OpenText인 이유
OpenText인 이유
개요OpenText인 이유
OpenText는 수십 년간의 전문 지식을 통해 데이터를 활용하고, 사람과 프로세스를 연결하며, 신뢰할 수 있는 AI를 강화합니다
데이터 관리 및 연결
기업 전체의 데이터를 매끄럽게 통합하여 정보 단절을 없애고, 협업을 강화하며, 리스크를 최소화하세요
AI가 활용 가능한 정보
데이터를 AI가 활용 가능하고 구조화되고, 접근 가능한, 최적화된 정보로 변환하세요
내장 보안 및 규정 준수
규제 및 준수 요구 사항을 충족하고 정보의 수명 주기 전반에 걸쳐 보호하세요
직원 역량 강화
개요직원 역량 강화
OpenText는 사람들이 콘텐츠를 관리하고, 작업을 자동화하며, AI를 사용하고, 협업하여 생산성을 높일 수 있도록 지원합니다
고객
전 세계 수천 개의 기업이 OpenText의 혁신적인 솔루션으로 성공을 거두고 있는 방법을 확인해 보세요
직원
직원은 OpenText의 가장 큰 자산으로, OpenText 브랜드와 가치의 생명입니다.
기업의 사회적 책임
OpenText가 사회적 목표를 발전시키고 긍정적인 변화를 가속화하기 위해 어떤 노력을 하고 있는지 알아보세요
파트너
디지털 혁신을 이루기 최적인 솔루션과 전문성을 갖춘 OpenText 파트너를 만나보세요
AI 리더십
개요Aviator AI
새로운 방식으로 정보 보기
OpenText™ Aviator™ AI
비즈니스, 데이터 및 목표를 파악하는 AI
OpenText™ MyAviator
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
OpenText™ Business Network Aviator™
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
OpenText™ Content Aviator™
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
OpenText™ DevOps Aviator™
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
OpenText™ Experience Aviator™
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
OpenText™ Service Management Aviator™
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
Aviator AI
개요Aviator AI
새로운 방식으로 정보 보기
OpenText™ Aviator™ AI
비즈니스, 데이터 및 목표를 파악하는 AI
OpenText™ MyAviator
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
OpenText™ Business Network Aviator™
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
OpenText™ Content Aviator™
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
OpenText™ DevOps Aviator™
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
OpenText™ Experience Aviator™
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
OpenText™ Service Management Aviator™
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
비즈니스 네트워크
개요Business Network
한 번만 연결하면 안전한 B2B 통합 플랫폼으로 모든 대상과 연결할 수 있습니다.
콘텐츠
개요Content
AI가 활용 가능한 콘텐츠 관리 솔루션으로 지식 재구성
사이버 보안
개요Cybersecurity
기업 보호를 위한 통합 사이버 보안 솔루션
DevOps
개요DevOps
AI 기반 DevOps 자동화, 테스트 및 품질을 통해 더 나은 소프트웨어를 더 빠르게 제공
Experience and Fax
개요Experience and Fax
잊을 수 없는 고객 경험으로 대화 재창조
관측 가능성 및 서비스 관리
개요Observability and Service Management
IT 운영의 비용과 복잡성을 줄이기 위해 필요한 명확성 확보
API
개요APIs
검증된 OpenText 정보 관리 기술을 사용하여 맞춤형 애플리케이션 구축
OpenText™ API Services
사용자 정의 애플리케이션 및 워크플로를 지원하는 실시간 정보 흐름을 제공하는 OpenText Cloud API를 사용하여 원하는 방식으로 구축
신뢰할 수 있는 데이터 및 AI
개요신뢰할 수 있는 데이터 및 AI
안전한 정보 관리가 신뢰할 수 있는 AI를 만나다
OpenText AI Data Platform
데이터와 AI의 신뢰를 높이는 통합 데이터 프레임워크
OpenText™ Aviator™ Studio
데이터 언어로 에이전트를 구축, 배포 및 반복할 수 있는 공간
OpenText Discovery
AI를 강화하기 위해 데이터 수집 및 메타데이터 태그 지정 자동화를 지원하는 도구 세트
OpenText Data Compliance
거버넌스를 사전 예방적이고 지속 가능하게 만드는 서비스 및 API 제품군
OpenText Aviator AI Services
AI 여정을 도와주는 전문 서비스 전문가
인공 지능
개요Aviator AI
새로운 방식으로 정보 보기
OpenText™ Aviator™ AI
비즈니스, 데이터 및 목표를 파악하는 AI
OpenText™ MyAviator
더 빠른 의사 결정을 만나보세요. 안전한 개인 AI 비서가 업무를 시작할 준비가 되었습니다.
OpenText™ Business Network Aviator™
공급망을 위한 생성형 AI로 더 나은 인사이트를 얻어보세요.
OpenText™ Content Aviator™
AI 콘텐츠 관리 및 지능형 AI 콘텐츠 어시스턴트를 통해 효율적으로 작업하세요.
OpenText™ DevOps Aviator™
더 빠른 앱 제공, 개발 및 자동화된 소프트웨어 테스트를 만나보세요.
OpenText™ Experience Aviator™
고객 성공을 위해 고객 커뮤니케이션과 경험을 개선해 보세요.
OpenText™ Service Management Aviator™
사용자, 서비스 상담원 및 IT 직원이 필요한 답을 찾을 수 있도록 권한을 부여하세요.
클라우드 파트너
개요클라우드 파트너
OpenText는 주요 클라우드 인프라 제공업체와 협력하여 어디서나 OpenText 솔루션을 실행할 수 있는 유연성을 제공합니다
엔터프라이즈 애플리케이션 파트너
개요엔터프라이즈 애플리케이션 파트너
OpenText는 최고의 엔터프라이즈 앱 제공업체와 협력하여 비정형 데이터를 활용함으로써 더 나은 비즈니스 인사이트를 제공합니다
US Department of Defense contractor
OpenText™ NetIQ™ Identity Governance accelerated the adoption of a unified review process to address audit findings and improve security and compliance at scale
Products and services
Solution group
Outcomes
- Updated enterprise access review capabilities to adhere to CMMC controls
- Facilitated rapid application onboarding for thousands of applications
- Incorporated access reviews for privileged accounts through PAM integration
- Automated reviews and generation of audit evidence to reduce administrative overhead
Challenge
The business must pass a CMMC compliance assessment and improve enterprise governance audit results.
Details
The compliance conundrum
A US Department of Defense (DoD) contractor had to prepare for compliance with the Cybersecurity Maturity Model Certification (CMMC). This new certification model is the latest development by the DoD to reduce risk in the defense supply chain. A compliant CMMC score is critical as future DoD procurements will require minimum CMMC scoring for suppliers to compete for contracts and task orders. To address specific CMMC security controls, DoD contractors must perform certain identity governance and administration processes. However, application owners were already struggling with the existing audits, access reviews, and compliance of several critical financial applications and other sensitive databases. The DoD contractor chose to leverage a COTS solution to address their governance deficiencies.
Implementing NetIQ Identity Governance accelerated progress toward meeting CMMC requirements by automating the onboarding of so many applications quickly and simplified the administrative burden of governance across the organization, which was a huge positive paradigm shift.
NetIQ Identity Governance to the rescue
TriVir, an OpenText (formerly Micro Focus) Cybersecurity partner with nearly 20 years of experience supporting commercial and government clients with complex identity and access requirements, was engaged to improve the existing governance processes and quickly integrate with enterprise systems. After assisting with vendor selection and recommending NetIQ Identity Governance, TriVir piloted a solution to connect Identity Governance with the Identity Vault, Active Directory, and the Card Management System.
NetIQ Identity Governance was ideal for the task of defining and enforcing identity governance controls for access to business applications, as well as enabling system owners to control the security of valuable business assets. This was all done in an automated, web-based fashion instead of spending weeks or months manipulating data in spreadsheets. While the deployment’s default review fulfillment mechanism was to use ServiceNow tickets, some changes could be made directly to the Identity Vault or Active Directory. The Internal Audit team reviewed evidence captured and presented by the system to ensure compliance with audit policy which increased the level of trust that the system was successfully collecting all relevant data and remediating access change decisions properly.
System and application owners saw these benefits and requested identity governance onboarding for their systems and applications. After the successful initial deployment, the management team was excited to tackle the next identity governance challenges.
The database dilemma
After the successful initial deployment, the next governance challenge was connecting to over 200 applications with accounts and permissions stored in databases with similar schemas. The typical configuration of one IG collector for accounts and one IG collector for permissions to each of these 200 databases wasn’t feasible because it would take too long to configure each of these 400 identity governance collectors manually. Jim Montgomery, TriVir Governance Practice Lead, explains the novel approach to integrating with so many applications: “We created an application integration model to quickly onboard more than 200 applications by leveraging the organization’s Enterprise Service Bus (ESB) and two custom-developed NetIQ Identity Governance account and permission collectors for all 200 DBs.” In most cases, database owners could onboard themselves with very little assistance–all they had to provide were the connection details and match up their database fields to the collector schema. Building identity governance collectors that use the existing enterprise service bus allowed data to pass securely between systems and enabled automatic onboarding of applications with similar account and permission mapping needs.
The successful connection to 200 databases was still only scratching the surface–hundreds of high-risk applications and thousands of additional in-scope applications were next to meet CMMC compliance. Using this proven design, the work continues to identify application types successfully integrated previously and applications with similar data models for quick onboarding. Shifting this mapping exercise to the application owners focuses on the experts best suited to provide the information. Additionally, sharing the efforts with application teams allows a faster deployment than if the IG team connected one application at a time.
The PAM imperative
The DoD contractor chose to implement a privileged access management (PAM) solution, CyberArk, to store and track the usage of privileged account credentials. With so many elevated privileges, this system became management’s next target for access review and certification.
Although no CyberArk collector is available out of the box, NetIQ Identity Governance contains an SDK for writing custom collectors and fulfillers for any system. TriVir assisted the DoD contractor with creating a custom collector for CyberArk to gather the system’s different account and permission types. The organization’s CyberArk system contained both internal CyberArk accounts and Active Directory accounts from the local domain. CyberArk uses “safes” to store credentials and access information, and permissions to the safes are configured separately. Both permissions sets needed to be cataloged to understand who had what kind of access to a particular safe and what kind of access to what was stored in the safe.
Once both types of accounts and permissions were imported, reviews of who has access to which safes and who has access to privileged accounts for enterprise apps were configured. This consolidation of administrative and privileged account information both simplified and greatly improved the organization’s security.
We have worked with the NetIQ suite of identity and access management solutions for the last 20 years and felt NetIQ Identity Governance ticked all required boxes. We introduced it in a proof-of-concept (POC) and beat the other vendors in the mix.
The sweet smell of success
Brent Kynaston, TriVir Solution Architect, describes the success experienced so far: “The system owners tell us emphatically how much better their user experience is with the full automation of identity governance. They no longer need to respond to cumbersome and time-consuming queries about what entitlements are assigned within their applications, who has assigned them, and why. Instead, internal and external auditors log onto a user-friendly enterprise portal where they can run specific reports that provide all the required data.”
Jim Montgomery explains how TriVir helped the DoD contractor meet CMMC compliance regulations: “This particular DoD contractor manages tens of thousands of identities, covering thousands of applications, including financial solutions containing very sensitive data. Implementing NetIQ Identity Governance accelerated progress toward meeting CMMC requirements by automating the onboarding of so many applications quickly and simplified the administrative burden of governance across the organization, which was a huge positive paradigm shift.
This rapid deployment facilitated the complete audit and access review process for more applications than had ever been reviewed before. More importantly, the first review and access certification removed many erroneous existing accesses, resulting in significant zero trust progress toward least-privilege access. It was estimated more than 3000 hours were saved by eliminating manual data sampling, spreadsheet review, and email communication. The success of this program has enabled CMMC compliance and opened the door to continue adding thousands of additional applications.
