Logical Access Management – Joiner/Mover/Leaver
Control your joiner, mover, leaver process and reduce inherent security risks.
Joiner, Mover and Leaver processes are complex to manage and often require multiple manual steps. Mycelium enables HR information to be combined, to show when people have joined, when they move and when they have left an organisation, with application data showing users, access times and roles. This data can then show what systems a leaver has access to and therefore what should be disabled. The mover reporting will highlight if someone has moved role and needs access removed or provided as a result of this, and a new joiner will have a clearly identified set of initial access they require for their role.
Logical Access Management – Toxic Combinations
As individuals move around large organisations they often retain or inherit access. This can result in them having inappropriate and/or incorrect access to multiple systems, which can be a security, audit, confidentiality and GDPR risk. Using the same sets of data as the Joiner, Mover and Leaver process, and adding level of data around the designated security roles within the applications, it is possible to identify these security breaches. Each individual will have a fingerprint of access, and by overlapping these fingerprints it is possible to identify standard access groups, and outliers. These can be built from the data as it is collected and will provide starting points for security teams to confirm whether an individual has the correct access.
Visibility and current data are key to identification of storage utilisation and therefore strategic cost reduction
Mycelium enables greater visibility in the management of both block (SAN) and file (NAS) infrastructures. This allows analysis at both an individual micro level, and within the context of the overall macro IT strategy, and therefore provides actual data on which decisions around investment and cloud migration can then be made.
Block storage is generally used to support database or large structured data loads. A single SAN device might support dozens of servers, and hundreds of storage volumes. To provide a full picture of how this storage is actually used requires input from the SANs, the servers, and the databases, as well as locational, application and organisational data to give context. Mycelium can consume all of these data sources, even if the data is incomplete, and map and link it to build a comprehensive model. This will help identify the real utilisation at a business data level, and therefore inform the policy decisions to improve overall usage of the asset and reduce cost.
Unstructured filesystem data, usually held on NAS infrastructure, is difficult to manage, but in big organisations it becomes impossible, with growth unchecked, security unmonitored and the impact of outages unknown. Mycelium ties together data from the filesystems, the underlying storage, the operating system and HR to provide an overall view of who owns what and where. This enables teams to identify who is using the storage, whether this storage is appropriate, and allows individuals to judge which files should be retained.
In both cases this data can be further enriched with cost information to support a cost model, and strategic analysis to support and inform the business cases for often complex programmes to modernise and optimise storage infrastructure.
Transparency of the DevOps process drives performance enhancement and business confidence
The visualisation of DevOps provides transparency and quantification of the actual impact development has on production environments. Mycelium takes data from all the systems involved in a traditional DevOps set up and combines the meta-data to provide end to end visibility of the process. This allows analysis of developer productivity, testing effectiveness and impact of production releases.
In the DevOps paradigm it is critical to know if development teams are actually delivering efficiently. By tying the original requests, the code commits, testing runs and production incidents, Mycelium enables identification of the most useful code (and the least useful), the code which has been tested thoroughly (and that which hasn?t), and which has the least negative impact on release into the production environment (and that which has the most), and how long it took to produce. It also allows a tie back of the changes made to the original requests from the business users. This enables business users to have visibility of the process, and also allows for a higher velocity of change, with lower negative impact and greater functional delivery.
Much of the DevOps focus is around automation in the development sphere. Mycelium brings visibility and transparency and therefore balance to the debate, highlighting the production and operational sides of the IT lifecycle.
You can’t manage, what you can’t measure. You can’t measure, what you can’t see. Mycelium aggregates your meta-data providing visibility and metrics, allowing cost reduction, risk mitigation and resource optimisation.