Welcome to ObserveID Support
- ObserveID
- Frequently Asked Questions
Click below for frequently asked question, documentation and other helpful tools to get the answer you need.
Integration
ObserveID’s goal is to connect to all company resources with little code and real-time. We have engineered the tools to do this and ensure direct connections such as:
Out-of-the-Box Connectors API: We have several hundred out-of-the-box connectors that use an Application Programming Interface (API) and a System for Cross-domain Identity Management (SCIM).
Custom Out-of-the-Box Connectors: The platform also provides an out-of-the-box API Framework for creating custom connectors, if required.
Legacy or Custom Applications: ObserveID also has a generic database connector to support different types of databases along with Robotic Process Automation (RPA) BOT to integrate with legacy and custom software that is not API-enabled.
Pricing
ObserveID is a Software-as-a-Service (SaaS) platform.
Licensing typically depends on the number of identities (human and non-human) and the number of integrations (end applications or target systems). ObserveID also supports implementation on customer private clouds.
Additional details such as extended data retention (beyond the 2-year standard) as well as a number of environments (production, dev, etc.) play a role in the final pricing.
All of ObserveID platform functionality is included in this one price per user including: PAM, IAM, IGA and CIEM functionality are typically siloed in functionality and pricing.
Post-Implementation
Our initial project and integration work onboarding our clients is handled with care from our deep expertise and experience implementing IT projects.
Once the platform has been installed, our proactive 24/7 monitoring services provide a first line of defense against disruptions and ensures that the system is always in order. Alerts can be automatically sent to our internal ITSM system (Freshdesk), creating tickets with proper urgency. Tickets are handled based on the severity of the issue, ensuring maximum uptime.
If a bug is identified within the platform, a ticket can be created by simply sending an email to ObserveID’s ITSM system. The issue will be addressed based on its severity in a timely manner.
Functionality updates and software upgrades are typically pushed out on a scheduled (monthly/quarterly) basis using automated pipelines and scripts whether you are in your own private cloud or ObserveID hosting.
Urgent software-related bugs can be deployed as needed during off-hours as long as no service interruptions are expected.
If ObserveID’s SaaS platform is used, your company will need to provision the Universal Connector (UC) component, which runs as an appliance (container). ObserveID’s UC supports Load Balancer and fail-over for redundancy and business continuity.
If ObserveID is deployed into your company’s private cloud, additional DB servers and other microservices will need to be deployed. If this option is selected, a detailed Architecture diagram will be provided.
ObserveID is a Low-code/no-code platform. What does this mean for the user?
ObserveID’s User Interface (UI) is highly configurable, intuitive, and easy to navigate. For example, the dashboard can be configured based on user roles and responsibilities. A security professional, an auditor, or an administrator can all potentially be interested in different metrics and KPIs.
ObserveID also allows the creation of functional roles, which business users can easily do using the drop-down filter mechanism. All the built-in workflows are also easily configurable using simple navigation.
All ad-hoc reporting is also no code required due to the easy-to-use filters. There are also standard reports available.
The ObserveID Platform SaaS Services will achieve System Availability of at least 99.0% during each calendar year of the Subscription Term.
ObserveID’s SaaS platform is deployed on Microsoft Azure. ObserveID leverages Azure-supported high availability for most of its services, including Azure VMs, SQL Database, and Azure Load Balancer.
ObserveID’s SaaS platform uses Azure native technologies such as Traffic Manager, active geo-location, and Database backups to support the Disaster Recovery Plan. Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are within minutes.
Workflows
Distribution Lists (DLs) within ObserveID are handled as entitlements for access requests and provisioning.
Scalability
ObserveID is a cloud-first, purpose-built SaaS platform that uses the modern architecture of containers and microservices. It is highly flexible, agile, and scalable. Cloud resources can be scaled up or down based on individual customer requirements
Once all Integrations are onboarded onto ObserveID, a data import process from the target system builds the entitlement catalog, which has locally manageable descriptions and tagging functionalities for ease of use for business users.
As indicated earlier, ObserveID is a low-code/no-code platform. The same concepts apply to reporting. ObserveID has a built-in analytics engine that can be used to create various reports using filters and drop-downs. Several canned out-of-the-box compliance reports are also bundled in.
Additional ad-hoc reporting can be configured via filtering on the audit and compliance data sets as needed. Created reports can be personal to a user or shared with others in the organization
ObserveID offers an Intuitive user interface based on filters to showcase the required data set so that managers can take appropriate action. ObserveID’s AI functionality can be used for intelligent User Access Reviews (UARs), reducing managers’ time needed to complete the certification process to meet regulatory and compliance requirements. This also helps reduce the rubber stamping of the UAR process, as automated approvals and rejections can occur based on user behaviors and the last use of a specific account or a privilege.
Role-Based Access Control (RBAC) is a common IAM method deployed by many organizations. ObserveID supports RBAC to its fullest extent. ObserveID has Birthright roles and IT/Functional roles that can be created to grant permissions based on attributes such as Title, Location, Department, etc. created in ObserveID, data import builds the access map, and the same will be utilized via analytics to do the Role mining or discovery. Roles have flexible configurations for approvals based on criteria.
Discretionary access control can be granted either by temporarily elevating privileges for a period or by creating temporary accounts. Multi-level approvals can be part of these requests.
ObserveID’s Temporary access request workflow can be utilized to gain appropriate access during urgent access needs. With proper setup, the requester can bypass the approval(s) during an urgent access need if the business process allows it while keeping history managed within ObserveID for regulatory and compliance requirements.
ObserveID is a low-code/no-code platform. Workflows are configuration-based with multi-level approvals. Any additional workflows can be configured by the product team using drop-down selections.
ObserveID provides an out-of-the-box integration framework and detailed documentation for building custom integrations. The framework uses .Net, C#, API, and SCIM methodology.
ObserveID provides artificial intelligence (AI) handlers that integrate with the customer’s choice of AI and large language models (LLMs).
AI functionality can be used for intelligent User Access Reviews (UARs), reducing managers’ time needed to complete the certification process to meet regulatory and compliance requirements. This also helps reduce the rubber stamping of the UAR process.
ObserveID’s machine learning (ML) capability can help identify anomalies and reduce surface attack areas by taking automated action.
Identity and Access Management (IAM)
IAM is a framework of policies and technologies for ensuring that the right individuals have the appropriate access to technology resources.
IAM is crucial for protecting sensitive data, ensuring regulatory compliance, improving user productivity, and reducing security risks.
The core components of IAM include user authentication, authorization, user provisioning, password management, and identity governance.
IAM improves security by enforcing policies that ensure users have appropriate access and by monitoring and managing access to prevent unauthorized actions.
User provisioning involves creating, managing, and maintaining user accounts and access rights across systems and applications.
Common methods include passwords, biometrics, smart cards, multi-factor authentication (MFA), and single sign-on (SSO).
SSO allows users to log in once and gain access to multiple applications without re-entering credentials for each application.
MFA requires users to provide two or more verification factors to gain access to a resource, enhancing security beyond just passwords.
IAM supports compliance by ensuring access policies meet regulatory requirements and by providing audit trails for access-related activities.
IAM solutions can be scaled by leveraging cloud-based services, implementing automation, and continuously updating policies to accommodate growth.
IAM manages the identities and access of all users, while PAM specifically manages and monitors access for privileged users with elevated permissions.
IAM provides secure access to corporate resources from any location, ensuring remote workers have the necessary access while maintaining security.
RBAC restricts system access to authorized users based on their roles within an organization, simplifying access management and improving security.
Challenges include complex integration with existing systems, user adoption, ensuring scalability, and maintaining up-to-date policies.
IAM enhances productivity by providing seamless access to necessary resources and reducing the time spent on password resets and access issues.
Benefits include improved security, streamlined user access management, enhanced compliance, and increased operational efficiency.
Yes, modern IAM solutions can integrate with various IT systems, including on-premises, cloud-based, and hybrid environments.
AI enhances IAM by providing advanced analytics, detecting anomalies, automating processes, and improving decision-making for access control.
Future trends include increased use of AI and machine learning, zero trust security models, enhanced biometric authentication, and deeper integration with cloud services.
Privileged Access Management (PAM)
Privileged Access Management (PAM) is a set of technologies and practices designed to secure, control, and monitor access to an organization’s critical systems and sensitive information by privileged users.
PAM is crucial for protecting against cyber threats posed by insiders and external attackers who target privileged accounts to gain access to critical systems and data.
Privileged accounts are those with elevated permissions that allow users to perform administrative tasks, such as system configuration, software installation, and user management.
PAM enhances security by enforcing strict controls over privileged accounts, monitoring their activity, and ensuring that only authorized users have access to critical systems.
Core components include privileged account discovery, privileged session management, credential vaulting, access control, and monitoring and auditing.
Credential vaulting involves securely storing privileged account credentials in a central repository, which users must access through the PAM solution.
PAM supports compliance by providing detailed audit logs of privileged access, enforcing security policies, and helping meet regulatory requirements for access control and monitoring.
Privileged session management monitors and records privileged user sessions to ensure that actions taken by privileged users are tracked and can be audited.
While IAM manages access for all users, PAM specifically focuses on managing and securing access for privileged users with elevated permissions.
JIT access grants privileged access to users only when needed and for a limited time, reducing the risk associated with standing privileged accounts.
Least privilege access is a principle where users are granted the minimum level of access—or privileges—necessary to perform their job functions.
Yes, modern PAM solutions can integrate with various IT systems, including on-premises, cloud-based, and hybrid environments.
Benefits include improved security, reduced risk of data breaches, enhanced compliance, and better control over privileged access.
PAM helps prevent insider threats by closely monitoring privileged user activities, enforcing access controls, and providing audit trails for all privileged actions.
Challenges include the complexity of integrating with existing systems, ensuring user adoption, managing privileged accounts at scale, and maintaining continuous monitoring.
PAM improves audit and compliance efforts by providing detailed records of privileged user activities, which can be used to demonstrate compliance with regulatory requirements.
Multi-factor authentication (MFA) adds an additional layer of security to privileged accounts by requiring multiple forms of verification before granting access.
PAM secures remote access by enforcing strong authentication, monitoring remote sessions, and controlling access to sensitive systems from remote locations.
Monitoring and alerting are important for detecting and responding to suspicious activities by privileged users in real-time, helping prevent potential security incidents.
Identity Governance and Administration (IGA)
Identity Governance and Administration (IGA) refers to the policies, processes, and technologies that manage and secure digital identities within an organization. IGA solutions help organizations control access to systems and data, ensuring that only authorized users have appropriate access.
IGA is crucial for compliance as it ensures that organizations adhere to regulatory requirements regarding data access and security. It helps in maintaining audit trails, enforcing access policies, and managing user identities in a controlled manner, which is essential for meeting compliance standards like GDPR, HIPAA, and SOX.
IGA solutions provide detailed logs and reports of user access and activities, which are essential for compliance audits. These reports help demonstrate compliance with regulatory requirements by showing who accessed what data and when, and whether any unauthorized access occurred.
GDPR (General Data Protection Regulation): Ensures data protection and privacy for individuals within the EU.
HIPAA (Health Insurance Portability and Accountability Act): Protects sensitive patient health information.
SOX (Sarbanes-Oxley Act): Mandates strict financial reporting and control measures.
PCI-DSS (Payment Card Industry Data Security Standard): Secures card transactions against data theft and fraud.
IGA systems automate the process of periodic user access reviews. This includes generating reports for managers to review and certify access rights, ensuring that users have the appropriate access levels and revoking access that is no longer needed.
IGA helps enforce segregation of duties by ensuring that no single individual has control over all critical aspects of a business process. It automates SoD checks and balances, preventing conflicts of interest and reducing the risk of fraud or error.
IGA enables role-based access control by defining roles and associating them with the necessary permissions. It simplifies the process of granting access based on a user’s role within the organization, ensuring consistency and compliance.
Integrating IGA with other security solutions such as SIEM (Security Information and Event Management) and PAM (Privileged Access Management) provides a holistic approach to security. It ensures comprehensive visibility and control over user access, enhances threat detection, and simplifies compliance management.
IGA solutions can provide real-time monitoring of user activities and access rights. This continuous oversight helps in promptly identifying and addressing compliance issues, ensuring that organizations remain compliant with regulatory requirements at all times.
Conduct Regular Access Reviews: Periodically review user access to ensure compliance.
Implement SoD Controls: Use IGA to enforce segregation of duties.
Automate Role Management: Simplify access management through role-based controls.
Integrate with Other Security Solutions: Enhance security and compliance by integrating IGA with SIEM, PAM, and other tools.
Maintain Detailed Audit Logs: Keep comprehensive logs of all user activities for audit purposes.
Have Another Question?
Didn’t find what you’re looking for? Fill out this form and one of our team members will get back to you as soon as possible.