Access Certifications
As an organization, it's important to periodically identify and review users who have access to your critical resources. This ensures that only users who need a resource have access to it and avoid accumulation of elevated or privileged access to a resource.
Use Access Certifications to create audit campaigns to review your users' access to resources periodically and approve or revoke access automatically when required. In each campaign, you can specify the following items:
- The start date and duration of the campaign.
- The resources (apps or groups) that you want to include in the review.
- The users or teams that you want to include in the campaign.
- The reviewers who must review the access for each user and resource.
You can also view previously closed campaigns and generate reports.
The Access Certifications process helps your company meet the following requirements:
- Secure critical resources by implementing separation of duties (SoD) rules, which reduces the risk of inappropriate access to these resources.
- Pass industry audits by being able to verify access and provide evidence to auditors that only the right users have access to the right resources.
- Reduce license costs related to license sprawl from temporary projects or users changing teams within an organization.
- Use existing Okta configurations and app integrations to easily create campaigns and automate removal in third-party apps.