2017 December Highlights Part 1

Identity Analytics and Risk Intelligence:

 

New Classification Rule:  A new classification rule released that targets groups and group memberships.  Identity Analytics can now be configured to watch any group and members of the group are identified as having a high risk entitlement.  As Active Directory groups continue to be a key mechanism for granting access by many organizations, this rule continues to expand the scope and context that identity analytics covers.  Like all rules, the new rule is available on the main Rules view.  By default the rule is enabled and configured to watch a number of key Active Directory groups like Schema Admin and Domain Admin.

Rule Customization:  To support a number of upcoming enhancement requests, the first rule customization views have rolled out.  The customization is initially only enabled for the "Administration Group Member" rule.  When you clone or edit this rule, the new views allow for various customizations of the rule.  Over time these customizations will roll out to more rules.

ServiceNow Integration:  A new option rolled out to enable integration with your ServiceNow tenant.  The integration is enabled in the Settings view under the 3rd party integration section.  This is where you configure the location and credentials used to communicate to your ServiceNow environment.   Where this can be used is part of the Verification feature.  Identity Analytics provides a service to do access certification.  Note this is considered a 'micro-certification'.  In this scenario, if a manager or someone in an approver role decides to "deny" the high risk access, an incident ticket can be automatically opened in ServiceNow.  This allows the deny to be tracked, audited and remediated by the appropriate teams in your organization.

Anonymous