In a typical environment, IT compliance is confined to configuration management, the firewall, the antivirus systems, and the vulnerability assessment. However, there is a difference between managing security configurations and vulnerabilities and managing access controls and data entitlements. Incidents can occur when a valid user can have access to the data that the user should not access.
Symantec Control Compliance Suite facilitates the monitoring of access rights in the organization. The Symantec Control Compliance Suite identifies false entitlements. The Entitlements view in the Symantec Control Compliance Suitelets you define the data a user is entitled to access. The Entitlements view also monitors whether the system adheres to the defined access controls.
Table: Identifying threats in access control
Locating the potential control points in the asset system
Go to Manage > Assets > Asset system.
Consider the following to locate the potential control points in the asset system:
Mark the assets as control points
Go to Manage > Assets > Asset System > Global Tasks > Mark as Control Point.
Consider the following to mark the assets as control points:
Create Review Cycle Setting
Go to Manage > Entitlements > Review Cycle Settings.
Consider the following to create a review cycle setting:
Configure the control point
Go to Manage > Entitlements > Control Points.
Consider the following to configure the control points:
Monitor the control point status throughout the review cycle
Go to Manage > Entitlements > Control Points
Before you begin monitoring the control points in the review cycle, it is recommended that you understand the various control point states.
Perform the following tasks in the given order as an Entitlements Administrator:
The control points are then approved by the data owners or the data owners request changes in the control point entitlements.
To know more about the entire approval workflow visit the following link:
Generate entitlements report
Go to Reporting > Report Templates
You can generate the following types of entitlements reports: