cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

SCAR – Access Rights Management Framework

Level 9

The SCAR (See – Change – Audit – Request) framework is designed to help you gain control over user permissions across your IT infrastructure. The framework consists of four steps to enhance your overall security posture and audit permissions to your data and resources at any time—while making access rights management more sustainable, efficient, and transparent.

ARM_rich-client_082019.png

See Your Permissions Infrastructure

Do you know who has access to your most valuable data? A fully transparent access rights structure is crucial for meeting various compliance regulations and audit requirements. To help mitigate threats and reach compliance goals, you need to SEE who has access to specific elements within your systems, data, and files.

Typically, within minutes, SolarWinds® Access Rights Manager (ARM) allows you to generate a report on exactly who has access to what.

 

Report-Who has access where.png

Permissions can often prove complex: Admins leave; new admins rework old structures; employees join, move within the company, and leave. This can get overwhelming quickly, and with companies growing organically, access rights to certain resources, folders, and data are not always as transparent as they need to be.
With ARM, you can analyze your permissions structure based on a single user or resource. Typically, within minutes, you can gain a transparent overview on:

  • Nested group structures
  • Overprivileged users
  • Globally accessible directories
  • List members of different groups
  • Empty or recursive groups
  • Inactive accounts

Easily Change Permissions with ARM

ARM is designed to set new standards in the field of changing user permissions, also known as user provisioning. Not only does ARM allow you to change user permissions, group memberships, and other Active Directory parameters, it simplifies the process by enabling help desk and data owners to do so as well. ARM lets you set permission templates by department, helping increase consistency across the organization and streamlining the entire Joiner-Mover-Leaver process.

ARM-create account in AD-20194.PNG

To learn more about how ARM can help you change your user permissions to demonstrate compliance and gain efficiency, please read our whitepaper, Joiner, Mover, Leaver: User Provisioning with SolarWinds Access Rights Manager.

ARM can help you increase efficiency and demonstrate compliance via access rights delegation to data owners and help desk departments.

Audit Permissions Without the Hassle

We’ve already discussed how ARM allows you to fully SEE your permissions structure and CHANGE access rights (SolarWinds SCAR framework (See – Change – Audit – Request).

When it comes to auditing permissions and user access rights, board tools and scripts often reach their limits. ARM is designed to help you AUDIT your permissions infrastructure anytime and with minimal effort. Whether your audit process is driven by internal requirements from mandates like GDPR, PCI DSS, HIPAA, or SOX (or all four), detailed reporting is critical to demonstrate compliance.

ARM-report-OU members and group memberships-20194.PNG

Read our Top 7 Audit Prep Reports whitepaper to discover what each of the seven reports provides, and how ARM can help you overcome common challenges in the audit process.

These seven reports allow you to audit:

  • User and group access
  • Overprivileged accounts
  • Risky group configurations (empty or recursive groups)
  • Inactive and temporary accounts
  • Insecure account configurations
  • Permissions differences monitoring
  • Historical AD structure

Analyzing Active Directory permissions can quickly become overwhelming. ARM helps IT teams quickly analyze authorizations and access permissions, helping reduce the risk of failed audits and stolen data.

Access Requests Made Simple

We’ve covered how the SolarWinds SCAR framework (See – Change – Audit – Request) and ARM allow you to SEE your permission structure, efficiently CHANGE access rights, and easily AUDIT user access rights.

With SolarWinds Access Rights Manager (ARM), employees can also REQUEST access rights directly from the data owner. Data owners, most often team leads or department heads, know best who should have access to what—and why. With ARM, you can have data owners directly handle access requests from employees with a web-based, self-service permissions portal.

If you already benefit from Microsoft enhanced management and remote controls, ARM can add monitoring, auditing, provisioning, and process optimization.

Want to learn more about ARM? Download a free trial here.