NEWPORT, R.I., – November 27, 2019
Today SecZetta, the leading non-employee identity and lifecycle management provider, announced that it has launched a new SaaS-based solution for holistic non-employee identity and lifecycle management. The SecZetta Third-party Identity Risk Solutions Suite enables organizations to quickly and effectively manage the risk assessment, provisioning, auditing, and timely deprovisioning needs of large and/or complex non-employee populations with the speed and ease-of-use that comes with a SaaS-based implementation. As a result, the solution is able to uniquely help organizations facilitate the use of non-employees while at the same time improving their overall risk posture.
To remain competitive, organizations are more likely than ever before to provide an increasingly diverse population of non-employees with access to their internal systems and data. While most organizations generally have good systems and processes in place to provide the context they need to adequately manage the identity access and lifecycle of employees, they often lack sufficient data to make informed decisions about non-employees. In fact, third-party risk assessments are typically only done at the vendor or partner level versus the individual identity level. This creates a gap between vendor risk management and non-employee access and does not even take into consideration the non-human access needs of service accounts, bots, and other “things” that may have some of the same access needs as human identities.
To fill this gap, the SecZetta Third-party Identity Risk Solutions Suite maintains a single authoritative source of identity information such as relationships, risk factors, and other contextual data points to help organizations make better decisions about the level of access granted for non-employees based on each individual identity. At the heart of the solutions suite is a proprietary risk scoring methodology that enables organizations to rate the risks associated with non-employees before granting them access. This along with the ability for internal and external sponsors to execute key processes for onboarding, regular identity validation, offboarding and termination, optimizes business enablement while adhering to corporate policy and governance.
“Organizations typically focus on third-party risk at the vendor and partner level, often evaluating them through assessments and tools to ascertain if they have the requisite security controls in place to meet access requirements. Unfortunately, this is only half of the effort needed,” said David Pignolet, CEO of SecZetta. “What is missing in this process is the risk ratings for the individual people at the vendor/partner and assessing the risk of ‘things’ like bots, which like people, have relationships with the organization, they are granted access, they have a lifecycle, and sponsors. With our SaaS-based Third-party Identity Risk Solutions Suite, we make it easy to manage the complex relationships of all third parties in a single, easy-to-use application that helps facilitate key organizational initiatives while at the same time reducing risk.”
InkHouse for SecZetta