OpenText brings decades of expertise to help you unlock data, connect people and processes, and fuel AI with trust
Unify data seamlessly across your enterprise to eliminate silos, improve collaboration, and reduce risks
Get AI-ready and transform your data into structured, accessible, optimized information
Meet regulatory and compliance requirements and protect your information throughout its lifecycle
OpenText helps people manage content, automate work, use AI, and collaborate to boost productivity
See how thousands of companies around the world are succeeding with innovative solutions from OpenText™
Our people are our greatest asset; they are the life of the OpenText brand and values
Learn how we aspire to advance societal goals and accelerate positive change
Find a highly skilled OpenText partner with the right solution to enable digital transformation
Explore scalable and flexible deployment options for global organizations of any size
Local control. Global scale. Trusted AI
Your cloud, your control
Free up resources, optimize performance and rapidly address issues
Run anywhere and scale globally in the public cloud of your choice
See information in new ways
AI that understands your business, your data, and your goals
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
Gain better insights with generative AI for supply chains
Power work with AI content management and an intelligent AI content assistant
Improve your security posture with AI cybersecurity and agile threat detection
Enable faster app delivery, development, and automated software testing
Elevate customer communications and experiences for customer success
Empower users, service agents, and IT staff to find the answers they need
See information in new ways
AI that understands your business, your data, and your goals
Say hello to faster decisions. Your secure personal AI assistant is ready to get to work
Gain better insights with generative AI for supply chains
Power work with AI content management and an intelligent AI content assistant
Improve your security posture with AI cybersecurity and agile threat detection
Enable faster app delivery, development, and automated software testing
Elevate customer communications and experiences for customer success
Empower users, service agents, and IT staff to find the answers they need
Predict, act, and win with real-time analytics on a smarter data platform
Give users access to the answers they need, faster and easier, with multi-repository AI-based search that lets you contextualize everything from clicks to conversations
Connect once, reach anything with a secure B2B integration platform
Reimagine knowledge with AI-ready content management solutions
Supercharge intelligent workspaces with AI to modernize work
Integrated cybersecurity solutions for enterprise protection
Purpose built data protection and security solutions
Reinvent threat hunting to improve security posture with the power of agile AI
Ship better software—faster—with AI-driven DevOps automation, testing, and quality
Reimagine conversations with unforgettable customer experiences
Get the clarity needed to cut the cost and complexity of IT operations
Redefine Tier 1 business support functions with self-service capabilities from private generative AI
Build custom applications using proven OpenText Information Management technology
Build it your way with OpenText Cloud APIs that create the real-time information flows that enable custom applications and workflows
Protect what matters, recover when it counts
Get greater visibility and sharper insights from AI-driven information management. Ready to see how?
Break free from silos, streamline processes, and improve customer experiences with secure information management for AI
Improve efficiency, security, and customer satisfaction with OpenText
Run processes faster and with less risk
Achieve digital transformation with guidance from certified experts
Modernize your information management with certified experts
Unlock the full potential of your information management solution
Turn support into your strategic advantage
Extend IT teams with certified OpenText application experts
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Modernize your information management with certified experts
Unlock the full potential of your information management solution
Turn support into your strategic advantage
Extend IT teams with certified OpenText application experts
Discover training options to help users of all skill levels effectively adopt and use OpenText products
Information is the heartbeat of every organization. We build information management software so you can build the future
OpenText partners with leading cloud infrastructure providers to offer the flexibility to run OpenText solutions anywhere
OpenText partners with top enterprise app providers to unlock unstructured content for better business insights
Discover flexible and innovative offerings designed to add value to OpenText solutions
Discover the resources available to support and grow Partner capabilities
Get expert product and service support to accelerate issue resolution and keep business flows running efficiently
Explore detailed services and consulting presentations, briefs, documentation and other resources
Least privilege is a foundational tenet of zero trust security, with the core philosophy to grant only as much access as necessary. While initially discussed as part of a network security strategy, applying zero trust security to the application layer for consumable resources (applications, services, data, etc.) is far more effective. This approach allows you to tie specific resource access policies to the people and programs accessing them.
Least-privilege access is a security strategy focused on ensuring that identities, people, and processes are granted the minimum level of permissions needed to be productive—or in the case of programmatic access, functional. In their 800-12R1 introduction into information security, NIST (National Institute of Standards and Technology) points to common concerns addressed by least privilege:
Privilege creep is when a user accumulates entitlements beyond the justification of their role within the organization. It usually happens gradually over time, and often affects organizations that need to secure their regulated or sensitive information. When individuals change roles, permissions are often granted quickly to get people productive, but because responsibilities may linger previous entitlements are often kept in place. The types of resource where least privilege needs to be assessed include:
At some point the leadership team realizes that they need to get a handle on privileged access to their core services and sensitive information. They prioritize and sponsor security teams to join forces with information owners to form privileged access tiger teams. Projects are kicked off and objectives defined. With their newly designed identity governance environment that automates access requests and approvals, the maintenance of it is handed off to operations. Too often, this type of focus isn’t ongoing—but even with automated requests and approvals, privilege creep is still a potential risk.
Often privilege creep builds as business dynamics diverge from defined governance policies. Permission workflows have a tendency to expand as organizations morph and responsibilities drift. Some of the most common sources of privilege creep include:
Privilege creep is nearly inevitable as organizations adapt or respond to various dynamics imposed on them. But it violates a key zero trust tenant designed to protect organizations from outsiders, and is a contributing factor to the large breach costs that continue to grow across virtually every industry.
One of the most difficult aspects of protecting against privilege creep is that it often happens over time while reviewers, who are responsible for many things, are focused on other things. It’s not observable at any one point of time, but rather must be viewed across a relatively long span of time. Acknowledging the subtle way that an account can morph into an unacceptable risk level without detection, the extent to which it poses a security concern depends on the volume of users, the number of changes users go through, and the sensitivity of the information being protected. It’s a security challenge that can’t be solved with a spreadsheet.
Separation of duty and other corporate policies designed to comply with regulations translate well into governance rules, but risk criteria are more subjective. Here are the most common ones:
It’s quite difficult for reviewers to identity permissions that drift over time. These types of evaluations can be aided with automated analysis of change over time. Reviewers can then access that information in a dashboard or report. While it’s not feasible to appraise all users across an organization, it is possible to effectively review and vet the top dozen who pose the highest risk.
Other types of auto-generated risk alerts and reports are derived from analysis of the governed resources. Resources containing sensitive information that are not periodically reviewed are assigned a higher risk score. For all of these alerts, today’s dominant governance innovation is the identification and highlighting of risk areas across the entire environment.
Least privilege access is one of the core components of a Zero Trust Architecture. This means granting only as much access as needed, with only the minimum permissions for the shortest duration necessary.
Other zero trust components include:
Protect data with simplified compliance and access review processes
Secure and control privileged access to protect critical assets
Secure unstructured data and prevent unauthorized access
Secure your digital assets by confidently managing identities and access