Starling Identity Analytics & Risk Intelligence Hosted - User Guide

Starling Identity Analytics & Risk Intelligence Getting started Settings Collaborators Collector agents Licensing Rules Risk Verification Reports

Introduction to Compare Entitlements

The Compare Entitlements page is used for comparing the entitlements of accounts. This allows you to quickly verify they are assigned entitlements appropriate to their needs and helps ensure consistency between similar accounts in order to avoid inadvertently assigning unnecessary entitlements.

Comparing entitlements

From the Compare Entitlements page you can compare the current entitlements for two accounts.

To compare entitlements

  1. Within Starling Identity Analytics & Risk Intelligence, click Risk in the navigation bar.
  2. From the drop-down menu, select Compare Entitlements.
  3. On the Compare Entitlements page, use the Select a data source drop-down menu to select the data source that contains the two accounts for which you want to compare entitlements. Once you have selected a data source, two additional drop-down menus will appear.
  4. Click the drop-down associated with the first Search for Account field.
  5. To locate an account, begin typing in the empty field to filter the available accounts. Once the first account to compare is located, click the account name to populate the field.
  6. Click the drop-down associated with the second Search for Account field.
  7. To locate an account, begin typing in the empty field to filter the available accounts. Once the second account to compare is located, click the account name to populate the field.
  8. Click Compare.

    All of the entitlement grants that are different between the two accounts will appear listed in a table at the bottom of the page. To the right of the entitlement grant information (permissions, status, target, and trustee) is a column for each account. A is used to indicate the account has the entitlement grant, while a is used to indicate the entitlement grant is not associated with the account. The following options are also available at the top of the table:

    • Show All Entitlements: Select this check box to display all entitlement grants for the two accounts.
    • : Click this button to refresh the information displayed in the table
    • : Click this button to open the print options for this table.
    • : These buttons appear if more than one page is required to list the entitlement grants. Use the arrow buttons to move back and forth between pages.

Introduction to High Risk Accounts

The High Risk Accounts page is used for locating and identifying accounts based on their level of risk. The risk level is based on the entitlement classification rules the accounts are associated with. For example, by default an account that matches the Create Users rule will be considered a high risk since it has permissions to create users.

High Risk Accounts page

To display the High Risk Accounts page, click the Risk drop-down in the navigation bar and select High Risk Accounts from the drop-down menu. The High Risk Accounts page is used for identifying high risk accounts in your data source based on their association with the entitlement classification rules enabled in Starling Identity Analytics & Risk Intelligence.

The following information appears on this page:

Entitlement rules last evaluated

This displays the date and time that the entitlement rules were last evaluated by Starling Identity Analytics & Risk Intelligence.

High Risk Accounts

The number of accounts classified as being high risk. The total number of evaluated accounts which are associated with your data sources appears beneath the number of high risk accounts.

New High Risk Accounts

The number of newly designated high risk accounts. These new high risk accounts are accounts that increased enough in risk level to become high risk since the last evaluation.

Increased High Risk Accounts

The number of previously identified high risk accounts that have had an increase in risk level since the last evaluation.

Data Sources

This displays the number of types of data sources that have been configured. The number of instances appears beneath the number of data sources and refers to the total number of instances regardless of data source type.

Evaluated Rules

This displays the number of rules that were last evaluated by Starling Identity Analytics & Risk Intelligence. The total number of available rules appears beneath the number of evaluation rules.

The following filtering options appear on this page:

NOTE: You must click Search in order to filter the High Risk Accounts table based on your selected parameters.
Risk Level

Use to search for accounts of a specific risk level. The following options are available: Only High Risk (default), Only New High Risk, Only Increased High Risk, Only Low Risk, or All. You can use the search box at the top of the drop-down menu to narrow down the options.

Trustee Type

Use to search based on the type of trustee. The following options are available: All, Direct Access, or Group Access. You can use the search box at the top of the drop-down menu to narrow down the options.

Data Sources

Use to search for accounts in a specific data source. You can use the search box at the top of the drop-down menu to narrow down the options.

Rules

Use to search for accounts by a specific entitlement classification rule. You can use the search box at the top of the drop-down menu to narrow down the options.

Search for accounts

This field allows you to search for an account by name in the table appearing at the bottom of the High Risk Accounts page.

Search

Click this button to apply the selected filtering options.

For information on the table appearing at the bottom of the High Risk Accounts page, see High Risk Accounts table.

Related Documents