Aveksa provides the most comprehensive, enterprise-class, access governance, risk management and compliance solution. Aveksa automates the monitoring, reporting, certification and remediation of user entitlements and roles; enables role discovery and lifecycle management; and delivers unmatched visibility into the true state of user access rights. With Aveksa, business, security and compliance teams can effectively collaborate and enforce accountability. Our growing customer base includes leading global Fortune 2000 organizations in financial services, healthcare, retail, transportation and manufacturing.

Our Website:

Whitepaper: Beyond the Checkbox: A Sustainable Approach to Access Certification

by AveksaFeb 01, 2007

Every large enterprise has employees who need some level of access to its critical information resources, and many also provide a wide variety of types and levels of access to contractors, partners, vendors, and customers. Each of these points of access represents a source of potential business and compliance risk. The process, by which access entitlements and roles are authorized, reviewed, certified, and periodically recertified is critical to an organization�s ability to meet compliance standards and to protect itself against access-related business risks. These are both continuing challenges that require a sustainable process. This paper describes how an organization can establish a genuinely sustainable access certification process which in the past has proven to be difficult for many large enterprises.

Whitepaper: Meeting the Challenges of Enterprise Roles-based Access Governance

by AveksaOct 01, 2007

Real-world attempts to implement roles-based systems have shown that unless roles fit into a context that ties together existing entitlements, company policies, regulatory requirements, and current business process realities, they simply don�t work. Without this context, the result is a system that can�t keep pace with changing business-user requirements. This paper describes a new roles-based model of access governance that overcomes the challenges companies have faced in the past with roles-based access control systems. This new model provides a policy based approach that delivers insight into role relevancy and effectiveness and enables comprehensive role lifecycle management from discovery through retirement, which previously has been lacking in roles-based access systems.

Whitepaper: Aveksa Compliance Manager

by AveksaOct 01, 2007

Aveksa Compliance Manager makes it possible to establish a sustainable access governance model by fully automating the monitoring, reporting, certification and remediation of user entitlements and roles.

Whitepaper: Aveksa Role Manager

by AveksaOct 01, 2007

Aveksa Role Manager is the first comprehensive, scalable solution for role based governance, delivering role discovery and enabling organizations to deploy effective roles-based access control and simplify compliance.

Whitepaper: Aveksa Solutions Overview

by AveksaOct 01, 2007

This datasheet summarizes how Aveksa 3, the industry�s only comprehensive Enterprise Access Governance solution, enables automated, auditable business processes for the management, monitoring, reporting and remediation of access rights to enterprise information assets, while enforcing accountability and enabling key stakeholders to collaborate to achieve good governance through the Aveksa 3 Enterprise Access Governance Suite. The Aveksa 3 Enterprise Access Governance Suite includes Aveksa Compliance Manager, providing policy-based governance through the automated monitoring, review and remediation of user entitlements and roles, and Aveksa Role Manager:Roles-based governance through roles discovery, modeling, and lifecycle management. The company background is also briefly described.

Whitepaper: Managing Risk for Effective Access Governance

by AveksaJan 01, 2008

User access-related business risk comprises a broad array of potentially damaging events that may be caused or made possible by inadequate governance of access to an enterprise's information assets. Such events range from relatively minor policy and compliance violations to disastrous business losses. The stakes involved in access-related risk have risen dramatically in recent years as organizations have become thoroughly operationalized by technology.With nearly every facet of large enterprises' operations now dependent on or supported by automated systems, risks related to unauthorized or inappropriate access can appear anywhere within an organization at any time and spread rapidly through the business. The potential cost to the business in terms of lost revenue and increased expense or in damage to customer relationships as well as the loss of corporate brand and reputation is virtually unlimited. This paper discusses the consequences of unacceptable levels of risk and presents a model for managing access-related risk.

Whitepaper: Aveksa 3 for IBM Tivoli Identity Manager

by AveksaFeb 01, 2008

Many organizations have successfully implemented IBM Tivoli Identity Manager to leverage its automated provisioning capabilities for enterprise application administration and access control. This datasheet describes the benefits of deploying Aveksa 3 as an enterprise-wide solution for Access Governance complementing IBM Tivoli Identity Manager to deliver a complete access governance and compliance solution.

Whitepaper: Ponemon Institute Survey - The 2008 National Survey on Access Governance

by AveksaFeb 04, 2008

According to the 2008 National Survey on Access Governance released on February 5th by the research firm Ponemon Institute, organizations are facing significant business risks because of inconsistent approaches to access management across the enterprise. This survey of almost 700 experienced IT practitioners show that vast majority believe that employees, temporary employees and independent contractors have too much access to information assets that are not pertinent to their job function, and that access policies are not being regularly checked or enforced by their organization. This report describes the five major challenges identified by the survey respondents to implementing an effective access governance framework: � User access rights are poorly assigned � Policies are not regularly checked and enforced � Organizations are not able to keep pace with changes to users� roles and they face serious noncompliance and business risk as a result � Senior management lacks understanding of the importance of access governance � Collaboration is viewed as critical but is not being achieved

Whitepaper: SC Magazine Article: 1 Step Ahead of HIPAA

by AveksaMar 01, 2008

This article describes in detail how the Aveksa solution enables CIGNA to automate a role-based access workflow for nearly 30,000 employees.

Whitepaper: Building a Business Case for Enterprise Access Governance

by AveksaJun 08, 2008

The increased demands of regulatory compliance are causing corporate business and IT security managers to review their access governance policies and procedures with an eye toward improving the efficiency and reliability of their systems, while reducing the complexity and cost associated with demonstrating compliance. Within many organizations, however, regulatory compliance is simply regarded as a sunk cost. This narrow perspective can obscure the true value of investing in technologies that strengthen, automate, and streamline access governance. In fact, meeting compliance requirements and reducing costs are not the only compelling reasons for investing in better access governance. When IT security managers focus only on these issues, they may overlook access-related risk factors that can have a profound impact on their organizations: � Revenue loss � Unexpected expenses � Customer attrition � Damage to the reputation of the company and its brands. When building a business case for an investment in access governance, it is advisable to consider all of these possible areas of benefit instead of focusing only on compliance and the immediate cost savings associated with automation. This paper will describe the factors organizations must consider when building an ROI model and explain the process to use to prepare a comprehensive, compelling business case.