Permission reviews for applications that either have a large number of users or a highly complex set of permissions get a lot easier and faster after integrating that data into Permission Assist. And – since we prefer permission reviews that are easy, fast and not shaken or stirred – we’ve added several new application importers that are ready and waiting to help you shrink your permission reviews!
Here are the latest additions:
Finastra Decision Pro
Finastra PARC (Payments Archive and Research Center)
Fiserv Collections for Premier®
Fiserv Commercial CenterSM (Corporate)
Fiserv Compass for Popmoney®
Fiserv Intelligent Workplace
LexisNexis Bridger Insight® XG
Moody’s Analytics Lending Cloud
Online Banking Solutions (now Fiserv): Treasury Banking Suite
ProfitStars FactorSoft (formerly Cadence)
Schneider Electric Continuum
Street Resource Group (SRG) Warehouse Loan System
Stucky (William Stucky & Associates) ABLM.NET
TS Partners TranStar
Thank you to everyone who made requests and provided feedback on these importers. We hope you enjoy them!
All product names, trademarks, registered trademarks, and service marks are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, trademarks and brands does not imply endorsement.
You get a review, they get a review – everyone gets a review!!!! Simultaneous reviews are now possible with our latest release of Permission Assist version 4.7. Why conduct simultaneous reviews? Well, there are many reasons, but the one we like best is the one we’ve heard most from clients… flexibility!
Let’s say, as a general best practice, you typically conduct larger quarterly reviews with supervisors for non-critical systems. While that review is being conducted, one of the following happens:
Prior to version 4.7, you would have had to wait for the previous review to be completed before starting a new review even though the two (or more) reviews would have been conducted on completely different applications. With the added flexibility of simultaneous reviews, you can save time and stay more responsive to security needs as they arise.
As young man named Ferris Bueller once said, “Life moves pretty fast.” If you don’t stop and check up on outstanding review items once in a while, open reviews can drag on for what feels like an eternity. That’s why we’ve made it easier to see list of all reviewers that have outstanding review tasks as well as a list of their applications and the pending responses for each (see picture below).
With features that allow you to send email reminders – either to all reviewers at once or to a single reviewer – you’ve got everything you need to keep your review on track and running smoothly.
We hope you enjoy this new release!
We’ve been working hard to add features and enhancements that will help you continue shrinking your permission reviews.
Here are a few highlights in the Permission Assist 4.6 release…
Excel Exports – If you’ve ever wanted to export all identities, applications, privileges, conflicts, or even the current summary of a review (including all counts of pending, approved, and remediated items) – now you can! Simply click the Export button and you can view, sort, and Excel in whatever way makes you happiest all day long.
Import Data, Trending, and Diagnostics – One question our clients get asked more frequently during an audit is, “How do you know the information in Permission Assist is the same as the information in your application?” Another question clients often ask is, “From a security perspective, how do I know if new privileges have been added?”
We’ve made getting the answers to these questions even easier with improved import data and diagnostics. Now, you can quickly see a summarized list of each import along with the date, the number of users and the overall percentage of change when the import took place.
With more detailed views, you can clearly see new users, new privileges, and an overall percentage of change after each import.
Permission Assist tracks these changes with each new import so that, over time, you’ll start to see trends. If an import results in changes that go outside of that trend, you’ll know immediately.
In the event an error occurs during an import, the new Import Log allows you to see what happened so the issue can be corrected.
Need help solving the problem? We’ve made it even easier! Just follow the step-by-step instructions to create an encrypted diagnostic file (basically just click a button) and send it to our support team using our secure support portal. You’re support issues are our top priority so we’ll get on it as soon as possible!
Set ‘On Behalf Of’ Reviewers for Supervisors – If you have supervisors who don’t typically review the permissions of their direct reports or who may be out of the office during a review, the new ‘On Behalf Of’ feature allows you to either temporarily or permanently shift review responsibilities to another person.
Audit Multiple Active Directory Applications – Do you have multiple banks or other entities in your Active Directory application? If so, you now have the ability to set up multiple Active Directory applications allowing you to audit each individually.
We have gotten a lot of great feedback on these enhancements and we appreciate it! More great enhancements are planned for 4.7 and we couldn’t be more excited. Thank you to all of you who helped in this release!
As we march towards v5.0, we’ve continued to make serious investments in architecture and testing; ensuring the future releases on our roadmap are going to be great!
Permission Assist™ 4.5 has been a significant release for us to continue delivering the promise of shrinking your permission reviews. Here are a few highlights of the new features introduced…
Optional Security Team Reviews – Security team members can now be considered optional for a review. If a review item does not have any reviewers (that is, has no application managers nor supervisor) then responsibility falls back on a security team member. This is great for reviews where you only want an application manager to review a single specific application.
Reviewing Supervisor Reassignments– In version 3.5 we gave you the ability to reassign a review item to a different identity. We’ve had a number of different requests to enhance this functionality in a number of ways. As a result, now you have two new abilities: reassigning the reviewing supervisor and unassigned review items.
Common situations that lead up to supervisor reassignments: (1) the supervisor has left the company, and (2) the supervisor duties fall on an employee that does not participate in security audits such as C-level executives. With the ability to reassign temporarily or permanently no “work-arounds” are now needed. Unassigning the supervisor is a choice as well, and reviews that require supervisors will simply show it as not applicable.
Automatic Entitlement Roles – We’ve made building roles lightening fast in every sense of the word with better entitlement role building.
Simply select either an employee, directory group, or employee title. Using statistics the system will automatically suggest which applications and privileges should be used to review against. This is a HUGE time saver when asking the question “What privileges does this group of people have in common?”, or when attempting to build a role that encompasses the entitlements of a particular person…one click and you’re done! Your role will match all the identities based on your criteria, include the applications they have in common, and select the recommended privileges for you.
The software development team is very happy to finally deliver you this release as we can now focus on the “big picture” yet again. Thank you to all of our clients who helped in this release!
It’s a pleasure of ours to continue building the highest priority integrations our clients need. We know they are helping you save tons of time and helping to avoid errors in reporting. We’ve got a lot of changes coming for even more helpful plugin configuration, but until then here are the latest built specifically for the financial industry:
If we don’t have it, you only need to ask – if we haven’t proven it yet, we can integrate with anything. Bank identity access audits at lightening speed is what we are shooting for, so eliminate the task of parsing those permission reports!
Permission Assist™ 4.4 is finally here with a much requested new way to rank your application privilege reviews with some enhancements to our permission tracking.
Permission Risk Ratings – You can now track and report your high risk user privileges through our new risk ratings feature. By applying a criticality rank to your applications and/or permissions a new dimension is added to your reports. A much requested feature in 2018!
Improved Individual 360 Report – Easier search functionality to find individuals who were in a particular review, application, permission risk rating(s), or a combination of all. Create custom reports that have these filters applied to display just the information you are interested in.
Application Permission Report – Report on all the permissions within an application including their permission risk rating and overall usage. Find and filter custom reports based on a particular review, permission risk rating(s), or a combination of both.
The 4.4 release took a lot of time, attention, and testing due to the finer details to support risk ratings; however, now that it’s in the books we have our eyes set on 4.5! Thank you to all of our clients who participated in this release!
It has been a long awaited integration, but the Salesforce plugin is finally here!
Doing this integration had a lot of challenges – one of which forced us to evolve our plugins to allow custom configurations. However, we persevered for all the clients that have been asking for this very important integration as we continue to strive to make user access reviews as simple as possible.
Permission Assist™ 4.3 has officially been locked in stone, and getting your bank through identity access reviews has gotten even better with some new enhancements to our core functionality.
Selective Application Reviews – Review builders can now easily create reviews that only have a selected subset of applications. This allows the security team to have a lot more control around creating reviews with specific goals and/or the freedom to review certain applications at different frequencies throughout the year.
New Review Item Alerts – Sometimes events occur that may cause a shift in new responsibilities such as a supervisor changing. Email alerts can now be configured to be sent out when a user has unexpected new tasks.
Better “Inactive User” Visibility – Throughout the entire application all views now show disabled/inactive user names in red text. It is our hope that this will help you [wherever you are in the application] discover inactive identities.
The official release of 4.3 has been a long time coming, but we look towards the future and 4.4…here we come!
The winter in Fargo has been bitter this year. Bad news for us, good news for you.
Because we’ve had to stay indoors to survive, we’ve had just that more time to build new application integrations! As you can see, we are starting to see more B2B integrations which is great because it just isn’t your financial cores that take time to review. Here are the latest built specifically for the financial industry:
You keep asking – we keep delivering. Bank permission reviews don’t need to include the task of gathering and transforming permission data, let us do it for you!
Sycorr’s Principal Technologist and Co-founder, Max Pool, has been recognized as successfully earning the GIAC Secure Software Programmer- .NET (GSSP-.NET) Certification.
The GSSP-.NET certification is for individuals responsible for coding secure software applications using .NET, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills. The certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common programming errors that lead to most security problems in 9 core areas:
GIAC Certified secure software programmers (GSSP) have the knowledge, skills, and abilities to write secure code and recognize security shortcomings in existing code.