Vanta Access Reviews enables organizations to identify risks and revoke unauthorized use
Vanta unveils the Access Reviews solution, which gives security teams the ability to automatically review, adjust, monitor and report user access to systems, all within the Vanta platform.
Now, organizations can granularly understand and control employee access rights to a given application to identify risks and revoke unauthorized use.
“People are a company’s most valuable asset, and at the same time its greatest risk surface,” said Christina Cacioppo, CEO, Vanta. “Every unauthorized or over-permissioned employee creates an entry point that can be exploited, but security teams lack the ability to easily identify credentials. Instead, they must manually reviewing each case to understand who has access to a given application, and if they are authorized and still within the company, instead of focusing on critical work.We created access reviews to automate this difficult, time-consuming, and error-prone process so security teams can focus on protecting their organization’s attack surface.
Periodic access reviews are a good security practice, but require hours of updating spreadsheets and chasing reviewers to review account access for their systems within an organization. This costly and time-consuming task not only takes time away from more strategic security work, but also introduces an element of human error due to the repetitive nature of the review process.
If reviews are not done properly or not completed, improper access can be misused by cyber attackers, malicious insiders, or former employees to steal or destroy data. This results in non-compliance and a weak security posture. Vanta automates all this tedious work and saves organizations over 90% on costs compared to traditional methods.
Vanta Access Reviews solution capabilities and features include:
- Dozens of prebuilt integrations to quickly consolidate system access data and HRIS information;
- Process owner workflow to select affected systems, system owners/reviewers, deadlines, and automatic reviewer notifications and reminders;
- Reviewer workflow with a guided and intuitive interface to view all accounts, accept/deny account access and add notes;
- Automatic flagging of “at risk” accounts of employees who have been terminated or have recently changed departments;
- Integration of task tracking to optionally create tickets for any access changes and provide visibility into ticket status;
- Create reports to show automated evidence of remediation progress and completion;
- Auditor interface so they can log in to Vanta to see the history of all completed access exams.