Loading
Access Manager
  • Solution
    • Join the orange side of life – Solution
      • Freedom for IT-Administrators
      • Permanent compliance with Data Protection Provisions
      • Greater Efficiency in IT Infrastructure
      • Who, What, How? Auditors Review Your Permission Situation
      • It’s all about the money!
    • Explore the Orange Side of Life
      • Ondal Medical Systems GmbH – Time and Cost Savings
      • ETECTURE GmbH – Higher Transparency in Access Management
      • University of Leipzig Medical Center – no Chance for Hackers
      • University Hospital Tübingen – Password Resets 24/7
      • Federal City of Bonn – efficient user account management
      • City of Cologne – optimised user management
      • Paris Lodron University Salzburg – Information security for thousands of users
      • Reiser Simulation and Training GmbH – efficient access management
      • Oberaigner Group – Access Rights Management and Documentation at the Push of a Button
      • Jörg Vogelsang GmbH & Co. KG – Self Service Access Management
      • Stadtwerke Wolfenbüttel GmbH – no longer an authorisation jungle
  • Modules & Features
    • Modules
      • Fileserver Management
      • SharePoint Management
      • 3rd Party Management
      • Fileserver Accounting
      • REST API
      • Password Reset
      • Identity Management
      • Easy Desktop
      • NTFS Permission Analyzer
    • Features
      • Automated Access Management
      • Autocorrect of Permissions
      • Self Service for End Users
      • Profile Management
      • Reapproval Process
      • GDPR Compliant
      • Transparency by Reporting
      • User Provisioning
      • Audit-proof Documentation
  • Services
    • Services
      • Individual Services
      • Permission Audit
      • Starter Package for Automated Access Management
      • Premium-Support
      • Licensing Model
      • System Requirements
    • Contact Us
      • Get your Trial
      • Request your Product Presentation
  • Company
    • BAYOOSOFT
      • About us
      • We think proactively
    • Get Our Partners
      • Get to know our Partners
      • Become a Partner
  • Events
  • TRIAL
  • Customer Center
  • Search
  • Menu Menu

The hidden danger of manual authorization assignments

Fast, unbureaucratic and uncomplicated – this is how the assignment of rights in the system seems to proceed when it is carried out manually by administrators. It is obvious that this makes it difficult to implement the need-to-know principle. In practice, however, more and more extensive authorizations accumulate over time, and not all of them are needed. But that is not all. In addition to the effort involved in manual administration and the historically grown authorizations, there is another problem: undocumented AD groups created by hackers.

This is exactly where Access Manager steps in and offers a way to put a stop to growing permissions and malicious AD groups through automatic SET-ACTUAL matching. We will explain why it is not enough to manually document changes and remove them yourself.

Security gaps due to manual authorization assignments

In recent Exchange hacker attacks, one of the attack tactics is often the creation of new AD groups that gain access to the file servers. This gives hackers access to secret elements. Especially the manual assignment of permissions makes it difficult for an admin to recognize which changes were made from the outside and which from the inside. Accordingly, it can take a long time to identify which groups belong to the “bad guys”. Valuable time is wasted in this process, during which vast amounts of sensitive data can be tapped. Another countermeasure would of course be to temporarily paralyze everything, but the disadvantages of such an action should be obvious. And after these measures, in the end it is still not clear from where exactly the rights and groups came and who inserted them. This means that effectively closing the security gap in order to prevent future attacks in the long term will be costly and complicated.

How the Access Manager works

With the Access Manager, this vulnerability is eliminated. The automatic SET-ACTUAL comparison detects AD groups and not only deletes them directly, but also creates detailed documentation. This makes AD groups easily traceable and closes security gaps. This effectively prevents further damage.

Access Manager positions itself as the primary data source of the authorization system. All changes that have been stored in the Access Manager and set by means of a workflow are finally implemented in the system. All other AD groups and permissions are removed, extensively audited, and can be thoroughly investigated and tracked with comprehensive reports, even after the fact.

Flexibility despite security

However, if you wish to set up access rights directly, this is possible. Portals for administrators and direct authorization assignments are also available within the Access Manager. The TARGET-ACTUAL comparison can be triggered here immediately and the desired right can be implemented in the system immediately – as a primary data source, traceable and secure.

What are AD groups?

Active Directory groups are used to collect user accounts, computer accounts, and other groups into manageable units. Working with groups instead of individual users simplifies network maintenance and management.

Learn more now

To learn more about the TARGET-ACTUAL comparison and the advantages of the Access Manager, we cordially invite you to an individual product presentation. Simply fill out the form below.

Arrange individual product presentation now
Folgen Sie uns schon?
  • Share on Facebook
  • Share on WhatsApp
  • Share on LinkedIn
  • Share by Mail

Interesting links

Here are some interesting links for you! Enjoy your stay :)

Pages

  • Access Manager auf dem Bechtle IT-Forum Rhein Main Neckar
  • Automate Access Management Successfully
  • Automate your Access & Identity Journey
  • BAYOOSOFT
  • BAYOOSOFT Berechtigungsaudit (EN)
  • Blog
  • Calendar 2020
  • Connector Matrix42
  • Contact support
  • Customer Center AM & AMPR
  • Customer Center AM Member
  • Customer Center AMPR Member
  • Customer Voices
  • Data Protection Compliance
  • Digital Flyer
  • Edit profile
  • Events
  • Exklusives Wechselangebot für 8MAN Kunden
  • Exklusives Wechselangebot für 8MAN Partner
  • Explore the Orange Side of Life
  • Features
  • Forum
  • Home
  • Interface documentation
  • Join the orange side of life
  • Legal
  • Login
  • Modules
  • Modules & Features
  • Newsletter Unsubscribe
  • NTFS Permission Analyzer
  • Password Reset
  • Password Reset Webinar 08th Dezember 2020
  • Privacy & Compliance
  • Privacy Policy
  • Privacy policy
  • Product Presentation Inquiry
  • Reset password
  • Sensitive data with peace of mind
  • Services
  • SharePoint Management
  • The Access Manager at the secIT 2021
  • The BAYOOSOFT Access Manager – Your way out of the KRITIS crux
  • TRIAL request
  • Upcoming events
  • Whitepaper: Managing authorisations securely and sustainably – Best Practice

Categories

  • Editorial
  • Events
  • General
  • News
  • Releases
  • Whitepaper
  • Privacy Policy
  • Legal
BAYOOSOFT Access Manager @T4MIT Security Act 2.0
Scroll to top