Home Products Solutions Partners Customers News & Events Resources Corporate Contact Us
Read a Customer Story
Download a Brochure
5C�s of Role Management
Request More Information
Sign Up for Announcements
Request a Demo
Enterprise Role Management
Role-based Identity Management
Entitlement Compliance Management
Privileges Quality Management
Identity Management Preparation and Gap Analysis
Eurekify Sage Survey
Single Platform Solutions
�We have used Eurekify's Sage to build a few roles for thousands of users. It is clearly an easy method to create roles and maintain them�, Peter Zuenti, Consultant.
�Sage Discovery and Audit provides a quick and easy insight of the authorizations within a company�s infrastructure. Sage helps customers realize the benefits of RBAC�, Koos Jennekens, Senior Consultant.
�Sage provides instrumental tools for managing Roles. With Sage, our customers can very simply and quickly add new Roles or modify current ones according to organizational demands�, Franco Rasello, CEO.
�In order to control user permissions as well as being compliant with regulations, the Identity Management solution alone is not enough. The right way to start with a provisioning solution should be optimizing Roles�, Franco Rasello, CEO.
"In my experience, role-based management is critical for achieving the true benefits and ROI of Identity Management implementation.", Marc Sel, Director - Security Solutions, PwC Belgium.
�We have made incredible leaps forward by applying Eurekify technology to speed up the process aimed at pinpointing user profiles and roles�, Rob Bus, Managing Director.
�Sage is the perfect tool for assessing specific needs within a large organization. It is also important for attaining administrative efficiency, reduce employee downtime and to improve security�, Ophir Zilbiger, CEO, Secoz Ltd.
�Role definition applications can significantly reduce the cost of the process (by 40-60% according to a leading systems integrator). To our knowledge, Eurekify and Beta Systems are the only vendors in this space.�, Michael Tieu and Andrey Glukhov.
�From Years of experience in implementing enterprise user administration systems in large environments, we strongly recommend a structured and business-aligned approach to the implementation method...�, Jesper Oestergaard, CEO.


Organizations invest millions of dollars and tremendous effort in their IdM implementations, hoping to gain better security, higher productivity and quick ROI. However, it is very difficult to attain these goals without improving the current quality of privileges, and without creating a privileges model that reflects well the underlying business.

A role-based approach to privileges management is widely considered as best practice in the deployment of an effective provisioning system. Most organizations believe that Role-based Access Control (RBAC) is necessary to unlock the full benefits of Identity Management, and that without this change in paradigm the existing mess will prevail and in fact will be amplified by the new privileges automation systems. Yet, 81% of IdM project managers find that existing IdM solutions do not provide adequate tools for the creation and ongoing management of a role-based privileges model.

Eurekify provides an integrated approach to ERM, complementing and empowering any existing IdM solution with these new and powerful capabilities. Eurekify Sage ERM is the only solution that provides for the full lifecycle of Enterprise Role Management, making many of the difficult processes feasible through the assistance of unique and patented analytics. Eurekify Sage ERM reflects business needs and ongoing changes into IdM provisioning policies and processes.

The Need

The Eurekify Role-based IdM solution is intended for organizations that are before, during, or after the initial deployment of an Identity Management Provisioning system:
  • Enterprises intending to deploy Identity Management Provisioning solutions need to
    • gain a better understanding of their own IdM needs, in order to better evaluate alternative solutions and prioritize systems for IdM deployment
    • gain control over the current quality of privileges, and if necessary start a preparatory cleanup project
    • demonstrate a clear contribution of the IdM effort to the organizational compliance requirements
  • Enterprises currently deploying an automated provisioning system need to
    • identify key provisioning policies and roles for automation
    • cleanup and rearrange some systems
  • Enterprises that have already deployed an automated provisioning system may need to
    • create and maintain a role-based model to align provisioning policies with business roles
    • analyze new systems and applications before they are loaded into the IdM system
    • automate verification of IT controls and compliance with regulatory requirements
  • Enterprises in all IdM phases usually have some compliance needs that can be addressed with an effective role management system

Key Deliverables

Eurekify Sage ERM for Role-based Identity Management can be deployed in conjunction with the Identity Management systems of virtually all vendors, and even with home grown systems, delivering:

  • Preliminary pre-IdM assessment of target systems, including a review of alternative role management approaches
  • Creation of a role-based privileges model to be used as a reference and to be uploaded into the provisioning system for ongoing operational use
  • Ongoing maintenance of the role-based privileges model, and periodical synchronization with the provisioning system
  • Automated verification of IT Controls and compliance with SoD and other business process rules
  • Automated detection of exceptions and deviations, and other privileges cleanup functions
  • Automated certification of roles and individual privileges by business managers
  • Periodical management reporting on privileges quality, privileges management, and compliance processes

How it Works:

Eurekify’s phased approach to deploying Role-based Identity Management relies on the 5C’s of Enterprise Role Management – Control, Create, Comply, Correlate and Collaborate. The following diagram describes how organizations can achieve a successful deployment of Role-based IdM, and realize the full benefits of IdM with Eurekify Sage ERM.

Deploying Role-based Identity Management relies on the 5C’s of Enterprise Role Management – Control, Create, Comply, Correlate and Collaborate. The following diagram describes how organizations can achieve a successful deployment of Role-based IdM, and realize the full benefits of IdM with Eurekify Sage ERM
Role Management in Support of Identity Management

The “Survey, Plan, Deploy and Manage” methodology guides organizations through the phases of surveying their current state, preparing for the IdM implementation, implementing role-based IdM and managing the IdM framework.

This methodology is offered by Eurekify partners worldwide. It is applicable to any Identity Management and Provisioning system of choice, including but not limited to IBM Tivoli, HP, Sun, BMC, CA, Microsoft, and Thor/Oracle.

Back to top of Page

  Analyze Main Systems and Applications   Plan IdM and Role Engineering Project   Develop and Deploy IdM and Role Model   Ongoing Management of Role Model  



Survey - Analyze main system

  • Analyze privileges from the existing IT platforms. Identify and quantify the quality of existing access rights.
  • Reveal the complexities and problems in the current privileges data.
  • Build the business case for an IdM project and shape the set of requirements for an RFP.
  • Foresee complications and better plan future IdM deployment. Get buy-in from both IT and line of business managers.
  • Identify role engineering methodologies that best fit the organization.
  • Uncover and demonstrate compliance violations.

Back to top of Page

Plan the IdM Project

  • Prepare for the IdM deployment.  Plan and evaluate various Identity Management solutions.
  • Prioritize systems and project tasks based on urgency and complexities.
  • Start cleaning privileges on individual platforms and simplify their structure.

Back to top of Page

Parallel Deployment

  • Deploy an IdM system along with designing a role-based provisioning policy.
  • Create and approve an initial set of business roles to be deployed in the provisioning system.
  • Collaborate with business managers to define and approve role definitions and privileges assignment.
  • Perform initial cleanup on source platform before loading the data into the new IdM system.

Back to top of Page

Ongoing Management

  • Periodically audit provisioning policies.
  • Refine, optimize, and adapt role definitions to business changes.
  • Set quality targets and processes to fix privileges exceptions and flawed role definitions.
  • Recertify privileges changes and role updates with business managers.
  • Automate testing of privileges and roles against business process rules and policies such as segregation of duty. Demonstrate compliance verification.

Back to top of Page

Back to top of Page

Identify your own IdM needs Prepare for IdM project & evaluate alternatives Make your existing IdM deploument Role-Based Audit existing privileges, roles and policies