Centralised vs Fragmented Management & Control - An Example
The advantages of SBX Enigma™ centralised access management capabilities in a complex Enterprise environment can be significant in the areas of security, accountability, and costs. The following simple example highlights these impacts.
Typical Access Management
In the diagram above, a single user is shown accessing a single accounting application that employs an Oracle database. The DBA oversees access management in that specific database, which maintains a detailed audit. If the access permissions for this user change, the DBA modifies the permissions and, if required, management can review this user’s activities through the audit report. In this isolated, single-application view, the database-level controls provide both access control and audit.
The next diagram considers a slight increase in complexity over the first, this time showing a single user accessing three separate applications that employ separate databases and database-types.
The impacts from even this modest increase in complexity are potentially significant within an environment where access and audit are managed separately by each individual database:
Security Issues – the risks of mismanaging the user’s access permissions increase linearly as the complexity and fragmentation of the environment increases:
- A single user’s access privileges must now be managed separately as they relate to each of the applications and associated databases, thereby significantly increasing the potential for a security breakdown.
- Access management now involves three DBAs instead of one, thereby multiplying the potential for error, compromise, untimely response, and miscommunication.
- The requirement to co-ordinate access management across multiple components substantially increases the number of “fail-points”.
Accountability Issues – the difficulty of constructing a consolidated review of the user’s activities grows in direct relation to complexity and fragmentation:
- Audit records are contained in three separate, incompatible repositories.
- Consolidation of the ‘real-time’ audit records from these source databases requires custom development.
- The requirement to consolidate diverse audit records creates an obstacle to timely review of user activity and timely accountability.
Cost Issues – the costs associated with managing a user’s access permissions grow in direct relation to the complexity and fragmentation of the environment:
- Access management requires the involvement of multiple specialised DBAs, increasing potential administration costs.
- Comprehensive audit review of a user’s activities requires the custom consolidation of diverse audit records from multiple, incompatible sources which creates additional, indeterminate administration costs.
SBX Enigma™ Centralised Access Management
In a real-world, dynamic Enterprise IT environment there are likely hundreds of users, dozens of applications, and scores of sensitive databases, not to mention thousands of sensitive documents, files, images, and individually sensitive data elements. The impacts from fragmented, component-level controls increase accordingly. As shown in the diagram below, SBX Enigma™ addresses these issues with a centralised, Enterprise-level approach to access management and audit.
This approach, which can be extended across any/all Enterprise information assets, addresses the key issues of security, accountability, and costs by rising above the component-level to provide centralised Enterprise-level management and control.
SBX Security Benefits – SBX Enigma™ simplifies access management across complex Enterprise environments by providing a consolidated resource with centralised administration, thereby enhancing accuracy, control, assurance, and timeliness:
- Centralised access management directly reduces the potential for error, compromise, untimely response and miscommunication.
- Centralisation enables changes in access authorities to be instantaneously implemented across the Enterprise.
- In complex Enterprise environments, SBX Enigma’s centralised access management dramatically reduces the number of “fail-points”.
SBX Accountability Benefits – SBX Enigma™ can provide centralised audit and, by eliminating consolidation and customisation issues associated with multiple audit systems, can mitigate impacts on the timely review of user activity and accountability.
SBX Cost Benefits – SBX Enigma™ reduces the on-going administrative costs of access and audit management in complex Enterprise environments:
- Administrative resources required for access management are consolidated and centralised, thereby reducing the multiplier-effect of administering multiple system components separately.
- Custom consolidation of diverse audit records from multiple, incompatible sources is no longer required, thereby reducing costs associated with centralised audit.