Organizations are moving some of their workloads to the cloud and embracing SaaS solutions like never before. However, most organizations will still have key workloads on-prem for some time due to the cost, effort or regulatory / residency issues. This all results in organizations having a multitude of systems and applications that do not share a single identity store. Since some of these systems are required to be separated due to regulatory or geopolitical reasons, a single admin or user may have numerous separate user accounts to manage or use these systems.
The 2.0 release of Cygna Auditor introduces a new feature called Cygna Identity to unify these accounts from an audit perspective. This feature provides the ability to group multiple user accounts from hybrid and multi cloud systems to a single searchable identity. The Cygna Identity feature enables organizations to quickly see an individual’s activities across multiple accounts or to create groups of accounts that span across identity stores.
Configure Cygna Identity
The Cygna Identities feature is configured through a tile on the Tools screen.
Once opened, selecting the plus icon allows you to manually create a Cygna Identity and map the desired accounts to it.
- Display Name – Name used in the identity field to perform searches.
- Description – Additional information to describe the Cygna Identity.
- Search users – Interactive search field to find accounts to map to the identity being created.
Once saved individual mapped accounts can be toggled on or off or deleted to be removed from association with the identity.
The Identity name filter allows for quick searches and reports based on the defined identities. When the filter is applied, it will return all the audit activities of the user accounts enabled for the specified identity greatly simplifying and speeding up the search and reporting process.
You can also customize the grid view and add the Identity name column to the view.
Schedule Identity Search
An identity search analyzes user accounts with audit activity from connected AD and AAD sources to automatically create identity mappings. The job analyzes user accounts with similar UPNs. Depending on configurations, UPNs may not be similar across AAD and AD even when using AD Connect for account synchronization so another method is also used, matching SIDs.
This task can be run one time or on a flexible recurring schedule.