Probably the single biggest problem with enterprise rights management is figuring out on a daily basis which employees should have permission to access what applications. The end result all too often is an IT department that becomes overloaded by requests for access permissions to hundreds of applications and files.
But deciding which employee has the right to access any given application or data is really a business issue. So with the release of version 4.0 of its namesake access governance application, Aveksa is giving control over application and data access back to the business side where it belongs.
Aveksa 4.0 is an enterprise rights management application designed to let business users give individuals access to data and applications based on their names or roles in the company. The software includes a workflow engine that then automates all processes of registering users with the application the business side has determined that the person needs to access. Here a look at the interface:
According to Aveksa officials, this eliminates the requirement for business people to learn the usual IT syntax and jargon usually associated with identity management. In addition, the Aveksa software can also identify orphan accounts that all too often become vehicles through which hackers find their way into sensitive applications.
In general, as an application Aveksa represents an example of a growing movement with the security community that sees data management, and in particular rights management access, as business issue rather than an IT issue because the IT department's responsibility ends with providing business users with a set of tools to securely manage the overall process.
The three core components of Aveksa 4.0 are modules that identify and manage roles, another module that manages the compliance process, and finally a module that manages access request and changes.