Over time, role designs degrade due to organizational or technological change. As a role design struggles to meet the needs of an enterprise, the costs to maintain it increase, complexity accelerates, and design patterns collapse. Role Guru automates the role design process, reduces the cost of role redesign projects, and produces cleaner roles.
Role Guru eliminates the need to configure complex roles in PFCG and then test those roles manually to ensure they comply with sensitive access policies, do not contain SOD conflicts, and satisfy the access requirements of end users. It also reduces the size of the role catalog, making roles easier to maintain, request, approve, and recertify.
Because Role Guru considers each user’s transaction history, it creates lean roles that adhere to the principle of least privilege.
Furthermore, because Role Guru ensures every role is free of SOD conflicts, there are no SOD conflicts at the role level and fewer conflicts at the user level. And because
specifications for role design policies are documented and tested, auditors can be confident that the role architecture meets compliance requirements.
Instead of finding and jusifying money for a role design project that might require months of contractor support, distractions, and countless meetings, simply run Role Guru to periodically redesign the catalog and tune rules.
With Role Guru, access management discussions focus on the policy and principles to be applied rather than individual access. This helps organizations avoid debates and escalations. And becase Role Guru automates regression testing, it ensures users retain all the access they were previously exercising and that the role redesign and provisioning process goes unnoticed by end users.