1. G+H SoftwareSolutions Oktober 2012
Software to control and display access rights within the companny
www.daccord.de/en
Sabrina Weimer & Sebastian Kornblueh
s.weimer@netzwerk-design.de, s.kornblueh@netzwerk-design.de
3. G+H SoftwareSolutions Oktober 2012
G+H Netzwerk-Design – Product Solution Areas
• Infrastructure Solutions
• Identity and Access Solutions
• Web Solutions
• Product Development
• Comprehensive Support
3
4. G+H SoftwareSolutions
Which challenges does a company face on a regular
basis?
How can daccord help you finding a solution?
4
5. G+H SoftwareSolutions
daccord in your company
Challenges Your advantages with daccord
• Often, there is no overview of • Transparent right structures
„Which user is authorized to minimize risks
access which system?“
• Access rights concepts are often • Role-based access control is preset
missing or are not maintained
• Access rights violations often • Rights violations are automatically
occur unnoticed displayed
• Identity processes are missing; • Documentation of the process for
i.e. which natural person is granting of rights for every natural
behind the user person
• Recertification processes are • RightsManagers are responsible
often not in place, since for access rights and conduct
responsibilities are unknown recertification
5
5
6. G+H SoftwareSolutions
daccord in your company
Challenges Your advantages with daccord
• No clarity when it comes to • Compliance with statutory
statutory regulations requiring requirements
knowledge about access rights
• Is the segregation of duties (SoD) • Observance of segregation of
observed? duties (SoD) is controlled
• Conducting of rights analyses are • Rights analyses can be done at
labor- and cost-intensive the push of a button, on a long-
term basis and in a structured
way
6
10. G+H SoftwareSolutions
daccord Components - Collector Engine
The Collector Engine…
• … transfers all relevant data (users, rights, assignment of rights) into the
central daccord system via an arbitrary number of connectors from the target
systems
• … analyzes and stores data and respective changes (comparison of
descrepancies)
• … converts different data into information that can be analyzed
• … connects users and rights with the natural person
10
10
11. G+H SoftwareSolutions
daccord Components - Collector Engine
Currently available connectors
• Microsoft Active Directory Connector
• Novell eDirectory Connector
• CSV Connector
• JDBC Connector
• Oracle JDBC Connector
• FLT (Fixed Length, Mainframe) Connector
• XML Connector
• Novell OES Filesystem Connector
• S2S Connector
• Microsoft NTFS Connector
• Novell Vibe Connector
Connectors to be available on short notice
• SalesForce Connector
• Typo3 Connector
11
11
12. G+H SoftwareSolutions
daccord Components - Collector Engine
Currently available connectors
• Novell eDirectory Connector
• Novell OES Filesystem Connector
• Novell Vibe Connector
• Microsoft Active Directory Connector
• CSV Connector
• JDBC Connector
• Oracle JDBC Connector
• FLT (Fixed Length, Mainframe) Connector
• XML Connector
• S2S Connector
• Microsoft NTFS Connector
Connectors to be available on short notice
• SalesForce Connector
• Typo3 Connector
12
12
13. G+H SoftwareSolutions
daccord Components – Notification Engine
The Notification Engine…
• … conducts an automated review and monitoring of granted access rights
• … notifies the responsible RightsManager in case of a rights violation
• … sends scheduled or manually generated notifications to predetermned
persons; the corresponding rights report is either sent directly as within an
email or as an attachment
13
13
14. G+H SoftwareSolutions
daccord Components – Notification Engine
Examples:
• Department heads receive a report on a monthly basis displaying all access
rights of their employees
• Should a date of separation from the company not be identifierd for external
staff, instructions (What to do?) and a report about these identified external
employees can be attached
• Sustainable archiving of information in regards to users with access rights
14
15. G+H SoftwareSolutions
daccord Components – User Frontend
• Web-based frontend for the structured display of rights information for end
users
• User is PersonManager (supervisor hierarchy): displays all users and their
access rights in the systems who are assigned to the PersonManager
• User is RightsManager (responsible for access rights): displays all rights
and their users who are assigned to the RightsManager
• Displays own assigned roles
• Display in proxy mode possible
15
15
16. G+H SoftwareSolutions
daccord Components – Admin Frontend
• Web-based frontend for administrating all components
• Monitoring all functions
• Analyzing of errors and issues
• Administrating the daccord data
• Administrating of roles
16
16
17. G+H SoftwareSolutions
Security and transparency when it comes to controlling
identity and access rights?
… No problem with daccord!
www.daccord.de/en
17
17