We use Symantec Identity Governance and Administration for user creation, division, modulation, workflow, and giving access to managers. We also use the solution for reconciliation and recertification purposes.
The governance use case is to collect all the knowledge about the user profiles and rights and permissions they have and consolidate them with a unique view so we can manage them to grant more permissions or to remove some permissions.
Learn what your peers think about Symantec Identity Governance and Administration. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
We offer solutions to financial and government institutions. Symantec Identity Governance and Administration is a part of our security solutions. We use it to create users and assign them privileges.
We provide technical expertise for some of our clients. I've worked with thousands of clients. I work with both small clients (1,000 users) and large clients (100,000 users). Our clients use this solution every day. With people constantly being hired and fired, user access is always being granted to new employees and taken from old employees. We use this solution to decipher and determine user access. Our clients collect information surrounding the access that many of their users have. Different users are granted different access and rights. We have a process that monitors and plans user rights in accordance. From the information that we compile using this solution, we then release a report to the manager who then determines the type of access a user gets.
The primary use we have for this product is dividing access into streams. We have to provide the client organization with group and directory structures. The technical part, or provisioning, always seems to be more of a problem because the client companies have some semi-manual processes that depend on human interaction. This is often for something like disabling users, creating new users or changing roles. Of course, provisioning takes a lot of time because it involves accurately defining and managing privileges. It includes accounting for all the access types from temporary access to agile access and also risk evaluation. All these things are often handled through a business process where a lot of the activity is done manually before a solution for automation — like CA Identity Manager — is in place. The agent for CA can handle criteria and rules and has templates for these activities. In short, it can handle these situations automatically starting from the HR Assistant included in the core suite to do recruitment or provisioning of users, and allowing basic access to things like email. Leveraging access depends on which group a user is in and which business rules should be applied. There are often a lot of access attempts on what should be restricted resources. The client has to provide the rules to define which users have access. If there is no rule in place the issue has to first be identified and then to go through a process of approval in an appropriate department. This may lead to a need to change the access process and maybe go back again to think further about the business rules. When all the right rules are in place the processing can be handled automatically by CA IDM. After you change something and test the process again, you can find that there are exceptions and we do not have all the rules in place to handle them. Then the identification and approval process needs to be adjusted on the system again. This, of course, is done with manager approval and the rules have to be examined. We need to repeat this process for the entire site. It is a business process improvement that takes time but will eventually save time by eliminating human intervention and errors. So the main use case is provisioning and access and implementation for security reasons. For example, if you request the use of an application and it is approved, the identity manager learns this and the user is then able to access this application.
Enterprise Solutions & Services Head at Duroob Technology
Real User
2019-09-29T12:21:00Z
Sep 29, 2019
We have three primary uses for the solution. We use it to centralize accounts and directories. We also use it for new registration of our new employees and for users to self-reset password.
The Symantec Identity Governance and Administration (formerly CA Identity Suite) provides comprehensive identity management and governance capabilities with a simple, intuitive user experience. This user experience can dramatically simplify processes such as user access requests and access certifications, resulting in improved productivity and user satisfaction. In addition, the Symantec Identity Governance and Administration performs risk analysis and certification and enables remediation...
We use the product for advanced authentication, identity and access management, and governance.
We use this solution for pre-provisioning, large cycle management, and governance, i.e., access review.
I used the solution in a test environment and used a couple of features. Then, I realized I couldn't do everything I wanted to.
We use Symantec Identity Governance and Administration for user creation, division, modulation, workflow, and giving access to managers. We also use the solution for reconciliation and recertification purposes.
The governance use case is to collect all the knowledge about the user profiles and rights and permissions they have and consolidate them with a unique view so we can manage them to grant more permissions or to remove some permissions.
We use the solution for general life cycle management, account provisioning and six petition processes, the regular IGA stuff.
We offer solutions to financial and government institutions. Symantec Identity Governance and Administration is a part of our security solutions. We use it to create users and assign them privileges.
We provide technical expertise for some of our clients. I've worked with thousands of clients. I work with both small clients (1,000 users) and large clients (100,000 users). Our clients use this solution every day. With people constantly being hired and fired, user access is always being granted to new employees and taken from old employees. We use this solution to decipher and determine user access. Our clients collect information surrounding the access that many of their users have. Different users are granted different access and rights. We have a process that monitors and plans user rights in accordance. From the information that we compile using this solution, we then release a report to the manager who then determines the type of access a user gets.
Our primary use case of this solution is for managing identities and environment controllers in order to make it more unified and standard.
The primary use we have for this product is dividing access into streams. We have to provide the client organization with group and directory structures. The technical part, or provisioning, always seems to be more of a problem because the client companies have some semi-manual processes that depend on human interaction. This is often for something like disabling users, creating new users or changing roles. Of course, provisioning takes a lot of time because it involves accurately defining and managing privileges. It includes accounting for all the access types from temporary access to agile access and also risk evaluation. All these things are often handled through a business process where a lot of the activity is done manually before a solution for automation — like CA Identity Manager — is in place. The agent for CA can handle criteria and rules and has templates for these activities. In short, it can handle these situations automatically starting from the HR Assistant included in the core suite to do recruitment or provisioning of users, and allowing basic access to things like email. Leveraging access depends on which group a user is in and which business rules should be applied. There are often a lot of access attempts on what should be restricted resources. The client has to provide the rules to define which users have access. If there is no rule in place the issue has to first be identified and then to go through a process of approval in an appropriate department. This may lead to a need to change the access process and maybe go back again to think further about the business rules. When all the right rules are in place the processing can be handled automatically by CA IDM. After you change something and test the process again, you can find that there are exceptions and we do not have all the rules in place to handle them. Then the identification and approval process needs to be adjusted on the system again. This, of course, is done with manager approval and the rules have to be examined. We need to repeat this process for the entire site. It is a business process improvement that takes time but will eventually save time by eliminating human intervention and errors. So the main use case is provisioning and access and implementation for security reasons. For example, if you request the use of an application and it is approved, the identity manager learns this and the user is then able to access this application.
We have three primary uses for the solution. We use it to centralize accounts and directories. We also use it for new registration of our new employees and for users to self-reset password.
We use the private cloud deployment model of this solution.