When companies lack the capability to either detect or prevent these kind of over-authorized users they introduce this type of risks. The challenge for these organizations is that it’s difficult to deal with large volumes and pick that single user out of many that has this conflicting set of access rights. Access Governance tooling that on a regular basis checks these potential Segregation of Duties and other violations would certainly help. Alternatively a structured Access Certification process would most likely have prevented this fraud and made the Manager aware of these conflicting access rights.
30 Mar 2011 12:15 Read comment
Lars HersloefProduct manager at Svemska Handelsbanken AB (publ)
Chandrashekar GopalaraoProduct Manager at Infosys Technologies Ltd
Charlie TanosProduct Manager at Cuscal
Michael Galvin Product Manager at Linedata
Justin HayesProduct Manager at Linedata
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.