Overview

This document describes two SoD use cases in detail. Be aware that other use cases are possible that are not described in this document.

Using DirX Identity SoD Policies

This use case works with DirX Identity’s built-in SoD policies. It allows configuring rules for any type of privilege. If you define rules at the permission or role level, you can control SoD over many different target systems.

The following table compares the two use cases described in this document to help you with your decision process.

The table presents the following evaluation criteria:

Complexity of solution setup – the effort and complexity involved in setting up the initial solution.

Pre-configured SoD policies – the availability of pre-configured SoD policies that can be directly used in compliance processes.

SoD policies for role / permission level – whether the use case offers the option of setting up SoD policies at the role or permission level.

SoD policies for group level - whether the use case offers the option of setting up SoD policies at the group level.

Hierarchical SoD policies - whether the use case offers the option of setting up SoD policies at different levels, for example between a role and a group.

Segregation of duties (SoD) policies can help to fulfill compliance regulations. However, additional checks require additional time, and that will slow down your company processes. Therefore, we recommend that you: