When companies lack the capability to either detect or prevent these kind of over-authorized users they introduce this type of risks. The challenge for these organizations is that it’s difficult to deal with large volumes and pick that single user out of many that has this conflicting set of access rights. Access Governance tooling that on a regular basis checks these potential Segregation of Duties and other violations would certainly help. Alternatively a structured Access Certification process would most likely have prevented this fraud and made the Manager aware of these conflicting access rights.
30 Mar 2011 12:15 Read comment
Atul GondekarProduct Manager at U.S. Bank
Nikhil MehtaProduct Manager at HDFC Life
Tuncay CoruhProduct Manager at Fineksus
Antoine GuillaumeProduct Manager at SWIFT
Valentine HorstmannProduct Manager at Worldline
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.