Sycorr’s Principal Technologist and Co-founder, Max Pool, has been recognized as successfully earning the GIAC Secure Software Programmer- .NET (GSSP-.NET) Certification.
The GSSP-.NET certification is for individuals responsible for coding secure software applications using .NET, identifying shortfalls in the security knowledge of other programmers, ensuring other programmers have adequate secure coding skills, and advanced secure programming skills. The certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common programming errors that lead to most security problems in 9 core areas:
GIAC Certified secure software programmers (GSSP) have the knowledge, skills, and abilities to write secure code and recognize security shortcomings in existing code.
Getting your entire organization through employee access reviews just got easier with the release of Permission Assist™ 4.2.
Financial institutions have been loving how quick they can compile review data – serious lift for companies in that area – but needed more help getting their masses of supervisors through the review process. Distilling the feedback, we made some small (but impactful) changes to the taskboard that should help everyone out.
Application Status Menus – Users can now quickly see which applications they still have to respond to using the improved application menus on the taskboard. These menus no longer show the overall status of the review, but rather are contextual to the signed-in user.
Simplified Quick Filters – Taskboard quick filters have been consolidated for clarity and ease of use. The “My Outstanding” filter now allows you to filter by the different organizational roles you may be responsible for, and the “Status” filter allows you to show review items by any combination of available statuses.
Enhanced Privilege Descriptions – Application privileges that have been enhanced with a description now show an icon, that when clicked, displays additional information. The Microsoft Active Directory privilege reader as been updated to use these description enhancements so while review Active Directory groups you have access to the description that resides in AD.
I’m getting the developers to look forward to 4.3!
The freedom dynamic plugins in Version 4.1 of Permission Assist™ has not just helped our customers, but also our development staff to create new application privilege readers outside of feature version releases.
As a result, we can create new application integrations even faster. Here are the latest built specifically for the financial industry:
We’ve proven time and again that there isn’t an integration we can’t make – and we have fun doing it! (Yes, I guess that makes our ideas for fun a little on the weird side…)
Version 4.1 was an abnormally fast release for us; a number of customers had some very urgent needs surrounding upcoming reviews. Aside from our dedication to an awesome customer experience (sorry, had to toot our own horn there), we agreed that it was time to enhance our architecture to be more flexible.
Within Permission Assist™ application privilege readers are no longer bound to particular product versions of Permission Assist™ because of a new a plugin architecture. This provides the ability to add privilege readers that are supported in newer versions of Permission Assist™ without needing to upgrade, and adds the freedom to install custom organization-specific privilege readers.
That’s fancy talk to say…now, with Sycorr’s help, your reviews will never lack the ability to import the review data you need because of our product release schedule or an untimely upgrade!
Yet again, we are blazing trails on the best permission review solution the industry has! Version 4.2 here we come!
Remediation is here! Remediation is here! We just promoted our biggest major version release into the 4.0 package which includes a highly anticipated feature – remediation.
Easily start remediation workflows when an identity’s permissions need to be corrected,
To aid with the much anticipated permission remediation feature, we added a new full screen mode for review items. This new view will give users the maximum amount of screen to review permissions, and with a unique permanent URL they can be shared among team members for direct access.
There are a lot more feature requests coming in 4.1, but until then make sure you are looking for Jeremy at the many conferences we will be at…Signature User Group and SDBA Technology Conference are on the calendar next!
The demands to leverage technology in ways that help us automate manual processes are ever increasing. All companies want to empower their employees to accomplish more, allow customers to self-serve, and ensure an overall higher level of task accuracy; however, some organizations are slow to achieve these targets. It’s true that unique, external factors (such as regulation) can be a hurdle when improving operations, but, from our perspective, it’s only a small part of the picture.
Successfully streamlining your business operations must be a combination of self-critical analysis and disciplined correction. In this fashion, we can create true accelerations: those that are fast and affordable. Improving your organization can be as simple as asking three simple questions that allow you to determine and prioritize what should be improved:
Can this task be optimized without spending resources to automate it?
Every social group has traditions, and your organization is no different. Ask anybody why they do something and the most common response will be, “This is the way we’ve always done it.” Some will be comforted in the past wisdom that statement holds; others will view it as the risk that employees understand how to do a task but not why they are doing it. When you hear it, you should hear nothing but opportunity to improve your bottom line.
Ask the question above – Can this task be optimized without spending resources to automate it?
There is no reason to start automating a nine-step manual process that can first be optimized into a two-step manual process. It is only when a business process can be optimized no more should it then be considered for automation.
However, take heed, a very common trap that occurs when starting to analyze a business process is that it will sound logical. Your employees have been left to solve problems (and they have done just that), but can you see beyond their good reasoning? Many steps within business processes are found to no longer be necessary due to changes over time, but the argument of why they exist as part of the solution are real. We need see past the current solution to see the current problem, and it is then when we can start piecing together a new and improved solution.
Which steps can actually be automated?
We must be intelligent with what we automate. Only technology zealots will suggest everything can (and should) be automated. Automating everything simply isn’t reasonable – humans will always need to be involved. Computers are great at running predictable tasks quickly; while humans excel at applying the reasoning and logic needed to make difficult choices. The ability to oversee an entire business process and discern which steps are essential to automate and which have a dependency on human reasoning is a very important skill indeed.
As you step through our business processes you should always be looking for places to add “lift”; that is, the parts of the process that when automated would give a significant boost to operational efficiency or data quality.
Frequently, there is the perception that automation must be “all or nothing”. In most cases this is not only incorrect but unattainable, so as a result we must create hybrid workflows that allow humans and computers to each do what they are best at. For example, complete automation of a bank’s new account opening process is often talked about, but, with its numerous moving parts, it’s a significant workflow. Online customer input, identity verification, account creation, funding, and communications are all individually ripe for automation, but orchestrating them all in unison is quite an effort. Organizations should instead ask if they can cheaply automate a smaller portion of a workflow that provides significant lift to either operations or customer experiences.
How long will it take for the new workflow yield a ROI?
As with any business, the return on investment (ROI) is where the “rubber meets the road”. Twenty, thirty, forty years ago the cost of automation was extremely high. As a result, employee resources tended to solve problems rather than computerized automation. But as technology costs continue to drop, old processes need to be revisited to see if they are ripe for helping the bottom line.
In most scenarios, the simplest question will determine if the initial effort should be put forth, “Will our organization ever see a positive return?”. Beyond that, truly wise organizations will be able to predict multiple avenues of return from automations.
One technique for multiplying your return on technology is recycling. For example, many banks focus on streamlining mobile check deposits for consumers. But did you know that with very little effort this same optimized process be applied to small business servicing? Helping small businesses cash flow faster would be a considerable value add that was realized with little to no additional effort.
Less tangible returns on automation can also come in form of employee benefit. Accelerated processes increase employee efficiency and accuracy, and empowered employees are in turn happier employees. Lift in employee communication, loyalty, and satisfaction are achieved while decreasing clarifications, corrections, and new employee up costs.
Version 3.6 has been promoted to release with the highly requested feature of email notifications; specifically reminders on outstanding permission review responsibilities.
Sycorr is very proud to announce that we have joined the Minnesota Bankers Association as an associate member. Already serving many financial institutions that cover area in the state of Minnesota, we are excited to cooperate with a great organization to further serve the banking industry.
Look forward to the July/August edition, Sycorr will have several pieces of content including an article by Co-founder Max Pool. Here’s to a long relationship to the both of us!
A quick blog post for a quick release…
Version 3.5 of Permission Assist™ greatly enhances the ability to reassign a user account for an application to a different identity. So whether the application user account wasn’t matched, it matched incorrectly, or you just want to change it for some review processing reason – the choice is yours whether to assign it just once or every time moving forward.
The development team is starting on version 3.6 which adds even more features to the best identity auditing solution for banks!
Permission Assist™ continues to barrel down the tracks with our new 3.4 release. This version was solely focused on bringing more Fiserv support to the product with yet another core banking platform – Fiserv DNA support.
Overall in the 3.4 release we added:
In addition to these native banking integrations, we added a new Sycorr generic directory group reader. Since version 1, the Sycorr standard privilege reader has supported the ability to import identity privileges for individual users in your directory service. The added directory group privilege reader introduces a new way to match identities based on their directory service group (for example, an Active Directory group). This adds significant flexibility for importing privileges from systems that define authorization by directory group participation.
Yet again, we are very proud of our team this release. Of course, we continue to add features, but it seems with every native integration we continue to grow the impact that Permission Assist™ is making in the banking industry.