Aveksa Enterprise Access Governance Platform Scales to Meet the Demands of the Largest Global Enterprises; Provides Rapid Time to Value for Access Risk and Compliance Initiatives

WALTHAM, MA—December 17, 2008—Aveksa, Inc., the market-leading provider of enterprise access governance solutions, today announced that the Aveksa Enterprise Access Governance Platform is the industry's most scalable enterprise access governance solution. As organizations seek to address the challenge of properly governing user access to enterprise information resources, they recognize the need for a solution that can scale to address the magnitude of the problem. Leading Global 2000 organizations have chosen Aveksa to implement policy-driven processes for governing access across hundreds of applications, hundreds of thousands of users and hundreds of millions of user entitlements.

Global organizations are finding that the increasing complexity of their own enterprises and the ever-growing number of regulatory mandates are overwhelming their systems for monitoring user access to information resources. With  applications often numbering in the thousands, users in the tens of thousands and entitlements as high as one billion, organizations are finding that it is virtually impossible to obtain and sustain the necessary level of access visibility. Meanwhile, businesses are struggling to keep pace with hundreds of daily changes related to people, functional responsibilities, departments and information assets throughout the enterprise. To accomplish this task, organizations are increasingly turning to the Aveksa Enterprise Access Governance Platform, which has been proven in numerous large-scale, enterprise-wide access governance deployments.

 “Understanding the relationship of people to responsibilities, responsibilities to roles, and how entitlements satisfy the responsibilities that roles signify is a significant challenge. Without this understanding, however, it is difficult to resolve an organization’s access-related security and policy vulnerabilities,” said Kevin Kampman, Senior Analyst at Burton Group. “Leveraging automated solutions that are designed to identify and maintain these policies and relationships helps to mitigate vulnerabilities. The organization can reduce the risk associated with inappropriate access privileges, and institute the discipline needed to limit or prevent their recurrence. The organization also benefits by clearly articulating relationships, a perspective that contributes to business transparency and effectiveness.”

Aveksa - An Enterprise-tested Approach to Access Governance
The Aveksa Enterprise Access Governance Platform has been proven in numerous large-scale deployments to deliver sustainable access governance for the most demanding global enterprises in the following key areas:

Access Visibility—Aveksa enables organizations to achieve a unified view of user access across all information resources. The Aveksa Enterprise Access Governance Platform scales to deliver visibility into the millions of  relationships between users, accounts, groups, roles and entitlements across thousands of information resources and tens of thousands of users. At this scale, Aveksa provides the critical run-time performance of data collection necessary for capturing the reality of access and the dynamic controls automation to ensure that business risks are avoided.

Access Certifications—The Aveksa platform can scale across thousands of reviewers, manage the assignment coverage for hundreds of applications and handle reviewer delegation for numerous users, roles and entitlements. Initial cross-enterprise automated entitlement reviews using Aveksa often find that 20 to 30 percent of existing access entitlements represent policy violations. Based on this new visibility, organizations can more rapidly identify and address access risk and compliance issues.

Role Management—Aveksa enables organizations to discover the right roles and maintain role effectiveness across millions of entitlements and thousands of user-to-role bindings. Aveksa delivers a set
of scalable role lifecycle management processes that include discovery, design, engineering, synchronization and analytics for role maintenance.

Relieving Enterprise Burden and Compliance Fatigue—Compliance fatigue is a common problem for organizations. As the burden on business managers, IT staff and audit/compliance teams increases, so does the risk of compliance failure. With Aveksa, organizations have reduced their audit cycles from as long as two months to as little as five working days, resulting in increased productivity, reduced compliance fatigue and lower overhead costs.

Improving IT Operational Efficiency—An inadequate approach to access governance can consume far too much effort on the part of IT staff as it attempts to establish full visibility of users and entitlements within all of an organization’s relevant IT resources—an expensive, unnecessary drain on the IT Security budget. Using Aveksa’s Access Governance Platform, enterprises have reduced their administrative costs for acquiring, aggregating and correlating user access data by as much as 50 percent.

Configurability rather than Customization—The Aveksa Platform provides a high degree of configurability, enabling organizations to rapidly deploy an effective, sustainable access governance process. Aveksa customers have on-boarded hundreds of applications within weeks of deployment; and a large international bank recently deployed 570 applications for review and certification in less than six months.

Streamlined compliance reporting
Aveksa enables organizations to track all access requests, determine who authorized them and validate that access change occurred to provide the auditable evidence of compliance. It provides a system of record that can scale to track all change and remediation process components and recreate historical reporting periods that demonstrate to auditors the effectiveness of the governance process.

“Despite significant investments and effort, many companies are finding that their access risk and compliance management processes are simply unsustainable,” said Deepak Taneja, founder, president and CTO of Aveksa. “Aveksa provides the most scalable automated solutions to enable even the most demanding enterprise environments to quickly deploy efficient access governance processes, achieve sustainable compliance and minimize access risk throughout their entire organizations.”

About Aveksa
Aveksa provides the most comprehensive, enterprise-class, access governance, risk management and compliance solution. Aveksa automates the on-boarding, change management, monitoring, reporting, certification and remediation of user entitlements and roles; enables role discovery and lifecycle management; and delivers unmatched visibility into the true state of user access rights. With Aveksa, business, security and compliance teams can effectively collaborate and enforce accountability. Our growing customer base includes leading Global 2000 organizations in financial services, healthcare, retail, transportation and manufacturing. For more information, go to www.aveksa.com.