user's access across the entire enterprise.
- Collaboration: Collaboration makes it possible to engage business unit managers to participate in role design and take ownership for managing roles over their lifecycle.
- Automation: Full automation for access review, certification, reporting, as well as access change management and access rights remediation.
- Accountability: Accountability for governing user access can be driven into the business, while the system of record provides a complete audit trail of which users have access, how they got it and who authorized it.