New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
2008 Best Deployment Scenario

 Cross Application Access Control Management


WHAT IS THIS TECHNOLOGY? In an organization, employees usually perform multiple tasks to complete business processes.  To complete a given business function, employees often need to access multiple applications.  Regulatory compliance mandates the enforcement of segregation of duties (SoD) which is the ability to ensure that an employee is not assigned sensitive combinations of tasks.  While some vendors provide software for automating SoD, FoxT has recently released software that automates SoD for functions that span multiple business applications. The FoxT technology also enables compliant user provisioning, with configurable workflow that automatically detects SoD during user provisioning.

Info Security Products Guide
this article
COMPARE and print reports
RATE products

WHAT DOES THIS TECHNOLOGY DO? The latest release of FoxT's BoKS Access Control for Applications provides organizations with unified SoD enforcement at the corporate level.  The FoxT solution for application security also ensures that new SoD conflicts do not enter the system with automated checks for SoD violations during user provisioning, and automated routing of new provisioning requests to the appropriate business owner.  The ability to enforce and monitor SoD, and ensure that new SoD conflicts are not introduced into the business system is a core compliance requirement.  With the growing complexity of business processes and applications, organizations can no longer effectively manage SoD using spreadsheets and manual checks, especially when the ability to prove SoD enforcement is a key auditor concern.  Organizations who are able to show automated SoD analysis and proactive enforcement will remove one key issue from their audit challenges.

FoxT's BoKS Access Control for Applications SoD solution detects violations that are caused by assignments from different applications.  Without the cross-application auditing and enforcement capability, a company will not be able to achieve the full requirements mandated by regulatory compliance. 

The FoxT SDK (Software Development Kit) facilitates the integration with virtually any custom applications.  Out-of-box, FoxT’s application access control solution includes over 300 configurable risk matrix definitions for SAP and Oracle Application systems, two of the major ERP systems commonly used by most companies.  The pre-defined library of common SoD conflicts and SDK greatly simplifies and speeds the deployment of application security. 

The FoxT solution also includes many powerful features to simplify audits and improve management’s ability to manage access control across diverse applications.   A graphical dashboard provides unified visibility into the status of user entitlement status across applications.  Auditors and business process owners can also use the dashboard to drill down into details behind the summary results.  And a Root Cause Trace (RCT) graph also facilitates audits and facilitates the remediation of cross-application conflicts.

Another core application security capability of FoxT’s BoKS Access Control for Applications is compliant user provisioning.  FoxT integrates the SoD functionality with cross-application user provisioning capabilities so that SoD rules are enforced at the provisioning stage, prior to activation.  The provisioning capability also features configurable workflow, enabling new provisioning requests to be routed to the appropriate business process owner for final approval as mandated by regulatory compliance.

The ability to automatically enforce segregation of duties across applications is part of FoxT’s BoKS Access Control for Applications solution suite.  In addition to the new cross-application management of segregation of duties, BoKS Access Control for Applications also enables centralized management of security policies, robust access controls including transaction-level monitoring of application activity, authentication, and centralized audit reporting across diverse applications. 

FoxT is the only vendor to provide a solution that seamlessly enforces and audits SoD for business processes that span multiple business applications. 

Conclusion: Automating enforcement of SoD conflicts seamlessly across applications enables IT Security and Compliance teams to ensure that employees are granted appropriate access rights and entitlements, while reducing the time required to monitor and manage compliance and audit activities. 

Fox Technologies (FoxT) 
883 N. Shoreline Blvd. D-210
Mountain View, CA  94043

Tel: +1-425-706-0044