Enhanced Core Functionality – Permission Assist™ 4.3 Released

Permission Assist™ 4.3 has officially been locked in stone, and getting your bank through identity access reviews has gotten even better with some new enhancements to our core functionality.

Selective Application Reviews – Review builders can now easily create reviews that only have a selected subset of applications. This allows the security team to have a lot more control around creating reviews with specific goals and/or the freedom to review certain applications at different frequencies throughout the year.

New Review Item Alerts – Sometimes events occur that may cause a shift in new responsibilities such as a supervisor changing.  Email alerts can now be configured to be sent out when a user has unexpected new tasks.

Better “Inactive User” Visibility – Throughout the entire application all views now show disabled/inactive user names in red text.  It is our hope that this will help you [wherever you are in the application] discover inactive identities.

 

 

The official release of 4.3 has been a long time coming, but we look towards the future and 4.4…here we come!

Cold Winter – Hot Integrations

The winter in Fargo has been bitter this year. Bad news for us, good news for you.

Because we’ve had to stay indoors to survive, we’ve had just that more time to build new application integrations!  As you can see, we are starting to see more B2B integrations which is great because it just isn’t your financial cores that take time to review. Here are the latest built specifically for the financial industry:

 

You keep asking – we keep delivering.  Bank permission reviews don’t need to include the task of gathering and transforming permission data, let us do it for you!

 

Principal Technologist Receives GSSP-.NET Certification

Sycorr’s Principal Technologist and Co-founder, Max Pool, has been recognized as successfully earning the GIAC Secure Software Programmer- .NET (GSSP-.NET) Certification.

The GSSP-.NET certification is for individuals responsible for coding secure software applications using .NET, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills. The certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common programming errors that lead to most security problems in 9 core areas:

  • .NET Authentication
  • .NET Authorization
  • .NET Data Validation
  • .NET Encryption
  • .NET Exception handling and logging
  • .NET Framework Security
  • .NET Session Management
  • Common Web and .NET Application Attacks
  • Secure SDLC

GIAC Certified secure software programmers (GSSP) have the knowledge, skills, and abilities to write secure code and recognize security shortcomings in existing code.

 

Taskboard UX Updates – Permission Assist™ 4.2 Released

Getting your entire organization through employee access reviews just got easier with the release of Permission Assist™ 4.2.

Financial institutions have been loving how quick they can compile review data – serious lift for companies in that area – but needed more help getting their masses of supervisors through the review process.  Distilling the feedback, we made some small (but impactful) changes to the taskboard that should help everyone out.

Application Status Menus – Users can now quickly see which applications they still have to respond to using the improved application menus on the taskboard.  These menus no longer show the overall status of the review, but rather are contextual to the signed-in user.

 

 

Simplified Quick Filters – Taskboard quick filters have been consolidated for clarity and ease of use.  The “My Outstanding” filter now allows you to filter by the different organizational roles you may be responsible for, and the “Status” filter allows you to show review items by any combination of available statuses.

 

 

Enhanced Privilege Descriptions – Application privileges that have been enhanced with a description now show an icon, that when clicked, displays additional information.  The Microsoft Active Directory privilege reader as been updated to use these description enhancements so while review Active Directory groups you have access to the description that resides in AD.

 

 

I’m getting the developers to look forward to 4.3!

Application Integrations Galore!

The freedom dynamic plugins in Version 4.1 of Permission Assist™ has not just helped our customers, but also our development staff to create new application privilege readers outside of feature version releases.

As a result, we can create new application integrations even faster.  Here are the latest built specifically for the financial industry:

 

We’ve proven time and again that there isn’t an integration we can’t make – and we have fun doing it!  (Yes, I guess that makes our ideas for fun a little on the weird side…)

 

Dynamic Plugins – Permission Assist™ 4.1 Released

Version 4.1 was an abnormally fast release for us; a number of customers had some very urgent needs surrounding upcoming reviews.  Aside from our dedication to an awesome customer experience (sorry, had to toot our own horn there), we agreed that it was time to enhance our architecture to be more flexible.

Within Permission Assist™ application privilege readers are no longer bound to particular product versions of Permission Assist™ because of a new a plugin architecture.  This provides the ability to add privilege readers that are supported in newer versions of Permission Assist™ without needing to upgrade, and adds the freedom to install custom organization-specific privilege readers.

That’s fancy talk to say…now, with Sycorr’s help, your reviews will never lack the ability to import the review data you need because of our product release schedule or an untimely upgrade!

Yet again, we are blazing trails on the best permission review solution the industry has!  Version 4.2 here we come!

Remediation – Permission Assist™ 4.0 Released

Remediation is here! Remediation is here!  We just promoted our biggest major version release into the 4.0 package which includes a highly anticipated feature – remediation.

Easily start remediation workflows when an identity’s permissions need to be corrected, track individual privilege changes, and compare them to up-to-date permissions to ensure the remediation work was completed.  Individual permission remediation is a huge win for communication between the ISO and the Remediation team.

 

Security Permission Remediation

 

To aid with the much anticipated permission remediation feature, we added a new full screen mode for review items.  This new view will give users the maximum amount of screen to review permissions, and with a unique permanent URL they can be shared among team members for direct access.

 

Full Screen Permission Review

 

There are a lot more feature requests coming in 4.1, but until then make sure you are looking for Jeremy at the many conferences we will be at…Signature User Group and SDBA Technology Conference are on the calendar next!

 

Accelerating Your Operations with 3 Simple Questions

The demands to leverage technology in ways that help us automate manual processes are ever increasing.  All companies want to empower their employees to accomplish more, allow customers to self-serve, and ensure an overall higher level of task accuracy; however, some organizations are slow to achieve these targets.  It’s true that unique, external factors (such as regulation) can be a hurdle when improving operations, but, from our perspective, it’s only a small part of the picture.

Successfully streamlining your business operations must be a combination of self-critical analysis and disciplined correction.  In this fashion, we can create true accelerations: those that are fast and affordable.  Improving your organization can be as simple as asking three simple questions that allow you to determine and prioritize what should be improved:

Can this task be optimized without spending resources to automate it?

Every social group has traditions, and your organization is no different.  Ask anybody why they do something and the most common response will be, “This is the way we’ve always done it.”  Some will be comforted in the past wisdom that statement holds; others will view it as the risk that employees understand how to do a task but not why they are doing it.  When you hear it, you should hear nothing but opportunity to improve your bottom line.

Ask the question above – Can this task be optimized without spending resources to automate it?

There is no reason to start automating a nine-step manual process that can first be optimized into a two-step manual process.  It is only when a business process can be optimized no more should it then be considered for automation.

However, take heed, a very common trap that occurs when starting to analyze a business process is that it will sound logical.  Your employees have been left to solve problems (and they have done just that), but can you see beyond their good reasoning?  Many steps within business processes are found to no longer be necessary due to changes over time, but the argument of why they exist as part of the solution are real.  We need see past the current solution to see the current problem, and it is then when we can start piecing together a new and improved solution.

 

Which steps can actually be automated?

We must be intelligent with what we automate.  Only technology zealots will suggest everything can (and should) be automated.  Automating everything simply isn’t reasonable – humans will always need to be involved.  Computers are great at running predictable tasks quickly; while humans excel at applying the reasoning and logic needed to make difficult choices.  The ability to oversee an entire business process and discern which steps are essential to automate and which have a dependency on human reasoning is a very important skill indeed.

As you step through our business processes you should always be looking for places to add “lift”; that is, the parts of the process that when automated would give a significant boost to operational efficiency or data quality.

Frequently, there is the perception that automation must be “all or nothing”.  In most cases this is not only incorrect but unattainable, so as a result we must create hybrid workflows that allow humans and computers to each do what they are best at.  For example, complete automation of a bank’s new account opening process is often talked about, but, with its numerous moving parts, it’s a significant workflow.  Online customer input, identity verification, account creation, funding, and communications are all individually ripe for automation, but orchestrating them all in unison is quite an effort.  Organizations should instead ask if they can cheaply automate a smaller portion of a workflow that provides significant lift to either operations or customer experiences.

 

How long will it take for the new workflow yield a ROI?

As with any business, the return on investment (ROI) is where the “rubber meets the road”.  Twenty, thirty, forty years ago the cost of automation was extremely high.  As a result, employee resources tended to solve problems rather than computerized automation.  But as technology costs continue to drop, old processes need to be revisited to see if they are ripe for helping the bottom line.

In most scenarios, the simplest question will determine if the initial effort should be put forth, “Will our organization ever see a positive return?”.  Beyond that, truly wise organizations will be able to predict multiple avenues of return from automations.

One technique for multiplying your return on technology is recycling.  For example, many banks focus on streamlining mobile check deposits for consumers. But did you know that with very little effort this same optimized process be applied to small business servicing?  Helping small businesses cash flow faster would be a considerable value add that was realized with little to no additional effort.

Less tangible returns on automation can also come in form of employee benefit.  Accelerated processes increase employee efficiency and accuracy, and empowered employees are in turn happier employees.  Lift in employee communication, loyalty, and satisfaction are achieved while decreasing clarifications, corrections, and new employee up costs.

This article was published in the Minnesota Bankers Association‘s July/August 2017 edition of MBA News.   Sycorr is an Associate Member of the Minnesota Banker’s Association. 

Email Notifications – Permission Assist™ 3.6 Released

Version 3.6 has been promoted to release with the highly requested feature of email notifications; specifically reminders on outstanding permission review responsibilities.

 

This version also had some new integrations for AccuSystems and Altisource Mortgage Builder.  Versions 3.7 and 4.0 are loosely road mapped, so be looking forward to some nice enhancements before Q3!

Sycorr joins the Minnesota Bankers Association

Sycorr is very proud to announce that we have joined the Minnesota Bankers Association as an associate member.  Already serving many financial institutions that cover area in the state of Minnesota, we are excited to cooperate with a great organization to further serve the banking industry.

Look forward to the July/August edition, Sycorr will have several pieces of content including an article by Co-founder Max Pool.   Here’s to a long relationship to the both of us!

Secured By miniOrange