Hitachi ID Systems, Inc.

Hitachi

Features Access Controls

Headlines

Hitachi, Ltd. acquires M-Tech Information Technology, Inc. ... More»

Access Controls

ID-Archive™ allows for the definition of resource groups. These are simply collections of devices to which IT staff are given rights and to which policies apply.

Resources may be attached to a group explicitly (e.g., "attach workstation WKSTN01234 to resource group RGWKSTNS") or implicitly, using an expression. Expressions may be based on the operating system type, IP address, MAC address, workstation name, etc.

Policies applied to resource groups include:

  1. Which user passwords to randomize on each member device.
  2. How to compose random passwords (e.g., length, complexity, etc.).
  3. What to do when users attempt to (and succeed or fail to) access passwords on devices in the group.

Resource groups can be nested, as a mechanism to more naturally represent groups of devices.

ID-Archive users are likewise grouped into console user groups, either explicitly or implicitly (i.e., via membership in a user group on a target system, such as Active Directory). Groups of console users are granted specific rights to resource groups. Rights include enumerating member devices, viewing passwords and viewing access activity.