Increasingly stringent regulatory compliance and corporate security objectives are challenging companies to assess, document, review and certify identity and entitlement rights across the enterprise. Traditional siloed and manual approaches have proven to be costly, error-prone and difficult to scale.

UpperVision Identity Inspector is a comprehensive software solution that automates the complete identity compliance lifecycle through a continuous process of identity audit, exception management, user activity analysis and entitlement certification. Identity Inspector manages critical identity compliance processes and provides evidence ensuring companies meet regulatory mandates concerning integrity and privacy of financial and personal data such as SOX and PCI.

UpperVision continuously audits both static identity configuration information and dynamic user activities across your enterprise, down to the file system level, providing you with a multi-dimensional view of compliance. Potential and actual risks are quickly spotted and reported, providing your IT department with comprehensive control of network security.

Additionally, UpperVision Identity Inspector is an agent-less platform, meaning no time-consuming and costly network or software integration. You can achieve compliance easily now, not months or years away.

The followings are the major components in UpperVision Identity Inspector:

Access Certification

Automate identity and entitlement review and provide an audit trail of evidence required by government regulators and auditors.

Identity and role mining

Analyze identity, role, entitlement and user activity data interactively for compliance and risk analysis.

Policy Compliance

Collect identity data and compare, monitor and reconcile identities and entitlements against policy.

User Activity Monitor

Monitor what users are doing and receive actionable reports on high-risk activities.

Exception Management

Ensure all exceptions are reported, reviewed, documented and handled appropriately.

Risk analytics

Receive actionable insight into the compliance process, pinpointing high-risk users, applications and systems across the enterprise.

UpperVision's access certification capabilities automate periodic identity and entitlement review down to a fine-grained authorization level by managers and line of business owners. Through policy-based attestation, reviewers can focus on exceptions to user access policy rather than on users as a whole, with changes in identity since the previous certification flagged for attention. During the certification process, access rights can be approved, declined or accepted as known risks and documented for future review. Ensuring easy compliance, all actions are logged in an audit trail for evidentiary purposes.

You can easily set deadlines and ensure certifications not acted upon by the deadline are escalated automatically. Using Identity Inspector, managers and compliance officers have a single place to view overall certification status.

Identity Inspector enables security officers, auditors and IT management to perform analytics of user identity, roles, entitlement and activity from a single console for compliance, risk assessment and forensic investigation. Given a first name, last name or username and a time period, Identity Inspector can interactively show an individual's user account, role membership, object privileges, and activity across all systems in the enterprise, past or present.

UpperVision Identity Inspector allows you to audit identities and user entitlement rights throughout the entire enterprise against corporate policy. Changes to identities and authorization are continuously monitored to detect unauthorized changes. UpperVision's out-of-the-box compliance reports allow you to quickly pinpoint terminated, inactive, orphaned, and expired user accounts for cleanup, and detects segregation of duties violations across multiple system silos.

UpperVision Identity Inspector collects identities and access rights without use of agents, allowing you to leverage your existing infrastructure and making deployment across the enterprise easy and painless. Identity collection and reporting can be scheduled at periodic intervals. Managers, business line owners, IT administrators and auditors have the choice of receiving audit results via email or viewing the reports online.

Samples of out-of-the-box compliance reports:

• Terminated users not removed
• Inactive/dormant users
• Expiring accounts
• Orphan accounts
• Segregation of Duties
• Privileged users
• Privileged user changes
• Identity store differences
• Approved users not provisioned
• Users outside of approved list
• Identity detail
• Identity delta

User Activity Monitoring enables Security Officers, Auditors and IT Management to maintain oversight of what people are doing on critical systems and alert you to any potential or actual threats. User activity monitoring works in conjunction with the identity data mining to perform analytics on user activity for risk assessment and investigation, all from a single console.

UpperVision provides exception management by continuously comparing identity and user entitlement rights against compliance policy, and flagging policy violations as identity exceptions. Exceptions can be prioritized and assigned for action, and deadlines can be set for handling these exceptions. Any exceptions not acted upon by the set deadlines are automatically escalated to the appropriate recipients for each level. Exceptions to policy can also be documented and accepted as known risks if appropriate. All actions taken are automatically logged in audit trail, providing evidence of control for government regulators and auditors.

Managers, business line owners, IT administrators and auditors can choose to receive exception reports via email or view the exception summary and detail online.

Identity Inspector allows you to go beyond just compliance audit and reporting, giving you the ability to remediate policy violations. Remediation workflow can be invoked from Identity Inspector to de-provision identities and access rights that do not comply with corporate policy, and Identity Inspector easily integrates with the leading provisioning and trouble-ticketing systems.

Through risk analytics, Security Officers, Auditors and IT Management have instant visibility into overall identity compliance and risk issues. Managers can easily see the status of identity exceptions and identity risk in easily understood charts and graphs.

UpperVision Identity Inspector can highlight the top ten high-risk users, top ten high-risk applications, the top ten identity exceptions requiring immediate action, etc., and show the breakdown of exceptions by status and severity.

Uppervision’s agent free identity collector virtually support all platforms in your organization and as well as agility for ease of future software upgrades.