Addressing APRA - PPG 234 Compliance through Centralised Identity and Access Management in Active Directory

The Australian Prudential Regulation Authority (APRA) lays out a comprehensive set of IT security requirements that are an ongoing focus for IT managers in financial organisations and enterprises in Australia. APRA-PPG 234 addresses security issues in a comprehensive manner, covering everything from identity assurance and access controls to accountability and audit. This White Paper details how Centrify Suite and Active Directory can address a large portion of security controls and risk management requirements addressed in APRA- PPG234. In addition, requirements related to monitoring of IT security controls as detailed in the guidelines are discussed in the context of the capabilities of Centrify DirectAudit. The White Paper demonstrates how to address these requirements in a robust and cost-effective manner by leveraging existing Active Directory infrastructure to centrally manage non- Windows systems, applications and databases. It then details Centrify's unique ability to extend Active Directory with a suite of integrated solutions for cross-platform identity, access and privilege management and detailed user activity monitoring of UNIX, Linux and Windows systems.