4.0 Understanding Data Administration

After installing Identity Governance, the bootstrap administrator collects and publishes an initial set of identities and provides global authorization to one of these users. Alternately, the bootstrap administrator can also have the global authorization. The Global Administrator assigns users other authorizations such as the data administration authorization.

As a Data Administrator, you are responsible for the entire data administration process including the key phases of data preparation, collection, publication, and management. Data collection and publication is the first critical step in the governance process, and it is an ongoing process that is needed to ensure that the access information that is being reviewed is up to date.

Identity Governance processes require clean, up-to-date data obtained from a variety of sources such as Identity Manager, Active Directory, and other enterprise applications in the data center and the cloud. Identity Governance can obtain the data by directly connecting to the systems through protocols such as LDAP and JDBC, or it can simply periodically extract the data from a file such as a Comma Separated Value (CSV) formatted file. The features and processes Identity Governance uses to retrieve, validate, and format entity (Identity, Group, Application, Account, and Permission) data from desired data sources is referred to as data collection.

Data Publicationrefers to the processes used to transfer the collected data to the Identity Governance catalog which makes the data available for governance operations.

Identity Governance provides default collector templates to get you started with the configuration process for data collection. However, each environment has custom requirements that might require unique transformation and configuration options.

As a Data Administrator, you need a thorough understanding of the sources from which the data is retrieved and the Identity Governance data administration concepts and tasks. A brief overview of the data administration process is shown next.

Figure 4-1 Data Administration Process Overview

For additional information about the data collection and publication concepts and an overview of related tasks, see the following sections: