Welcome to the Access Rights Manager Forum!
According to the recent Insider Threat Report: 2018 over half of organizations have confirmed an insider attack within the last 12 months. The majority of these are attributed to too many users with excessive access privileges. Access control is one of the key components of an organization’s overall security profile and by controlling access to Active Directory, file servers, and Exchange, you can protect systems and data from unauthorized use, misuse, disclosure, destruction, or modification.
SolarWinds Access Rights Manager (ARM) is a new offering that has been designed to help IT and Security admins quickly analyze user authorizations and access permission to systems, data, and files and help them protect their organizations from the risks of data loss and data breaches. Customized reports showing who has access to what and when they accessed it can then be generated to support compliance requirements. User provisioning and deprovisioning can also be done in seconds using role-specific templates, assuring conformity of delegating access privilege in alignment with security policies.
Simply put, ARM makes user provisioning, deprovisioning, tracking and monitoring easy while helping to minimize exposure to insider threats.
This forum is for you. Here you will find a product blog, documentation, webcasts and events, and the ability to share tips and ideas with your fellow IT and security admins. Please share with us your feedback, questions, and ideas. We want to hear from you!
If we had a way to clone an existing user's SW rights and apply it to new users, it would save a lot of work on the user administration side of operation NPM.
Today I have to create a test AD user, log into SW and see what rights and views it has. Simultaneously I log into it SW as an admin and change those rights and views. Then log out as the user and log back in and see if the user has too many or too few rights. And then adjust & repeat and test, over and over.
Once the right mix is achieved on the test user, there's no way to apply that set of permissions to new users, either one-by-one or as a group (that I know of). Having such a solution built into NPM would be sweet.
That seems the wise way to go. My organization still restricts users from accessing our SolarWinds suite, therefore I tend to do individual rights configuration where appropriate instead of groups. One-offs remain, although I do use Groups when there's an entire team that gets rights to SolarWinds through AD.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.