AMAG Technology will preview new identity management system Symmetry CONNECT at ISC West 2017 AMAG Technology is previewing Symmetry™ CONNECT, its new policy-based identity management system, at ISC West in Las Vegas between April 5th-7th. Symmetry CONNECT Symmetry CONNECT delivers an easy-to-use, automated software platform to manage employee, contractor and visitor identities, satisfy regulatory audit and compliance requirements and reduce the administrative costs of the security team. Previewing at ISC West is a completely new user interface, which provides security teams with a simple, intuitive, web-based solution to better manage identities, reduce risk and operationalise business. When used with Symmetry Access Control, organisations have a robust identity management system that utilises data to secure people, property and assets, and automates business processes for better operational efficiency. Organisations manage three types of identities within their buildings: employees, contractors and visitors. Symmetry CONNECT manages these identities using a data-driven automated process that eliminates errors and reduces risk. Symmetry CONNECT automates on and off boarding of identities, replacing cumbersome manual based authorisation and workflow processes that rely heavily on email and spreadsheets. Using rule and role based access provisioning based on customer policies, access rights are updated or revoked automatically. The automation also tracks the identity throughout its lifecycle, tracking where the credential is used and how often. Organisations can automate cumbersome, manual electronic audits of all provisioned access, saving months of manual work Configurable workflow engine Symmetry CONNECT puts the decision-making into the hands of the people responsible for compliance using a self-service access and credential request portal. Employees and contractors can request access based on an organisation’s policies, which is routed directly to the authorised individuals to approve or reject those requests. Symmetry CONNECT replaces multi-step manual processes with a configurable workflow engine that fits any organisation’s needs. Requests can be made and actioned from a smartphone, tablet or PC, and all activity is recorded in a dashboard for administrators to easily track and monitor. When access expires, a notification is sent informing authorised individuals. Identity management made easy “Symmetry CONNECT automates every aspect of identity management, from on and off boarding, to change requests, and recertifications for audit and compliance,” said AMAG Technology, Vice President of Client Services, Jeff LeBlanc. “Using this automated workflow-based platform, organisations can save money, reduce risk, and know when they are about to fall out of compliance and what needs to be done to remain in compliance. Symmetry CONNECT makes managing identities easier than ever.” Organisations can automate cumbersome, manual electronic audits of all provisioned access, saving months of manual work. Companies can schedule audits based on their needs and requirements, and automate the recertification process so they never fall out of compliance. Dashboards manage compliance with notifications and reminders. AMAG Technology understands that it’s not just what data and information you put into an application; it’s what you can get out of it. CONNECT provides end users with quick and easy access to all of their data. Reports can be created on the fly and provide parameters which allow customers to always demonstrate the controls necessary to remain in compliance. Reports can be delivered via email and easily shared.
AMAG Technology is pleased to announce the release of Symmetry™ GUEST, a new web-based visitor management system that speeds the flow of visitors while improving customer service. Symmetry GUEST enhances a visitor’s experience while helping organisations enforce security policies and reduce costs. Symmetry GUEST operates on any tablet, smart phone or PC using any web browser. The mobility of GUEST is ideal for roving lobby ambassadors or self-service touch-screens to check-in visitors, contractors or visiting employees. The system issues a visitor pass electronically to the visitor’s smart phone via a QR code or barcode, similar to an airline boarding pass. This allows visitors to be identified quickly by the system or directly from their phone. If utilising GUEST self-registration, visitors can check-in and print their visitor pass automatically, allowing the receptionist to focus on greeting the guest rather than soliciting paperwork. Symmetry GUEST - user-friendly solution “Symmetry GUEST offers a highly secure, yet easy to use solution to vet and manage visitors for any size organisation,” said AMAG Technology, Vice President of Client Services, Jeff LeBlanc. “Symmetry GUEST enhances the visitor experience, improves lobby traffic flow while enforcing security policies.” Employees can pre-register visitors using Symmetry GUEST or by taking advantage of the Outlook or Gmail calendar integration. When pre-registering, an email can be sent to the visitor which contains a map or directions, or any building-specific instructions. When the visitor arrives, they check-in via the receptionist, touch screen monitor, tablet or using their smart phone. Helps organisations to enforce security policies Symmetry GUEST allows organisations to require visitors to sign and/or acknowledge the organisation’s security policies and procedures. Organisations can administer watch lists that notify responsible parties when banned visitors are preregistered, as well as when checked-in. Organisations that utilise Symmetry GUEST can diminish costs by reducing lobby headcount, abolishing visitor related paperwork, and eliminating manual badge creation. Symmetry GUEST also helps companies meet audit and compliance requirements via robust reporting. It’s an enterprise level solution that fits any size organisation. Cloud-based visitor management system Symmetry GUEST’s cloud based architecture makes it easy to purchase and set up. Almost every aspect of the software can be configured by the end user, and it integrates with most standard visitor management hardware (badge printers, webcams). Dashboards showing current, future and favourite visitors further enhance the end user experience. Symmetry GUEST easily integrates with Symmetry™ CONNECT, Symmetry™ Access Control and Symmetry™ CompleteView Video Management System to deliver a complete security solution.
Automated procedures reduce manual errors & help meet regulatory requirements End user demands are growing exponentially every day. Whether it is managing who has access to buildings or areas and when, recording events on video, managing incidents, meeting compliance requirements or demonstrating proof of compliance, the list goes on and on as to what end users must manage to keep their buildings, assets and people safe. Physical security equipment and an effective security team will always be required to keep a building safe. But what about having reliable policies and procedures to enforce operational effectiveness? Sure, companies can invest in the best electronic security systems and cyber security programmes available, but if their internal policies are outdated and security procedures are dependent on manual processes, how can the overall security program be effective? What if the wrong person gains access to a critical area due to a manual error? How do companies know if their policies, procedures, and command and control activities are enforced 100% of the time? How do they prove it? To be sure, companies must implement policy-based procedures that reduce manual errors, help meet regulatory requirements and provide proof of compliance for audit requirements in the most efficient way possible. Improve onboarding process When onboarding a new employee, contractor or visitor, security often manually assigns an access card and grants privileges based on what the employee’s supervisor or guest host directs. Normally that process involves the security team receiving notification via email that a new employee, contractor or visitor needs access privileges. Security calls or emails the area owner to see if the new person should be given access. Security waits for a response. The area owner responds with a yes or no. Security enters that access into the physical security system and then emails the card owner and tells them they have access. The same process is true with ad-hoc adding of areas and single doors inside the facility. All this manual back and forth leaves a lot of room for errors to occur leaving companies vulnerable. To mitigate risk and decrease vulnerabilities, end users must implement an automated process using software to enforce a predetermined corporate policy when granting access to employees, visitors and contractors. A few simple clicks and an email simplify the process. The automated process takesseconds to complete, ratherthan wasting minutes andhours, reducing total cost ofownership for the company The requesting party clicks on a link in the software and selects a building and the level of access they would like to acquire for the new employee, contractor or visitor. An email is sent to the door owner, bypassing the security department, and the door owner can approve or reject the request by clicking a link. Upon approval, access is immediately provisioned to the physical access control system. The software also automatically deactivates cards for contractors and visitors with a predetermined expired access time, and the deactivations are provisioned to the security management system. The automated process takes seconds to complete, rather than wasting minutes and hours, reducing total cost of ownership for the company. Proper and automated procedures are followed that provide an accurate audit trail. Accurate auditing made easy At least once a year, sometimes more, companies are required to perform an audit. Normally, the security department runs a report for every door and emails the report to the door owners. The owner's review the report, going through it carefully to see if those who have access should have access. People are confirmed or removed and the report is returned to the security department after a month. If an audit is performed once a year, the data provided in the report could be one to 364 days old, imposing a serious risk that individuals may have access to doors they should not over that timeframe. After that month, the reports are emailed back to the security department where staff must manually go into the physical security system and remove those flagged from the software. For a 1,000 door system, that is months of manual labour while exposing the company and its employees to potentially dangerous high levels of security risk. "Organisations that require quarterly audits realise diminished risk even more and save more money", says Jeff LeBlanc, VP- Client Services, AMAG When an organisation aligns their security processes with business operations using policy- based software, they mitigate risk, save money and meet compliance requirements. The software allows area owners to log into the software from their desktop and view the audit dashboard that includes everyone who has access to their doors. Within minutes the door owner can complete an audit. And when someone is removed from their audit list, the access is automatically removed from their record in the security management system, bypassing the security department, saving months of work and providing a total cost savings to the organisation. “The cost savings are almost immeasurable,” said AMAG Technology, Vice President - Client Services, Jeff LeBlanc. “Organisations that require quarterly audits realise diminished risk even more and save more money.” Many industries must adhere to third party government imposed audits such as Sarbanes Oxley for the banking industry, HIPAA for the healthcare sector or Transportation Workers Identity Credential for workers who need access to secure areas of maritime facilities and vessels. While these audits are mandatory, they do not require a company to be in 100% compliance all the time. They demand the controls are in place to identify when they have fallen out of compliance. The software helps organisations implement audits to help them remain in compliance and meet standards imposed by the government. Set policies to mitigate risk Organisations must set and manage policies that improve processes and save money, keep them secure without security team involvement and in compliance. While organisations have to meet third party audit requirements, which often prompt policy setting, most often policies are set to meet internal standards based on a set of parameters determined by the company in advance. When an organisation alignstheir security processes withbusiness operations usingpolicy- based software, theymitigate risk, save money andmeet compliance requirements For example, a policy can be created based on a person’s job title and building location. If a person has “director” in their title, they are issued a higher level of access throughout a bank or hospital. If the person’s title changes, the system will automatically change the default access assigned before and add a new level of access, which may include moving from one building to another or gaining a higher level of access within a building. Other policies help mitigate risk exponentially such as a card revocation rule. If an access card is not used within a specified time, say 60 days, the system will automatically revoke the card temporarily. When this policy is implemented, companies discover just how many active cards are out there, not liable, and not used. Approximately 95% of temporary card revocations become permanent, meaning, a company discovers they are exposed to a big risk. Another effective policy is the use it or lose it rule. When a card is not used at a specific door or access group within a specific amount of time, access is removed. This rule has produced amazing results for organisations. One client removed 60% of their access assignments when they implemented this policy. About 800,000 assignments were removed, and they received only 10 phone calls asking about access levels. Setting a policy like this helps keep an organisation's infrastructure in place and eliminate potential damage to its brand, reputation, intellectual property, assets and physical property. When aligning security plans with reliable policies and procedures, organisations can reduce manual errors, meet compliance, improve operational effectiveness and save on total cost of ownership.