This article can also be found in the Premium Editorial Download "Information Security magazine: How to stop data leakage."
Download it now to read this article plus other related content.
M-Tech Information Technology
Price: $20-$30 per user
|M-Tech's ID-Synch v4.0|
M-Tech's ID-Synch v4.0 provides easy-to-administer automated account provisioning across multiple platforms.
Manually managing user accounts in complex, heterogeneous environments is both a tremendous drain on IT resources and a significant security risk. In an era of regulatory pressure, the lack of firm, centralized control over access and authorization policies is an invitation for failed audits and government sanctions. "Ghost" accounts of terminated and transferred employees are a common and persistent security risk.
M-Tech has long been one of the leaders in this market, and ID-Synch v4.0 is a robust product for easily managing large numbers of users. It guides managers through an intuitive, clean and easy-to-navigate Web interface, with connectors for more than 70 different platforms including directory services such as LDAP, Active Directory, NT Domains, Novell eDirectory and NDS, and Kerberos. Also covered are major *nix and mainframe systems, and messaging systems such as MS Exchange, Lotus Domino/ Notes and Novell GroupWise.
ID-Synch uses these connectors to control user IDs and access for each of these applications, providing a flexible work flow model. For example, if a new employee or contractor is hired, the manager connects to the Web-based interface and enters information requesting new accounts for Active Directory and SAP access. This function is bidirectional--accounts can still be added traditionally through the application, and ID-Synch will discover them during scheduled searches. Admins are alerted about requests through e-mail and can either approve or deny them through the Web interface. Any event that would trigger an e-mail can also be configured to create tickets with any of 15 different help desk applications. This tool also gives current employees the ability to request additional access through a simple login.
Security is enhanced through ID-Synch's ability to enforce strong password policy across platforms. Initial passwords can have a long list of required attributes, such as minimum alphanumeric characters, non-alphanumeric characters and alternating case. Passwords can even be auto-generated to accelerate the process.
This was first published in January 2006