Hardest Part of a YouAttest P.O.C.? I recently joked that the hardest part of a YouAttest P.O.C. was getting the web conference software to work for each different client.
As for the YouAttest POC – it doesn’t get any simpler.
What is The Hardest Part of a YouAttest P.O.C.
YouAttest is designed with intelligent “Application SSO.” That is SSO directly into the main source of information: the customer’s Okta tenant. The process uses pre-defined security protocols and then goes through an Okta verification process to become “Okta Verified” in the Okta Integration Network (OIN). YouAttest has gone through this process – and thus performing this application is a matter of inputting (3) simple pieces of information:
Image #1: YouAttest utilizes secure Application SSO (either SAML or OIDC) for integration to an existing Okta tenant. From there it’s a matter of just creating your attestation campaign. YouAttest is an access and user review product. It simplifies your identity audits by plugging into your existing Okta tenant and then displaying the roles and permission exactly how you choose to display, be it:
- By User
- By Group
- By Application
Hence the next step is to simply decide what type of campaign you wish to create, either by user/group or by application, and then select the API set you already created (see image #1) and you are off to the races.
You are now ready to set up your P.O.C and start generating reports as you need. The typical set up is less than 5 minutes. (About the same length of time it took me to get the last customer’s conference tool installed, that I have never used.)
Typical YouAttest P.O.C. Campaigns
Customer for proving out YouAttest typically run with one or a few of these types of audit campaigns:
1. Application Audit Campaign
Either one or more campaigns that list out, by application, users access rights, their roles, their managers. This is a good way to see YouAttest’s ability to certify or delegate the review or even revoke the privilege. This is the most popular for of YouAttest attestation and is crucial to SOX and HITRUST certifications, amongst others.
2. Group Audit Campaign
Audit the set of users and privileges under a particular group. Best practice in AD is to organize your rights around groups. YouAtest can pull these groups for both Okta and AD groups for a full audit.
3. User Audit Campaign
Simply specify a user and quantify the user’s group memberships, roles, status and application permissions.
Additional YouAttest P.O.C. Activities Can Include
YouAttest supports and customers explore its usage in both production and P.O.C. environments the following audit features:
- Dynamic, Event-Driven Attestations
- Based on Okta and AD events
- AD Service Account Attestations
- Use your Okta client and YouAttest tenant for auditing of AD service accounts
- Auto-Delegation to manager based on roles
- Multiple Reviewers, based on groups or comma-seperated list
- Mandate: Business Reviews and System Reviewers
- .CSV upload of resource data that is NOT in Okta
We look forward to getting you started on your P.O.C. We feel YouAtest P.O.C.’s help an enterprise feel comfortable with YouAttest cloud-based IGA – and help internally sell the solution.
Still confused about what the Hardest Part of a YouAttest P.O.C. is? Please feel free to contact us for more info.
Austin Grajek is Vice President of Audit Solutions at YouAttest