ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
使用當代技術建立業務應用程式並實現業務應用程式的現代化
The leading solution for COBOL application modernization
將 IBM 大型主機應用程式、交付過程、存取及基礎結構現代化
將主機應用程式存取現代化:更容易使用、整合、管理,而且也更安全
達到企業內系統互通
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
安全開發、安全性測試、持續監控與保護
Augment human intelligence
適用於資料去識別化和隱私的加密、憑證化和金鑰管理
身份識別與存取管理的整合方法
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
透過關聯、資料擷取與分析功能,偵測已知與未知的威脅
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
以機器學習為基礎,加強終端使用者體驗並提高服務台效率
混合式 IT 的第一個容器化自主監控解決方案
自動管理傳統網路、虛擬網路和軟體定義的網路
探索與管理混合 IT 環境中的組態項目 (CI)。
簡化履行自動化並執行管理
將端對端 IT 程序自動化
Manage IT & software assets for better compliance
在整個資料中心自動化佈建、修補與合規作業
在企業內建立、保護和擴展自動化業務流程
Micro Focus 一站式訓練
培養邁向成功的技能
加快速度、消除瓶頸,不斷提升軟體交付能力
ValueEdge: Value Stream Management
Align corporate investments with business strategy
Continuous quality from requirements to delivery
Scale enterprise SCCM with security and compliance
Resilient AI-powered functional test automation
Enterprise-level requirements management
Deliver continuous application performance testing
Plan, track, orchestrate, and release applications
Govern quality and implement auditable processes
Automate deployments for continuous delivery
Access all products in application delivery management
實現核心業務系統的現代化以推動業務轉型
使用當代技術建立業務應用程式並實現業務應用程式的現代化
The leading solution for COBOL application modernization
將 IBM 大型主機應用程式、交付過程、存取及基礎結構現代化
將主機應用程式存取現代化:更容易使用、整合、管理,而且也更安全
達到企業內系統互通
Modern mainframe application delivery for IBM Z
Secure, zero-footprint access to host applications
Access host data and automate processes with RPA
Multi-factor Authentication for IBM z/OS endpoints
Access all products in Application Modernization & Connectivity
為您所有工作的核心提供安全防護,包含營運、應用程式、身分識別與資料
安全開發、安全性測試、持續監控與保護
Augment human intelligence
適用於資料去識別化和隱私的加密、憑證化和金鑰管理
身份識別與存取管理的整合方法
Deliver simplified, secure access to users
Scale to billions of identities with IGA platform
Gain control of privileged user activities
Track changes and activities in managed services
透過關聯、資料擷取與分析功能,偵測已知與未知的威脅
Access all products in CyberRes
值得信賴、經過法律驗證、遵循法規和隱私的解決方案
Analytics for text, audio, video, and image data
Reduce risk, cost, and maintenance, and T2M
AI and machine learning for data analysis
Enterprise backup/disaster recovery
Unified traditional and mobile device management
Meet regulatory & privacy retention requirements
Email, IM, and chat-based collaboration
Mobile workforce communication & collaboration
Secure critical file storage and print services
Access all products in Information Management and Governance
使 IT Operations 與 DevOps 齊頭並進
以機器學習為基礎,加強終端使用者體驗並提高服務台效率
混合式 IT 的第一個容器化自主監控解決方案
自動管理傳統網路、虛擬網路和軟體定義的網路
探索與管理混合 IT 環境中的組態項目 (CI)。
簡化履行自動化並執行管理
將端對端 IT 程序自動化
Manage IT & software assets for better compliance
在整個資料中心自動化佈建、修補與合規作業
在企業內建立、保護和擴展自動化業務流程
Access all products in IT Operations Management
制定策略並轉變您的混合 IT。
透過即時分析和搜尋非結構資料,從大數據獲得深刻見解。
賦予團隊強大力量,完整發揮事業潛力
The Quality Council for Trades and Occupations (QCTO) oversees the design, implementation, assessment, and certification of occupational qualifications in South Africa. The QCTO also offers guidance to service providers who must be QCTO-accredited to offer occupational qualifications.
Industry
Location
Products
The QCTO is subject to regular audits by national regulatory bodies. The various systems in use by the QCTO range from accounting and ERP solutions, to HR, Employee Self-Service (used to manage staff holidays, payslips, and tax certificates), and the custom-developed system used to issue certificates to qualified applicants. There is a Management Information System for qualification development.
Access and security varies by system which makes it hard to collate all the information required for auditors, as Mr Tafadzwa Ramhewa, IT Director for the QCTO, explains: “We needed to pull audit trails of who had access to the different systems. Every month we would print out access reports and then compare this with user access request forms to work out if the two access sources lined up. Some systems have such restricted access that we would rely on the business owners to do this job for us. All in all it would easily take half a day of our time every month.”
Thankfully the audit findings have always been positive, although one recommendation was taken to heart by the QCTO. Ramhewa: “The auditors were pleased with the system access review for our end users, but we didn’t review access for our system administrators in the same way. We have other processes in place for this, but the auditors felt we needed a clearer separation of duties, which just wasn’t possible with the manual processes we had.”
These considerations were even more important in light of new data protection legislation which will be enforced by South African government from 2018. This has been introduced to fight identity theft and ambush marketing and has resulted in a real behavioral change in South African organizations.
Following a market review, the QCTO was introduced to NetIQ Identity Governance and NetIQ Change Guardian to close any loopholes in their access and security policies. Identity Governance was implemented and is used to collect and correlate user entitlements across all QCTO applications into one view. It is designed to eliminate manual processes and increase efficiency.
Ramhewa explains its use within QCTO: “The business owners of our solutions receive an automated email driven by Identity Governance to confirm which users have access to their systems. This process is managed independently from the system administrators so that they can be included in the process as well, creating a clear separation of duties. The Identity Governance reports are easy to understand and our business owners are comfortable working with the process.”
Change Guardian delivers further automation to the security of QCTO systems, and as Ramhewa says: “For us, it’s all about automation. The less human intervention, the better. Policing our user accounts is very important as we have a lot of contractors and staff mobility. We need to be able to control system access easily and have a transparent audit trail.”
Change Guardian centrally records and audits changes, consolidating and archiving change events from across the QCTO IT environment. This helps reduce the complexity required to analyze multiple, disparate logs. Before the Change Guardian implementation, there was a manual effort involved in getting ready for an audit exercise. The IT team needed to ensure there were no orphan user accounts which could pose a potential security threat. Today, Change Guardian reports in real-time on deleted user accounts, failed log-ons, reset passwords etc. This gives the team the control and visibility they need to rapidly detect and disrupt threats that could negatively impact the confidentiality, integrity, and availability of the organization’s critical assets.
Identity Governance and Change Guardian have streamlined the auditing process and improved security for QCTO. Ramhewa comments: “We worked with LiyaTech, a knowledgeable local implementation partner, and it was great to have the expertise from Micro Focus on hand as well, during the project. We find the solutions easy to administer and can already see the benefits.”
He concludes: “Identity Governance and Change Guardian have helped us be compliant with stringent new data protection regulations, and the solutions are saving us time and effort every day. We feel we are completely transparent in our access reviews and our system security has been enhanced in the process.”
We worked with LiyaTech, a knowledgeable local implementation partner and it was great to have the expertise from Micro Focus on hand as well, during the project. We find the solutions easy to administer and can already see the benefits.