Firefighter Capabilities for SuccessFactors
Privileged Access Management and Firefighting for SuccessFactors
Privileged Access Management and Firefighting capabilities such as compliant emergency access and support are now available for SuccessFactors with Greenlight ResQ for SuccessFactors. This solution provides end-to-end access lifecycle management for super users including access request, approval, credentialing, and activity auditing for chosen business applications.
Fast and Compliant Emergency Access
Numerous situations arise where an organizations needs to grant “super-user” access to employees under unusual circumstances. These are instances of “exceptional access” that fall outside the user’s typical job role or responsibilities and will typically create access policy violations that need to be highly supervised. Despite the need, access privileges that create risks, such as segregation of duties conflicts, need to be mitigated and requires the maintenance of an audit log of all super-user access activities in order to satisfy regulatory compliance requirements.
Monitoring Super Users
ResQ for SuccessFactors provides end-to-end access lifecycle management for super users using a closed-loop process for request, approval, credentialing, activity monitoring and auditing within business systems.
Privileged Access Management and Firefighting for SuccessFactors Use Cases
Emergency Access Management:
- Consistent and compliant process for granting emergency super-user access to business applications
- Monitor all user activities & provides a complete audit trail of all change actions within the application
Segregation of Duties:
- Real-time integration engine for access risk monitoring and insight analysis
- Visibility to user access across the enterprise
- Consistent approach for applying controls across applications
- Integration platform includes logic and rules that provides an enterprise-wide view of access risk
User Access Management:
- Connect to business systems and supports operations
- Risk analysis simulation capabilities while provisioning access to target systems
- Addition or removal of users from SuccessFactors Dynamic Groups
- User Access Review / Certification
Comprehensive Privileged Access Management and Firefighting for SuccessFactors
Greenlight ResQ offers an efficient, consistent, structured and compliant process for granting temporary, highly privileged access. It provides a well-controlled environment for providing emergency or highly sensitive access that is performed either on an ad hoc basis by IT personnel or by business users, or scheduled activities that need to be restricted within a production system.
The solution enables temporary users to perform emergency activities outside the parameters of their normal role, within a fully auditable environment. Users are granted access via temporary ResQ IDs or by emergency access provisioning roles set up in Greenlight ResQ.
Once the ResQ IDs are in use, management or IT security is notified and user activities, as well as changes within the system, are tracked providing management and auditors with a complete audit trail. It reduces risk by monitoring for deviations from carefully predefined access policy rules, which enables an organization to spot any misuse of temporary access privileges and immediately respond to these risks.
- Enable, automate, monitor & audit emergency & super-user access
- Streamline the access request & approval process
- Automate super-user credentialing & time based revocations
- Simplify audit preparation & reporting for exceptional access
- Notify, alerts, monitor & report on super-user usage & activity
- Ensure all activity is monitored, reviewed & signed-off
- Add Firefighting to SuccessFactors, Ariba, Workday, Salesforce and other cloud based or on-premise applications
- Consistent, compliant, secure process for controlling super-user access across multiple systems
- Fully documents reasons for exceptional access
- Independent system of record to prevent audit-trail manipulation
- Complete audit trail of all super-user activities with no performance impact or overhead to the target application
- A complete, centralized system that eliminates one-off provisioning
- Eliminates the use of shared system and database administration passwords in IT
- Strengthens compliance, reduces access risk as well as access administration and auditing costs