User activity monitoring
Monitor user activity in key systems that Identity Manager provisions to and take immediate action when suspicious activity occurs.
Clear, concise monitoring
With multiple people accessing key systems every day, determining which activities warrant deeper investigation becomes a guessing game—especially if you can't tell who initiated the access and from where. Log data may show that some user from an internal IP address accessed the customer database, but without more information it's impossible to know if the user is actually authorized to see sensitive customer information.
User activity monitoring is the answer. It enables you to associate access to key systems with the users and devices involved. It provides the additional layer of context you and your systems need to make informed decisions about what activities represent a security risk.
Identity Tracking makes user activity monitoring possible by integrating activity in key systems with identity information. This combination allows you to:
- Automatically monitor activity in key systems in real time
- Correlate potential threats and violations with actual users
- Know which users are accessing key systems that Identity Manager provisions to
- Easily see how users got their access to key systems
- Take necessary action when suspicious or non-compliant activity occurs
Besides preventing potentially harmful activity in real time, Identity Tracking also paints a detailed picture of all users for improved decision making. With Identity Tracking, you can:
- Map multiple system entitlements back to a specific user
- See a complete view of a user's privileges in key systems
- Make informed decisions about provisioning and access requests
You'll never have to worry about multiple identities for a single user or enforcing critical requirements such as separation of duties.
The integration of security and identity in Identity Tracking is unique in the industry. Using Identity Tracking for user activity monitoring will give you the edge you need to actively defend key systems and critical data in real time, rather than reacting to events long after they occur.