Enterprise User Access Administration

Comprehensive risk posture definition and orchestration



BFSI | Healthcare | Retail


THE CHALLENGE


Today’s complex IT environments create challenges around identity governance, management and enforcement of access controls within the organizations. Access policy violations can expose organizations to various challenges including audit non-compliance, fraud risks, data leakage/ theft, managing stale / expired access across the organization.

Users (employees or contractors) have access to several technology privileges that help them do their job effectively. These privileges (e.g., email ID, distribution lists, application access, access to shared files/folders, specific productivity software, internet, admin rights, etc.) are typically linked to their role, position or location. It becomes essential for organizations to map the privileges to these users and ensure each user gets the right set of privileges.

To add to the complexity, users go through their own lifecycle within the company in terms of their promotions, transfers, temporary assignments, and finally exit. It becomes essential in this scenario for privileges to be re-mapped to the new roles and provision them quickly and, more importantly, de-provision what’s no longer permitted.


SEQURETEK’S APPROACH


Sequretek provides end-to-end consulting for Information Security, Governance, Risk Management, Compliance and Implementation of standards, regulatory, contractual and internal security requirements.



Mobility and Cloud Security


Risk analysis, remediation roadmap and implementation for mobile and cloud security.



Audits & Assessments


Security assessments of audits with planning and remediation, initially and biennially.



Security Drills in BCP


Security impact analysis through strategy and planning, training and testing.



Policy Definition and Review


Standards-based policy definition, update and review according to IT Act, 2008 and Company’s Act 2013.



ISO 27001 Assessments


Readiness assessment, planning and implementation with an upgrade to 2013.



Security Awareness


Multi-mode content, role-based awareness programs and campaign based or one-off engagement model.