{"id":7863,"date":"2020-07-02T09:25:14","date_gmt":"2020-07-02T07:25:14","guid":{"rendered":"https:\/\/www.accessmanager.net\/?p=7863"},"modified":"2020-06-18T08:11:54","modified_gmt":"2020-06-18T06:11:54","slug":"identity-and-access-management-with-the-bayoosoft-access-manager","status":"publish","type":"post","link":"https:\/\/www.accessmanager.net\/en\/2020\/07\/02\/identity-and-access-management-with-the-bayoosoft-access-manager\/","title":{"rendered":"Identity and Access Management with the BAYOOSOFT Access Manager"},"content":{"rendered":"\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_hr-4474f20d2389e2e5ecf918a02da5132e\">\n#top .hr.hr-invisible.av-av_hr-4474f20d2389e2e5ecf918a02da5132e{\nheight:50px;\n}\n<\/style>\n<div  class='hr av-av_hr-4474f20d2389e2e5ecf918a02da5132e hr-invisible  avia-builder-el-0  el_before_av_heading  avia-builder-el-first '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div>\r\n\r\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_heading-527dcc812d1f7a633134d272a3871213\">\n#top .av-special-heading.av-av_heading-527dcc812d1f7a633134d272a3871213{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-av_heading-527dcc812d1f7a633134d272a3871213 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-av_heading-527dcc812d1f7a633134d272a3871213 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-av_heading-527dcc812d1f7a633134d272a3871213 av-special-heading-h1  avia-builder-el-1  el_after_av_hr  el_before_av_hr '><h1 class='av-special-heading-tag '  itemprop=\"headline\"  >Reduce internal Attack Vectors and protect sensitive Company Data<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div>\r\n\r\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_hr-fbebcb4fe7f7f93a621d8b6783460008\">\n#top .hr.hr-invisible.av-av_hr-fbebcb4fe7f7f93a621d8b6783460008{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-av_hr-fbebcb4fe7f7f93a621d8b6783460008 hr-invisible  avia-builder-el-2  el_after_av_heading  el_before_av_textblock '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div>\r\n\r\n<section  class='av_textblock_section av-av_textblock-2de302bf1aa3cf4c9157dbe6f50ac7eb '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>A study from 2017 found that around 40 percent of companies see external risks as the greatest challenge for their IT landscape. This is still an important aspect in 2020. Some time ago, an American pipeline operator was infected by a blackmail Trojan, so several of his plants had to be shut down for two days. Such attacks by ransomware are no longer a rarity. The protection of sensitive company data and the reduction of attack vectors are becoming increasingly important. In addition to these external risks, which are often known, internal risks represent a threat that is often still underestimated by companies. Missing information about data worthy of protection or a lack of transparency in data access can have serious consequences, as the shutdown of the complete IT infrastructure of the Justus Liebig University in Gie\u00dfen in January this year showed.<\/p>\n<p>In order to take into account the increasing importance of responsible handling of highly sensitive company and personal data, legal framework conditions such as the <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/features\/#gdpr\">General Data Protection Regulation<\/a>, BSI basic protection Privacy by Default &amp; Design or compliance with the need-to-know principle are required. According to this, users should only receive those access permissions that are absolutely necessary for their daily work.<\/p>\n<p><strong>Reduce internal Risks<\/strong><\/p>\n<p>The use of software solutions in the area of identity &amp; access management is highly recommended to minimize internal risks. These softwares deal with the protection of employees\u00b4 identity and their access rights within the company. Users usually have to authenticate and authorize themselves on several IT systems in order to gain access to the data relevant to them. However, managing this and documenting it in a permanently up-to-date manner is an enormous challenge, especially in larger organizations. Personnel and structural changes are often associated with a high manual effort in the IT department, since processes of <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/features\/#user\">user provisioning<\/a> and access permissions are often carried out manually, for example by assigning AD group memberships. Due to lack of time or higher prioritized tasks, the documentation of these changes is often neglected in practice. Over time, this increases the intransparency and, in combination with a constantly increasing number of access permissions per employee, it leads to an identity chaos. The extent to which rights once granted will still be needed in the future can usually only be determined with considerable effort and the compliance with the need-to-know principle can no longer be fully guaranteed.<\/p>\n<p><strong>Protect sensitive Company Data<\/strong><\/p>\n<p>At this point an automation of the identity and access management, as it is lived in the BAYOOSOFT solutions, contributes to the optimal protection of the highly sensitive company data. While the Identity &amp; Service Manager enables departments to independently initiate the management of digital identities in the classic company processes of entry, department change and departure of employees, the Access Manager provides an access management system that is easy for departments to understand. The Password Reset Manager rounds off the range of functions with efficient and help desk independent resetting of forgotten passwords.<\/p>\n<p><strong>Increase Efficiency<\/strong><\/p>\n<p>The central component of these Identity and Access Management solutions is the provision of controlled <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/features\/#selfservice\">self-service<\/a> functions. The knowledge of who needs which information, applications and systems for their daily work lies within the departments and therefore it should also be possible to regulate who is allowed to access what within them. In addition to requesting permissions, resources such as file servers, <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/modules\/#sharepoint_management\">SharePoint<\/a> sites or Exchange mailboxes can also be controlled. Approval procedures automatically involve the right parties. If this is additionally combined with an available role and <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/features\/#profiles\">profile management<\/a>, employees receive controlled access via the approval workflow immediately and without technical background knowledge. IT services are provided much faster and more securely, and avoiding unnecessary waiting times increase productivity throughout the organization, both in <a href=\"https:\/\/www.accessmanager.net\/en\/solution\/#freedom\">IT administration<\/a> and in business departments.<\/p>\n<p>However, the automation of identity and access assignments alone is not sufficient to guarantee the need-to-know principle. In addition to this pure implementation, it must also be ensured that the documentation corresponds to the actual state. For this purpose, the Access Manager establishes a permanent <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/features\/#monitoring\">autocorrection of access<\/a> permissions with the so called target-actual comparison, which ensures the intended implementation, automatically documents identified but undesired changes and resets them to the target state. If this guarantees correct implementation, functionalities such as the establishment of <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/features\/#reapproval\">recertification processes<\/a>, role assignment linked to SAP or other personnel systems, and mechanisms for the time-controlled removal of access permissions make it possible to contain the increase in access rights over time. This is the only way to ensure the company-wide implementation of the need-to-know principle. The transparency of the available identities reduces further risks, such as the danger of forgetting old service accounts, which could be used as a vulnerability for cyber attacks on eleven clinics in Rhineland-Palatinate in August 2019, for example.<\/p>\n<p><strong>Conclusion<\/strong><\/p>\n<p>In times of increased ransomware attacks it is especially important to protect sensitive company and personal data comprehensively. In addition to the usual consideration of external risks, internal weaknesses must also be minimized by means of suitable technical and organizational measures. Software solutions in the field of identity and access management make a decisive contribution to the protection of highly sensitive data. At this point BAYOOSOFT offers the proven solution portfolio for the automation of identity and access management processes. On the one hand, the Access Manager enables independent application and approval of access permissions around file servers, SharePoint and resources in third-party systems, completely without the IT administrators. The Identity &amp; Service Manager as a software solution for automated user and access management, supplements this with the aspects of User Provisioning or Privileged Account Management. Forgotten passwords can be easily recovered at any time of the day or night using the Password Reset Manager with several authentication methods. Thus, operational expenses can be reduced sustainably and at the same time information security can be increased by monitoring, auditing and transparent reporting for the data managers in their departments.<\/p>\n<h4>Would you like to learn more about the advantages of automated access management?<\/h4>\n<p>Make an appointment today for an individual product presentation or visit one of our regular webinars. Our access management experts will be happy to introduce the <a href=\"https:\/\/www.accessmanager.net\/en\/modules-features\/modules\/\">BAYOOSOFT Access Manager<\/a> to you personally:<\/p>\n<\/div><\/section>\r\n\r\n<section  class='av_textblock_section av-av_textblock-2de302bf1aa3cf4c9157dbe6f50ac7eb '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><div class=\"wpforms-container wpforms-container-full\" id=\"wpforms-7087\"><form id=\"wpforms-form-7087\" class=\"wpforms-validate wpforms-form wpforms-ajax-form\" data-formid=\"7087\" method=\"post\" enctype=\"multipart\/form-data\" action=\"\/en\/wp-json\/wp\/v2\/posts\/7863\" data-token=\"ef1c5eb9d4347dc0ce1aec6d8c4a25a3\" data-token-time=\"1776207817\"><noscript class=\"wpforms-error-noscript\">Please enable JavaScript in your browser to complete this form.<\/noscript><div class=\"wpforms-field-container\"><div id=\"wpforms-7087-field_1-container\" class=\"wpforms-field wpforms-field-text wpforms-one-half wpforms-first\" data-field-id=\"1\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_1\">Vorname <span class=\"wpforms-required-label\">*<\/span><\/label><input type=\"text\" id=\"wpforms-7087-field_1\" class=\"wpforms-field-large wpforms-field-required\" name=\"wpforms[fields][1]\" required><\/div><div id=\"wpforms-7087-field_2-container\" class=\"wpforms-field wpforms-field-text wpforms-one-half\" data-field-id=\"2\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_2\">Nachname <span class=\"wpforms-required-label\">*<\/span><\/label><input type=\"text\" id=\"wpforms-7087-field_2\" class=\"wpforms-field-large wpforms-field-required\" name=\"wpforms[fields][2]\" required><\/div><div id=\"wpforms-7087-field_3-container\" class=\"wpforms-field wpforms-field-text wpforms-one-half wpforms-first\" data-field-id=\"3\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_3\">Unternehmen <span class=\"wpforms-required-label\">*<\/span><\/label><input type=\"text\" id=\"wpforms-7087-field_3\" class=\"wpforms-field-large wpforms-field-required\" name=\"wpforms[fields][3]\" required><\/div><div id=\"wpforms-7087-field_4-container\" class=\"wpforms-field wpforms-field-text wpforms-one-half\" data-field-id=\"4\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_4\">Position<\/label><input type=\"text\" id=\"wpforms-7087-field_4\" class=\"wpforms-field-large\" name=\"wpforms[fields][4]\" ><\/div><div id=\"wpforms-7087-field_5-container\" class=\"wpforms-field wpforms-field-text wpforms-one-half wpforms-first\" data-field-id=\"5\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_5\">E-Mail <span class=\"wpforms-required-label\">*<\/span><\/label><input type=\"text\" id=\"wpforms-7087-field_5\" class=\"wpforms-field-large wpforms-field-required\" name=\"wpforms[fields][5]\" required><\/div><div id=\"wpforms-7087-field_7-container\" class=\"wpforms-field wpforms-field-text wpforms-one-half\" data-field-id=\"7\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_7\">Telefon <span class=\"wpforms-required-label\">*<\/span><\/label><input type=\"text\" id=\"wpforms-7087-field_7\" class=\"wpforms-field-large wpforms-field-required\" name=\"wpforms[fields][7]\" required><\/div><div id=\"wpforms-7087-field_9-container\" class=\"wpforms-field wpforms-field-select wpforms-field-select-style-classic\" data-field-id=\"9\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_9\">Bevorzugte Kontaktmethode<\/label><select id=\"wpforms-7087-field_9\" class=\"wpforms-field-large\" name=\"wpforms[fields][9]\"><option value=\"E-Mail\"  class=\"choice-2 depth-1\"  >E-Mail<\/option><option value=\"Telefon\"  class=\"choice-1 depth-1\"  >Telefon<\/option><\/select><\/div><div id=\"wpforms-7087-field_10-container\" class=\"wpforms-field wpforms-field-textarea\" data-field-id=\"10\"><label class=\"wpforms-field-label\" for=\"wpforms-7087-field_10\">Fragen oder Kommentare<\/label><textarea id=\"wpforms-7087-field_10\" class=\"wpforms-field-large\" name=\"wpforms[fields][10]\" ><\/textarea><\/div><div id=\"wpforms-7087-field_11-container\" class=\"wpforms-field wpforms-field-checkbox\" data-field-id=\"11\"><ul id=\"wpforms-7087-field_11\" class=\"wpforms-field-required\"><li class=\"choice-1 depth-1\"><input type=\"checkbox\" id=\"wpforms-7087-field_11_1\" name=\"wpforms[fields][11][]\" value=\"Hiermit best\u00e4tige ich, dass ich mit der Verarbeitung meiner Daten gem\u00e4\u00df der Datenschutzerkl\u00e4rung einverstanden bin. *\" required ><label class=\"wpforms-field-label-inline\" for=\"wpforms-7087-field_11_1\">Hiermit best\u00e4tige ich, dass ich mit der Verarbeitung meiner Daten gem\u00e4\u00df der Datenschutzerkl\u00e4rung einverstanden bin. *<\/label><\/li><\/ul><\/div><\/div><!-- .wpforms-field-container --><script type=\"text\/javascript\">\n(function ($) {\n    \/\/ fires when something is accepted in cookiebot\n    window.addEventListener('CookiebotOnAccept', function (e) {\n        \/\/ check if marketing cookies are excepted\n        \/\/ remove notice and enable submit button in that case\n        if (Cookiebot.consent.marketing) {\n            $('.missing-cookie-notice').hide();\n            $('.wpforms-submit').removeAttr('disabled');\n        }\n    }, false);\n    \n    \/\/ disable submit buttons and show cookie-notice if\n    \/\/ marketing cookies are disabled\n    if (!Cookiebot.consent.marketing) {\n        $('.missing-cookie-notice').show();\n        $('.wpforms-submit').attr('disabled', true);\n    }\n})(jQuery);\n<\/script>\n \n<div class=\"missing-cookie-notice\" style=\"display: none\">\n    Please accept marketing cookies to submit the form.<br \/>\n    Click <a href=\"javascript: Cookiebot.submitCustomConsent(Cookiebot.consent.preferences, Cookiebot.consent.statistics, true)\">here<\/a> to allow marketing cookies.\n<\/div><div class=\"wpforms-field wpforms-field-hp\"><label for=\"wpforms-7087-field-hp\" class=\"wpforms-field-label\">Website<\/label><input type=\"text\" name=\"wpforms[hp]\" id=\"wpforms-7087-field-hp\" class=\"wpforms-field-medium\"><\/div><div class=\"wpforms-recaptcha-container wpforms-is-recaptcha wpforms-is-recaptcha-type-invisible\" ><div class=\"g-recaptcha\" data-sitekey=\"6LdMjMgUAAAAAFhVg_MGHWhEb3w1gUMEb9i8tiDV\" data-size=\"invisible\"><\/div><\/div><div class=\"wpforms-submit-container\" ><input type=\"hidden\" name=\"wpforms[id]\" value=\"7087\"><input type=\"hidden\" name=\"page_title\" value=\"\"><input type=\"hidden\" name=\"page_url\" value=\"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/posts\/7863\"><input type=\"hidden\" name=\"url_referer\" value=\"\"><button type=\"submit\" name=\"wpforms[submit]\" id=\"wpforms-submit-7087\" class=\"wpforms-submit\" data-alt-text=\"Senden...\" data-submit-text=\"Jetzt Termin vereinbaren\" aria-live=\"assertive\" value=\"wpforms-submit\">Jetzt Termin vereinbaren<\/button><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.accessmanager.net\/wp-content\/plugins\/wpforms\/assets\/images\/submit-spin.svg\" class=\"wpforms-submit-spinner\" style=\"display: none;\" width=\"26\" height=\"26\" alt=\"Loading\"><\/div><\/form><\/div>  <!-- .wpforms-container -->\n<\/div><\/section>\r\n\r\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_font_icon-0ad1180e30dbd834994aaf2c34bba837\">\n.av_font_icon.av-av_font_icon-0ad1180e30dbd834994aaf2c34bba837 .av-icon-char{\nfont-size:20px;\nline-height:20px;\n}\n<\/style>\n<span  class='av_font_icon av-av_font_icon-0ad1180e30dbd834994aaf2c34bba837 avia_animate_when_visible av-icon-style- avia-icon-pos-right av-no-color avia-icon-animate'><span class='av-icon-char' aria-hidden='true' data-av_icon='\ue81e' data-av_iconfont='entypo-fontello' ><\/span><\/span>\r\n\r\n<section  class='av_textblock_section av-av_textblock-2de302bf1aa3cf4c9157dbe6f50ac7eb '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><a href=\"https:\/\/www.accessmanager.net\/datenschutzerklaerung\/\">Datenschutzerkl\u00e4rung<\/a><\/p>\n<\/div><\/section><!-- \/wp:post-content -->","protected":false},"excerpt":{"rendered":"","protected":false},"author":27,"featured_media":7166,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54],"tags":[127,113,132,80,131],"class_list":["post-7863","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-editorial-en","tag-access-management-en","tag-access-manager-en","tag-identity-access-management-en","tag-need-to-know-en","tag-pasword-reset"],"_links":{"self":[{"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/posts\/7863","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/comments?post=7863"}],"version-history":[{"count":8,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/posts\/7863\/revisions"}],"predecessor-version":[{"id":7977,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/posts\/7863\/revisions\/7977"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/media\/7166"}],"wp:attachment":[{"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/media?parent=7863"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/categories?post=7863"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.accessmanager.net\/en\/wp-json\/wp\/v2\/tags?post=7863"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}