The Compare Entitlements page is used for comparing the entitlements of accounts. This allows you to quickly verify they are assigned entitlements appropriate to their needs and helps ensure consistency between similar accounts in order to avoid inadvertently assigning unnecessary entitlements.
From the Compare Entitlements page you can compare the current entitlements for two accounts.
To compare entitlements
All of the entitlement grants that are different between the two accounts will appear listed in a table at the bottom of the page. To the right of the entitlement grant information (permissions, status, target, and trustee) is a column for each account. A is used to indicate the account has the entitlement grant, while a is used to indicate the entitlement grant is not associated with the account. The following options are also available at the top of the table:
The High Risk Accounts page is used for locating and identifying accounts based on their level of risk. The risk level is based on the entitlement classification rules the accounts are associated with. For example, by default an account that matches the Create Users rule will be considered a high risk since it has permissions to create users.
To display the High Risk Accounts page, click the Risk drop-down in the navigation bar and select High Risk Accounts from the drop-down menu. The High Risk Accounts page is used for identifying high risk accounts in your data source based on their association with the entitlement classification rules enabled in Starling Identity Analytics & Risk Intelligence.
The following information appears on this page:
This displays the date and time that the entitlement rules were last evaluated by Starling Identity Analytics & Risk Intelligence.
The number of accounts classified as being high risk. The total number of evaluated accounts which are associated with your data sources appears beneath the number of high risk accounts.
The number of newly designated high risk accounts. These new high risk accounts are accounts that increased enough in risk level to become high risk since the last evaluation.
The number of previously identified high risk accounts that have had an increase in risk level since the last evaluation.
This displays the number of types of data sources that have been configured. The number of instances appears beneath the number of data sources and refers to the total number of instances regardless of data source type.
This displays the number of rules that were last evaluated by Starling Identity Analytics & Risk Intelligence. The total number of available rules appears beneath the number of evaluation rules.
The following filtering options appear on this page:
|NOTE: You must click Search in order to filter the High Risk Accounts table based on your selected parameters.|
Use to search for accounts of a specific risk level. The following options are available: Only High Risk (default), Only New High Risk, Only Increased High Risk, Only Low Risk, or All. You can use the search box at the top of the drop-down menu to narrow down the options.
Use to search based on the type of trustee. The following options are available: All, Direct Access, or Group Access. You can use the search box at the top of the drop-down menu to narrow down the options.
Use to search for accounts in a specific data source. You can use the search box at the top of the drop-down menu to narrow down the options.
Use to search for accounts by a specific entitlement classification rule. You can use the search box at the top of the drop-down menu to narrow down the options.
This field allows you to search for an account by name in the table appearing at the bottom of the High Risk Accounts page.
Click this button to apply the selected filtering options.
For information on the table appearing at the bottom of the High Risk Accounts page, see High Risk Accounts table.