Vanta unveils Access Reviews solution, giving security teams the ability to automatically review, adjust, monitor, and report on user access to systems, all within the Vanta platform.
Now, organizations can understand and granularly control employee access rights to any given application in order to identify risk and revoke unauthorized usage.
“People are a company’s most valuable asset, and at the same time its largest surface area of risk,” said Christina Cacioppo, CEO, Vanta. “Every unauthorized or over-permissioned employee creates an entry point that can be exploited, yet security teams lack the ability to easily identify credentials. Instead, they have to manually review each case to understand who has access to any given application, and whether they are authorized and still with the company—instead of focusing on mission-critical work. We built Access Reviews to automate this difficult, time-consuming and error-prone process so security teams can focus on protecting their organization’s attack surface.”
Periodic access reviews are a security best practice, but require hours of updating spreadsheets and chasing down reviewers to review account access for their systems within an organization. This costly and time-consuming task not only takes time away from more strategic security work, it also introduces an element of human error due to the repetitive nature of the reviews process.
If reviews are done incorrectly or not completed, inappropriate access can be misused by cyberattackers, malicious insiders, or former employees to steal or destroy data. The result is non-compliance and a weak security posture. Vanta automates away all of this tedious work and saves organizations more than 90 percent on cost compared to traditional methods
Capabilities and features of the Vanta Access Reviews solution include:
- Dozens of pre-built integrations to quickly consolidate system access data and HRIS information;
- Process owner workflow to select in-scope systems, system owners / reviewers, deadlines, and automatic reviewer notifications and reminders;
- Reviewer workflow with a guided, intuitive interface to see all accounts, accept / deny account access, and add notes;
- Automatic flagging of “risky” accounts of employees that have been terminated or recently switched departments;
- Task tracker integration to optionally create tickets for any access changes and provide visibility to the status of tickets;
- Reporting to view automated evidence of remediation progress and completion;
- Auditor interface so they can log into Vanta to see the history of all completed access reviews.