ON SELF-SERVICE ADMINISTRATION AND COMPLIANCE

ON SELF-SERVICE ADMINISTRATION AND COMPLIANCE

Avada Software has gotten quite a positive reaction to our Self-Service webcast: Productivity through SMART self-service for IBM MQ & IIB. We thank all those who attended and commented.

I’d like to continue the thoughts of that webcast via this blog. One or two replies struck me as odd only because Avada Software has been evangelizing this theme since its inception in 2006, when the product was built to allow for “delegated administration”. The entire point of delegated administration “is” self-service. But that is not just for individuals, it is intended as a collaborative solution for teams of people. The idea is to delegate to a person, persons, team, project team, dept, etc. exactly what you want them to see and what you need them todo. It’s that simple.

Those particular replies were from people that were “looking for a self-service product”. Well, that term is not exclusive to anyone, but one of the primary reasons for Avada Software’s product, since day one, was to provide that ability. We’re glad that the webcast illuminated that “delegated administration” and “self-service” is synonymous. You can’t have “secure” self-service without being able to delegate to the End User exactly what you want them to see and do. Otherwise, you wouldn’t allow them to self- administrate because they’d be able to see any resource and perform any action! In this day of compliance adherence, that would be heresy.

And that’s the other message that comes up loud and clear in the discussion: Compliance and Security.

There are many types of security. Most people hear that and think about handshakesecurity, like you need to do with SSL. There’s also authentication security, like you do with LDAP to allow users to Login to their workstation or applications. However, there is alsovisibility security! With Infrared360’s portal, what you can’t see, you won’t know exists, and therefore won’t be able to access. Then there is policy security: What you do access you can only perform certain actions upon – per your policy (per your role on that team, project, dept, etc.).

What compliance people like about this is that you can see all User access and permissionsbefore anyone does anything. In good self service products, like Infrared360, you can look up or run a report on any User(s) to see what they have access to see, and what they have access to do.   Coupling that with an audit trail of actions that have been performed (even if they do have the permission to do so) gives compliance people a full 360⁰ view of the information they need to verify for the sake of corporate policies.

And that is really the basis of Smart Self-Service as noted in the webcast.

By | 2016-11-30T21:38:10+00:00 June 16th, 2015|Infrared360 Blog|0 Comments

About the Author:

Leave A Comment