AstraCMITSAstraCMITS
Managed Service

Identity & Access Management

Active Directory, MFA, SSO, RBAC, quarterly access reviews — who has access to what, and why.

Book a ConsultationAll Services

In most Indian SMEs, "user access" is a shared spreadsheet that has not been reviewed in years. Ex-employees retain access, role changes leave behind privileged accounts, and shared credentials undermine every other control. AstraCMITS builds identity architectures that are auditable, recoverable, and aligned with DPDPA fiduciary obligations.

Why it matters

The risk of getting this wrong.

!

Compromised credentials are the #1 initial-access vector in Indian SME breaches. MFA on legacy and email auth is the single highest-leverage cyber control.

!

DPDPA 2023 makes you responsible for who accesses personal data. "I think Sales has access" is not a defence.

!

Privilege creep — users accumulating access over years without removal — is invisible until a former-employee credential is used externally.

!

Cloud apps proliferate without SSO, each becoming an independent password to be lost, phished, or shared.

What we deliver

Concrete, accountable deliverables.

Active Directory hardening

Tier model, privileged access workstations, Kerberoasting defence, password policy modernisation, AD recovery plan.

MFA across the board

Phishing-resistant MFA on email, VPN, RDP, ERPs, cloud admin. Backup factor strategy. Conditional access policy.

SSO for SaaS

Azure AD / Okta integration with your ERP, finance, HR, marketing tools. One identity, many apps, central revocation.

RBAC design

Roles defined per business function. Membership reviewed quarterly. Privileged access time-bound and approved.

Quarterly access reviews

Manager-attested review of every user, every privilege. Findings remediated, evidence retained for inspectors.

Joiner / mover / leaver

Documented onboarding and offboarding, automated where possible. Day-1 access, day-zero revocation.

How we engage

From discovery to delivery.

01

Identity baseline

Inventory of every account, privilege, service principal, shared credential. Findings ranked by risk.

02

Remediate + roll out

MFA deployment, AD hardening, SSO integration with key apps, RBAC role design.

03

Govern

Quarterly access reviews, ongoing policy enforcement, response to joiner/mover/leaver, monthly reporting.

Compliance & frameworks

DPDPA fiduciary dutiesRBI CSF identity controlsISO 27001 A.9NIST 800-53 AC familyUSFDA 21 CFR Part 11 e-signatures

Industries we serve

BFSIPharmaHealthcareIT ServicesGovernmentEducation

Measurable outcomes

Results, not activity.

100% MFA coverage on email, VPN, and admin accounts.

No active credentials for ex-employees — verifiable via quarterly review.

SSO coverage across all major SaaS — no orphan password sprawl.

Identity audit evidence ready for any inspection.

Ready to talk identity & access management?

Free 30-minute scoping call. We'll map your current state, identify the gaps, and show you exactly what a managed engagement looks like.

Book a Consultation