Enabling authentication and authorization features to be turned into a service that can be applied across all applications, IBM on Friday announced a new version of its Tivoli Access Manager software that will centralize information auditing and reporting.
Once a person or resource is authenticated through a user ID, password or other form of security, Tivoli Access Manager 6.0 allows organizations to view only what they are allowed to see based on their profile.
For instance, protected functions can include access to e-mail, access to certain types of databases, the number of unsuccessful access attempts, backend application access or even portal infrastructure rights, said Joe Anthony, IBM Tivolis Identity Management director for Austin, Texas-based Tivoli, a business unit of IBM.
Anthony said that the new version of Tivoli Access Manager has the ability to create a centralized source where everyone is getting authenticated and authorized and should greatly simplify how customers capture records, carry out audit trails or target specific system usage to prepare data for compliance officers.
“Regulations continually evolve. Theyre not static, which makes it a challenge for some IT managers. On the first wave of audit compliances, a lot of it was reactive and running around. [Organizations] just couldnt keep that up,” said Anthony.
“What youre seeing now is a much bigger focus on the automation of being able to collect that data at any time and be able to provide that feedback to auditors and become much more proactive.”
Currently available, the upgraded product features 15 to 20 out-of-box templates to build reports catered to what an auditor may look for in an inquiry.
In addition, a number of process and configuration changes made to Tivoli Access Manager have cut the softwares deployment time and number of steps by 50 percent, noted Anthony.
Another area showing improvement is the tools ability to allow customers to use multiple directories for authentication and authorization in their IT environment and chain those different directories together.
For customers running large IT environments, the compliance tool has been tweaked to feature automatic failover capabilities in the case of a hard drive or server going bad.
This can occur because IBM has made the crossover point much quicker and can retain stake information in that session and send it over to another clustered server should an individual server shut down.
Ed Keck, assistant vice-president, CISSP, and lead security architect for Cleveland, OH-based Key Bank NA, a subsidiary of KeyCorp, is in the process of migrating his IT environment from Tivoli Access Manager v.4.1 to v.6.0.
KeyBank is using the product for authorization and authentication of Web-based applications. The software is being deployed for usage by internal employees as well as applications that are facing KeyBanks client base.
The newest release of Tivoli Access Manager 6.0 to leverage a central logging and auditing facility from IBM is an area Keck said his company will utilize because the feature will allow KeyBank to consolidate logging from other areas.
That in turn will simplify the gathering of information from integrated applications and the ability to illustrate compliance more easily.
“Because we are a federally regulated bank, we deal with compliance every day, and we need to be able to illustrate to various regulatory bodies that people have appropriate access,” said Keck.
“By using something like Tivoli Access Manager, we get the benefit of having a central service for access to multiple applications, multiple systems, which gives us one point to monitor, one point to manage so it greatly simplifies things from that perspective—thus easing the compliance burden on the company.”