How does Eye-Able® ensure that access to IT systems, data, and applications is securely managed?
Ensuring access according to the Need-to-Know principle, especially for privileged access
Eye-Able® implements a comprehensive Identity & Access Management system (IAM), which regulates policies, procedures, and technical controls for granting, modifying, revoking, and controlling user rights.
Least-Privilege Principle and Separation of Duties
Access rights are granted based on the Least-Privilege principle and in compliance with the Separation-of-Duties principle.
Centralized Authorization Management
The initial and ongoing assignment of rights is managed through a central, documented authorization management system with defined approval workflows.
Access for new, changing, or departing users is adjusted in a timely manner.
Privileged Access and MFA
Privileged access is minimized, time-limited, and subject to separate approval and logging requirements.
MFA (Multi-Factor Authentication) is mandatory for all administrative and sensitive accesses.
Password Policy and Logging Systems
The password policy meets industry-standard security guidelines (e.g., minimum length, rotation, complexity) and is regularly reviewed.
Logging systems are configured as write-once/read-many (WORM), and their „read-only“ status can only be temporarily lifted through controlled break-glass procedures.
User Identities and Regular Review
All user identities are uniquely assignable and documented.
Access rights are regularly reviewed according to a risk-based revalidation plan.