Anomalix Inc. is an information security consulting company. Anomalix provides deep SME and domain expertise to address Identity Management challenges across industry verticals. Anomalix has worked with numerous organizations of various sizes and in various stages of evaluating, building or overhauling an Identity Management and Governance program. Given the increased visibility and scrutiny of organizational security and compliance programs these days, it warrants an investment to insure that managers are putting processes and controls in place to mitigate risk, enable the business and reduce operational costs and inefficiencies related to Identity and Access.
The Anomalix assessment covers the following areas:
• Identity Management Managed Service
• Business Process Architecture and Automation
• Audit Remediation
• Authoritative Identity Sources (Consolidation & Unification)
• Cloud and Premise Access Governance (Access Visibility & Attestation)
• Enterprise Access Request (Manage the User Experience, Enforce Policies, Apply Approvals and Orchestrate Fulfillment Changes)
• Entitlement Management
• Unstructured Data Governance (File Share and SharePoint Access Visibility & Attestation)Identity Management Strategy, Security Assessment and Roadmap Services
• DLP (Discovery & Enforcement)
• Privileged Identity and Access Management (Password Vaulting)
• Automate Policy Management (Segregation of Duties Enforcement & Remediation)
• Attribute-Driven Enterprise Roles (Strategy & Implementation)
• Active Directory Clean Up
• Single Sign On (SSO)
• Automated Provisioning and De-Provisioning
• Over 500 Connected Systems (OnPremise and Cloud Apps and Services)
• Connectors are built in days not weeks
• Industry Standard Integration Methods
• Anomaly Analytics That Drive Provisioning Changes (Detect Suspicious Behavior and Disable Access in RealTime)
Offering Overview
Anomalix utilizes deep Identity and Access Management expertise to perform thorough and actionable security assessments. We work with our clients to develop custom-built assessments that will analyze the current state of their IAM-related systems and practices in order to develop concrete recommendations and roadmap activities. The assessments cover areas including:
• IAM Policies and Standards
• Identity and Access Governance
• Access Controls
• Identity Lifecycle Management
• Privileged Identity Management
• Data Loss Prevention
Our Assessment Methodology
Analyze The Current State:
• Interview key functional, business, and technical stakeholders
• Show what’s working well for your organization and where improvements can be made
• Model current practices for access governance, provisioning, access request and approval and fulfillment
• Document business-oriented rules for managing access that are currently in place
• Evaluate organizations overall goals for mitigating risk and gaining operational efficiencies. Define Core Areas of Improvement
• Utilize deep industry experience and proprietary techniques to identify gaps and issues
• Highlight findings with the greatest risk exposure
• Identify operational inefficiencies
• Compare your company’s current processes and practices with industry standards and identify areas of improvement
Analyze The Current State
• Engage Stakeholders
• Document Processes and Procedures
• Create an Overview of the Current State
• Define Core Areas of Improvement
• UtilizeProprietary Tools and Techniques to Identify Gaps and Issues
• Compare Processes and Practices Against Industry Standads
• Design Tailored Solutions
• Develop a Set of Holistic Future State Recommendations
• Tailor Solutions to Meet Enterprise, Industry, and Regulatory Requirements
• Remediate Critical Gaps and Issues
• Identify Quick-‐Win Initiatives to Provide Immediate Value
• DeliverRapid ROI
• Implement ScalableValueVisibility and CertificationPolicy Management
• Role ManagementRequest ManagementFulfillment
• Design Tailored Solutions
• Utilize findings from the assessment activities to develop a set of specific recommendations tailored to the organization
• Work with IT security, risk, compliance, business, and operations stakeholders to balance organizational priorities with assessment recommendations
• Ensure that recommendations with regulatory requirements including SOX, GLB, FFEIC, and HIPAA compliance
Remediate Critical Gaps and Issues
• Identify solutions for your company’s most critical gaps and issues
• Find opportunities for quick-win initiatives while setting the foundation for long-term maturity
• Demonstrate rapid return on investment through increased operational efficiencies and reduced risk exposure
Implement Scalable Value
• Visibility and Certification – implementing solutions that provide visibility into user application, system, and data access
• Policy Management – set the stage for automated enforcement of enterprise security and user-access policies
• Role Management – utilize centralized user access information to design business-oriented roles, taking the confusion out of managing user entitlements
• Request Management – empower users to manage their own access while enforcing robust approval and request management processes
• Fulfillment – automating the processes of granting, updating, and removing user access to applications and systems This reduces the risk of human error and allows people to focus on the core job activitiesMeasurable and Actionable Outcomes
• An unbiased assessment of the current state of IAM related practices at your organization
• Models of your current state IAM practices and architecture
• A roadmap with prioritized recommendations
• Advice on potential remediation solutions as well as how Anomalix can help achieve your goals