Inactive User Reporting for RSA Archer

View Licensing/Pricing | Implementation Services | Create Support Ticket | View App-Pack on Archer Exchange

How are you managing "inactive user" risk?

Organizations invest significant time and resources to manage enterprise, operational, third party, security & vulnerability risk programs, etc.

If inactive user risk is not managed, risk increases to all other programs.

Our Inactive User Reporting solution provides proactive reporting of all types of inactive users in active records.

What is an "Inactive User" in Archer?

User accounts with the following situations are considered Inactive Users:

Moved to another team and lost access to records
Inactive status after leaving company
Locked account due to excessive logins
Inactive after X days of not logging in to Archer

Nothing is as frustrating as an inactive user with a deadline.

Demo Video

Watch a 4.5 minute demo video of Inactive User Reporting in action using Findings as an example.

Do any of these scenarios sound familiar?

Findings are not remediated on-time
Risk and Compliance Assessments are past due
Business Continuity Plans not tested
Progress on Incidents has stalled
Vulnerabilities not patched

…But why?

Because inactive users are responsible for those tasks!

What's the impact? Inactive users do not receive email reminders or have access to complete those tasks. Your processes to manage risk are now stuck in the workflow and increase the very risks you are trying to reduce or eliminate.

What's the Cost of Inactive Users in Active Records?

Regulatory Fines - Government regulations violated
Legal/Contractual Fees - PCI contractual fees, late fees
Opportunity Cost - Third Party contracts and other process delays
Risk Realized - Assessments failed to identify risk, vulnerability not patched, etc.
Wasted Time - Scrambling to find responsible party

The Proactive Solution

Archer admins and risk practitioners need a better way to ensure active/in progress records are populated with active users to move processes forward before tasks are past due.

Evalto's Inactive User Reporting solution provides a proactive method to notify process owners when there are inactive users so they can resolve the problem before it’s a real problem...long before campaigns are created, emails are sent, and/or due dates are past due.

What about completed records/tasks?

For historical purposes, we want to retain who performed approvals, reviews, etc. on completed records such as risk assessments and findings. Therefore, for each application/questionnaire, we allow multiple custom filter options to only evaluate records where your criteria matches what an "open" record is for that process. That way, you don't have to review every record with an inactive user...only the records that matter.

Learn how Evalto's Inactive User Reporting solution can help.

Request a Demo

Sample Screenshots

Easy Setup

Easily configure apps and questionnaires to monitor for all types of inactive users.

Report Owners

Choose designated Report Owners to receive report notifications.

Report Types

Report results are output in CSV, HTML, or both options per configuration.

Select Fields

Select up to 10 record permission or user/group fields per configuration.

Custom Filters

Evaluate all records, records with a numeric filter, or custom search criteria.

Custom Schedule

Flexible scheduling per config: daily, weekly, monthly, and custom dates.

3 Simple Steps

1 Configure Options

Easily setup one or more configs to monitor modules, set frequency, select fields, designate filters, and choose Report Owners to receive reports.

2 View Report

Reports are generated if inactive users are found in CSV and/or HTML output with the ability to navigate directly to the impacted records.

3 Update Records

After identifying active replacment users, update the impacted records and rest easy knowing they will own the process going forward.

Configuration Options

Easily create configurations

Report Frequency - Daily

Report Frequency - Weekly

Report Frequency - Monthly

Report Frequency - Custom MM/DD

Ability to pause scans/monitoring

Monitor up to 10 fields per target

Type of field - Record Permission

Type of field - User/Group

Target Record Filter Options

All records in target application

Records with numeric field with a value of 1 (calculation, DDE, AWF, data feed, bulk update, etc.)

Custom XML search criteria (API search format)

Report Options

Choose Report Owner(s) specific to target app

Output Type - CSV

Output Type - HTML

Output Type - CSV and HTML

Report Results

Email Notification to Report Owner(s)

Ability for Report Owners to complete review

Counts - Number of records with inactive users

HTML display (if HTML output selected)

CSV attachment download (if CSV output selected)

Counts - Total number of inactive users found

Reports Include

Direct link to impacted records

Field name impacted

Reason for inactivity (locked, inactive, not in group)

Inactive user's full name

Inactive user's username

Inactive user's domain (if a domain account)

Inactive user's last login date

Inactive user's UserID

Dashboard Reports

Targeted to Report Owner(s) and Admins

Displays current configurations

Displays reports awaiting reviews

Total # of records with inactive users awaiting review

Total # of inactive users found awaiting review

Quick links for common tasks

Implementations Supported

On-Premise

SaaS

Hosted

Formerly certified by RSA Archer and on the Archer Exchange

Tiered Subscription Pricing

Our annual subscription licensing model enables you to only pay for the number of configurations setup within your organization. As the number of configurations subscribed to increases, the cost per configuration decreases. There are no limits on the number of administrators or report owners using the solution.

View Inactive User Reporting Licensing Prices

Learn how to manage inactive user risk

Request a Demo