Agenda SAP AG or an SAP affiliate company. All rights reserved. 2
|
|
- Jody McBride
- 8 years ago
- Views:
Transcription
1 NextLabs: Beyond RBAC ABAC and Information Control Automation Tim Quan, Director - SAP Industries & Solutions, NextLabs March 2014
2 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 2
3 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 3
4 Challenge - Enforcement Granularity We can give her the role, but we can t limit what data she can see Product A Product B Product C Product D Product E Supplier Granted Access Required Access Leads to too much access, custom authorization logic and/or complex roles 2014 SAP AG or an SAP affiliate company. All rights reserved. 4
5 Challenge - Discretionary Authorization Please have you manager approve access Why should or shouldn t you manager approve access? Role purpose Job function and assignments Least privileges Compliance requirements Existing access Trust When should your access be revoked? 2014 SAP AG or an SAP affiliate company. All rights reserved. 5
6 Challenge - Role Explosion We have 10,000 users and 125,000 roles and growing Companies have multiple access drivers Functional Roles Compliance Regulations (e.g. ITAR, Trade Secrets, PII) IP Control Agreements (e.g. PIEA, NDA) Multiple Applications and Systems (e.g. PLM, ERP, CRM) Traditional role based access control (RBAC) explodes based on the number of variables Required Access Rules Number of Access Variables 2014 SAP AG or an SAP affiliate company. All rights reserved. 6
7 Information Control Enforcement Today Policy Authorities Legal - Intellectual Property Business Authorizations (e.g NDA, License) Non-Disclosure Agreement Acme Inc and Wiley Tech agree to share confidential information about Kaboom for 3 years. Materials marked ACME Confidential and destroyed at end of project. Procedural Controls (e.g. Access Review) Systematic Controls (e.g. Access Control) 90% 10% Procedural Controls IT Create Wiley Tech Site Manage Wiley Tech Group End User Get manager review Mark confidential Put data Wiley Tech Confidential site Collaboration Portal Tell Wiley to Destroy Systematic Controls Limit Access to Wiley Tech Site to users in Wiley Tech Group 2014 SAP AG or an SAP affiliate company. All rights reserved. 7
8 Key Business Trends Impacting Information Risk Industry Consolidation Globalization Anywhere.. Any device Continued M&A activity anticipated 76% of executives anticipate at least one acquisition in 2013* Joint Ventures and partnerships on the raise Competitive threats keep companies on edge for IP Protection Firms expanding footprint to international markets to drive revenue growth Trade and information exchange is crossing company and country borders Firms looking for next frontier of operational efficiency gains Desire to minimize IT maintenance and support costs Firms look for enabling employees with required access to data from anywhere and through any device * KPMG Survey on M&A Activity SAP AG or an SAP affiliate company. All rights reserved. 8
9 Increased Global Collaboration Supplier/Partner Customers Supplier Collaboration My Company Customer Collaboration Quality Contractor Quality Collaboration Outsourced Manufacturing Offshore Subsidiary 2014 SAP AG or an SAP affiliate company. All rights reserved. 9
10 Secure Information Collaboration Challenge Supplier/Partner Customers Supplier Collaboration Forecasts Purchase Orders Kanban Invoices Shipments Quality Contractor Supplier Collaboration Quality Collaboration My Company Customer Collaboration Outsourced Manufacturing Customer Collaboration Forecasts Promotions Replenishment ASNs Offshore Subsidiary Outsourced Manufacturing Quality Collaboration Quality Notifications Sub Con POs ASNs Invoices Shipments Work Order WIP 2014 SAP AG or an SAP affiliate company. All rights reserved. 10
11 Business Authorization Dimensions Data Access Functional Access Determine the actions a user can perform Data Access Determine the data a user can see Functional Access Governance Rules for access management 2014 SAP AG or an SAP affiliate company. All rights reserved. 11
12 Authorization Layers 2014 SAP AG or an SAP affiliate company. All rights reserved. 12
13 Information Control Policy Policy Authorities Business Authorizations (e.g NDA, License) Information Control Policy Procedural Controls (e.g. Access Review) Systematic Controls (e.g. Access Control) 90% 10% Information Controls Audit Data Classification Access Control (ABAC) Integrated Rights Management Data Labeling and Marking Communication Control Application Control Device Control Network Control Compliance Workflow 2014 SAP AG or an SAP affiliate company. All rights reserved. 13
14 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 14
15 Information Control Policy Attribute Driven Policy Attribute Based Access Control (ABAC) enables dynamic authorization logic Environment Information Centric Protecting data across systems and applications Built in Data Classification Services Identity Based Deep integration with common identity management systems and standards Identity ABAC Information 2014 SAP AG or an SAP affiliate company. All rights reserved. 15
16 Policy Model Allow only US Engineers to access Project X Specifications from US Offices Subject Location = US AND Department = Engineering Resource Project = Project X AND Type = Specification Environment Network Address = * Attribute-based rule conveys business intent Provide fine-grain, data level control SAP AG or an SAP affiliate company. All rights reserved. 16
17 Policy Structure Target determines policy applicability Condition determines policy effect Effect Policy decision and obligations FOR Confidential Top Secret ON Access BY NOT Employee Level 5 WHERE User.Authority = Resource.Authority DO Allow, Log Access 2014 SAP AG or an SAP affiliate company. All rights reserved. 17
18 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 18
19 Gartner: Dynamic Attribute-based Authorization will be dominant Attributes are now "how we role Context will play an ever-expanding role as people come to enterprise networks from all angles and devices. It will be a world of attribute-based access control, where an identity marketplace becomes a key provider of user attributes that build context and define access control decisions, especially for critical data, systems. Crafting policy definitions, however, will continue to present challenges. Prediction: By 2020, 70% of all businesses will use attribute-based access control (ABAC) as the dominant mechanism to protect critical assets, up from <5% today. Gartner Predicts 2014: Identity and Access Management (source 1, source 2) 2014 SAP AG or an SAP affiliate company. All rights reserved. 19
20 Kuppinger: Dynamic Attribute-based Authorization is the future Source: Kuppinger Cole Leadership Compass for Access Governance 2014 SAP AG or an SAP affiliate company. All rights reserved. 20
21 NIST Cyber Security Framework Source: Improving Critical Infrastructure Cybersecurity, Executive Order 13636, NIST, SAP AG or an SAP affiliate company. All rights reserved. 21
22 NIST Cyber Security Framework SAP Identity Management SAP GRC AC Source: Improving Critical Infrastructure Cybersecurity, Executive Order 13636, NIST, SAP AG or an SAP affiliate company. All rights reserved. 22
23 NIST Cyber Security Framework Source: Improving Critical Infrastructure Cybersecurity, Executive Order 13636, NIST, 2013 Centrally define corporate information security policies Segregate policy management by role Classify data based on policy Enforce data segregation based on policies Control access and usage based on multiple attributes, including user type, location, device type, media type Rights protect information based on multiple attributes Control how data is shared via based on policy Monitor and log data access and usage based on policies Raise user awareness through context based messages 2014 SAP AG or an SAP affiliate company. All rights reserved. 23
24 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 24
25 NextLabs Solution Approach Manage Monitor Educate Enforce Audit Turns business requirements into enforceable controls Integrates with enterprise, cloud, and client applications Data Classification Data Segregation Access Control Rights Protection Communications Control Activity Logging Log and audit data and user activity 2014 SAP AG or an SAP affiliate company. All rights reserved. 25
26 Policy-Driven Security Controls and Compliance Automation for SAP Allow only Project A Team Members in Site 1 to access Project A data for 6 months Context User Attributes Data Classification NextLabs is a SAP Endorsed Business Solution Partner Data-level and transaction-level security Field-level security control Virtualized data segregation Attribute-based Access Control and Access Segregation Encryption and DRM protection of data inside and outside of SAP Monitor or Deny modes Audit and Reporting of all requested access 2014 SAP AG or an SAP affiliate company. All rights reserved. 26
27 Information Control Policy Model 2014 SAP AG or an SAP affiliate company. All rights reserved. 27
28 Security Classification Centrally manages SAP Master data attributes Features Granularity (Transaction & Master data) Extensible Schema Inheritance (e.g., Material to BOM) Classification Lifecycle Management Classification Automation Integration with external Classification systems (e.g., SAP GTS for Export Control) 2014 SAP AG or an SAP affiliate company. All rights reserved. 28
29 Attribute Based Access Control ACCESS DENIED: Only members of Project Y can access project data ACCESS DENIED: ITAR Technical Data: Export Authorization Required 2014 SAP AG or an SAP affiliate company. All rights reserved. 29
30 Integrated Rights Management for SAP Protects data inside and outside SAP Features Automatic rights protection Long Text Documents File type agnostic Persistence Classification Metadata Rights 2014 SAP AG or an SAP affiliate company. All rights reserved. 30
31 Policy Compliance Audit Dashboards Role based dashboards for easy access to most critical analysis Analytics Multi-dimensional summary analysis Trend Analysis End to End Activity Audit Data access, use and distribution across applications Details required for Incident Investigation and Response Compliance Audit Policy Enforcement Policy Based Activity Audit Personal and Shared Reports Integrates with Compliance Record Keeping 2014 SAP AG or an SAP affiliate company. All rights reserved. 31
32 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 32
33 Agenda Common Challenges to Role Based Access Control (RBAC) Information Control Automation and Attribute Based Access Control (ABAC) Industry Frameworks for ABAC ABAC in SAP Demonstration Examples Benefits and Common Scenarios in SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 33
34 RBAC vs. RBAC+ABAC in SAP Scenario RBAC RBAC + ABAC 1 Company 50 Functional roles & 5 Subsidiaries 300 total roles: 50 Functional roles 5 derived company code 35 derived Plants 50 Functional roles 5 Subsidiaries 7 Plants/Subsidiary 35 Plants under 5 subsidiaries 1840 Roles 50 x 35 = 1,750 1, = 1840 Roles 51 Authorizations 50 Functional roles 1 NextLabs policy = 35 Plants 97% less roles using Attributes Benefit Baseline 97% less than RBAC alone 2014 SAP AG or an SAP affiliate company. All rights reserved. 34
35 NextLabs can help address Security & Compliance Challenges Business Transformation Secure Collaboration Regulatory Compliance IP and Data Security Accelerate consolidation with dynamic authorization. Enable field level security without role explosion with attribute based access control (ABAC). Accelerate and enable safe collaboration with external partners. Improve data access visibility within partner networks. Centrally define and enforce policies. Automate tedious compliance processes and audit reporting for Export (ITAR/EAR, BAFA, Dual Use, ) Privacy (PCI, PII ) Others (Chemical Weapons Convention, Nuclear Energy..) Protect and prevent loss of critical data inside and outside SAP Business Suite. Persistently protect IP data distributed with digital rights technology in and out of the enterprise SAP AG or an SAP affiliate company. All rights reserved. 35
36 Policy Evaluation SAP ECC Subject userid= carter Department = Sales location= US Action Run Query Resource UI Function = Display Mat = CRD Exp Security = ITAR IP = Proprietary Export Lic = NA ACC = Project 01 Response Effect Allow/Deny Obligations Show Message ITAR TECHNICAL DATA Policy Controller (PDP) Evaluate Deploy Policy Bundle Policies / Policy Components Control Center (PAP) AD/ LDAP SAP CUA HRMS IdM SAP Server 2014 SAP AG or an SAP affiliate company. All rights reserved. 36
37 Policy Combining Deny Override Policy 1 (IP Control) Application PIP PEP AuthZ Concept Andy Access Material A Policy Decision Point (PDP) ALLOW Policy 2 (Export Compliance) ALLOW DENY Data Policy Information Point (PIP) Policy 3 (National Security) DENY Manage Access Rules Independently. Reduces the number of authorizations 2014 SAP AG or an SAP affiliate company. All rights reserved. 37
38 Entitlement Manager for SAP Global Consolidation Secure Collaboration Regulatory Compliance Data & IP Security SAP Entitlement Manager DC Data Classification DS Data Segregation AC Access Control RP Rights Protection AL - Audit 2014 SAP AG or an SAP affiliate company. All rights reserved. 38
39 End-to-End Information Controls Secure the Source Secure data use Secure external collaboration Project X Project X Entitlement Management Tech Data.d wg Rights Management Tech Data.d wg Communication Control Allow Only Members of Project X to access Project X Data Deny Copy/Paste of Project X Data Encrypt Project X Data on USB Deny Sharing Project X data outside Project X Team Control Center Information Control Platform Information Control Policy Identity Controls Data XACML 2014 SAP AG or an SAP affiliate company. All rights reserved. 39
40 NextLabs Information Risk Management Suite Information Control Enforcement Application Enforcement Document Enforcement Enforcement Developer SAP ERP SAP CRM SAP DMS Microsoft SharePoint File Server (CIFS/NFS) Microsoft Windows DAC Dassault Enovia PLM Siemens Teamcenter PLM IBM FileNet P8 Rights Management Server Rights Management Client SOAP/REST Java C#, C++ Information Control Automation Data Classification Data Segregation Access Control Communication Control Data Encryption Activity Monitoring Control Center Policy Platform Information Control Policy Model Identity Data Events XACML 2014 SAP AG or an SAP affiliate company. All rights reserved. 40
41 SAP Endorsed Business Solutions (EBS) An SAP Ecosystem By Invitation Only Program Endorsed Business Solutions Complementary solutions selected by SAP Product and Industry groups Application level integration with 3 month solution qualification to ensure end-to-end business process Product roadmap guided by SAP based on Cooperative Development Agreement The use of NextLabs with SAP ERP enables customers to comply with export regulations such as ITAR and offers them greater flexibility in designing and enforcing IP security policies. - Magnus Bjorendahl Global Head of A&D IBU, SAP Endorsed by SAP and sold by partners 2014 SAP AG or an SAP affiliate company. All rights reserved. 41
42 World Class Customers Aerospace & Defense High Technology Chemical Financial Services Industrial Manufacturing 2014 SAP AG or an SAP affiliate company. All rights reserved. 42
43 About NextLabs NextLabs Overview We allow companies to preserve confidentiality, prevent data loss and ensure compliance across more channels and more points with a single unified solution with unmatched user acceptance and total cost of ownership. - Keng Lim, Chairman and CEO NextLabs Entitlement Manager is an SAP-Endorsed Business Solution. Policy-driven, information risk management software for Global 5000 enterprises. Help companies achieve safer and more secure internal and external collaboration. Ensure proper access to applications and data. Facts Locations HQ: San Mateo, CA Boston, MA Hangzhou, PRC Malaysia Singapore 40+ Patent Portfolio Major go-to-market Partners: SAP, Microsoft, IBM, Deloitte, HCL-AXON 2014 SAP AG or an SAP affiliate company. All rights reserved. 43
44 Thank you Tim Quan Director, SAP Industries & Solutions NextLabs 2 Waters Park Drive, Suite 250 San Mateo, CA T E tim.quan@nextlabs.com 2013 SAP AG or an SAP affiliate company. All rights reserved.
NextLabs Rights Management Platform
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger October 2015 Comprehensive Rights Management solution including information classification, based on a well thought-out policy management model supporting
More informationSecure Engineering Collaboration with Integrated Rights Management
Secure Engineering Collaboration with Integrated Rights Management Chris Schrand, Siemens PLM Andy Han, NextLabs GPDIS_2014.ppt 1 Agenda PLM Data Protection Challenges Siemens/NextLabs Enterprise Digital
More informationIBM Software Group. Deliver effective governance for identity and access management.
IBM Software Group Deliver effective governance for identity and access management. June 2009 June 2009 Deliver effective governance for identity and access management. Today, companies face many hurdles
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Protecting your business value from
More informationAlways Worry About Cyber Security. Always. Track 4 Session 8
Always Worry About Cyber Security. Always. Track 4 Session 8 Mark Stevens SVP, Global Services and Support Digital Guardian MStevens@DigitalGuardian.com 781-902-7818 www.digitalguardian.com 2 Abstract
More informationProduct Data Security and Access Management. Dilip Agrawal Security PLM Lead Ford Motor Company dagrawal@ford.com
Product Data Security and Access Management Dilip Agrawal Security PLM Lead Ford Motor Company dagrawal@ford.com 1 Objective Design a PLM security model that strengthen the enforcement of policies while
More information<Insert Picture Here> Oracle Identity And Access Management
Oracle Identity And Access Management Gautam Gopal, MSIST, CISSP Senior Security Sales Consultant Oracle Public Sector The following is intended to outline our general product direction.
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationIdentity, Privacy, and Data Protection in the Cloud XACML. David Brossard Product Manager, Axiomatics
Identity, Privacy, and Data Protection in the Cloud XACML David Brossard Product Manager, Axiomatics 1 What you will learn The issue with authorization in the cloud Quick background on XACML 3 strategies
More informationWhite Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution
White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations
More informationLeveraging Teamcenter security capabilities to protect your intellectual property and enable secure collaboration
Security management White Paper Leveraging Teamcenter security capabilities to protect your intellectual property and enable secure collaboration You can use Teamcenter software s security management capabilities
More informationKuppinger Cole Virtual Conference The Three Elements of Access Governance
Kuppinger Cole Virtual Conference The Three Elements of Access Governance Martin Kuppinger, Kuppinger Cole mk@kuppingercole.com December 8th, 2009 This virtual conference is sponsored by Axiomatics and
More information1 Introduction... 2 2 Product Description... 2 3 Strengths and Challenges... 4 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger April 2015 ITMC, a Danish vendor, delivers a comprehensive solution for Identity Provisioning and Access Governance with its IDM365 product. The
More informationAdopting Cloud Apps? Ensuring Data Privacy & Compliance. Varun Badhwar Vice President of Product Strategy CipherCloud
Adopting Cloud Apps? Ensuring Data Privacy & Compliance Varun Badhwar Vice President of Product Strategy CipherCloud Agenda Cloud Adoption & Migration Challenges Introduction to Cloud Computing Cloud Security
More informationRagy Magdy Regional Channel Manager MEA IBM Security Systems
Ragy Magdy Regional Channel Manager MEA IBM Security Systems 1 Started my career in Security in 2003 by Joining ISS 2005 was named the ISS Regional Manager for the Middle East 2006 ISS was acquired by
More informationMaster Data Management and Data Governance Second Edition
Master Data Management and Data Governance Second Edition Alex Berson Larry Dubov Mc Grauu Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore
More informationEnterprise Identity Management Reference Architecture
Enterprise Identity Management Reference Architecture Umut Ceyhan Principal Sales Consultant, IDM SEE Agenda Introduction Virtualization Access Management Provisioning Demo Architecture
More informationEXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski March 2015 is a comprehensive Privileged Identity Management solution for physical and virtual environments with a very broad range of supported
More informationHow Microsoft dynamics AX fairs in comparison to other ERP s
How Microsoft dynamics AX fairs in comparison to other ERP s GONE ARE THOSE LEGACY ERP SYSTEMS OF OLDEN DAYS. LEGACY SYSTEMS LOOK VAST, REQUIRE HUGE BUDGETS, AND TAKE LONG IMPLEMENTATION TIME. IT IS A
More informationIdentity Management Roadmap and Maturity Levels. Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de
Identity Roadmap and Maturity Levels Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de Major Trends in Identity Guidelines for an IAM roadmap Service-orientation: Identity has to provide defined
More informationKey Cyber Risks at the ERP Level
Key Cyber Risks at the ERP Level Process & Industrial Products (P&IP) Sector December, 2014 Today s presenters Bhavin Barot, Sr. Manager Deloitte & Touche LLP Goran Ristovski, Manager Deloitte & Touche
More informationHow To Improve Your Business
IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends
More informationWhitepaper: Manage Access Control for Network Resources with Securitay s Security Policy Manager
Whitepaper: Manage Access Control for Network Resources with Securitay s Security Policy Manager Introduction The past several years has seen an increase in the amount of attention paid to security management
More informationProduct Strategy Update OTM SIG Conference
Product Strategy Update OTM SIG Conference Derek H. Gittoes Vice President, Product Strategy August 11, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Program Agenda 1 2 3 4 Current
More informationDeveloping the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009
Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in
More informationXACML and Access Management. A Business Case for Fine-Grained Authorization and Centralized Policy Management
A Business Case for Fine-Grained Authorization and Centralized Policy Management Dissolving Infrastructures A recent Roundtable with CIOs from a dozen multinational companies concurred that Identity &
More informationMay 14 th, 2015 INTRODUCING WATCHDOX. And The ABC s Of Secure File Sharing. Jeff Holleran VP Corporate Strategy BlackBerry
INTRODUCING WATCHDOX And The ABC s Of Secure File Sharing May 14 th, 2015 May 14 th, Jeff Holleran VP Corporate Strategy BlackBerry 2015 Tim Choi VP Product Management and Product Marketing WatchDox Introduction
More informationACCESS RIGHTS MANAGEMENT Securing Assets for the Financial Services Sector
ACCESS RIGHTS MANAGEMENT Securing Assets for the Financial Services Sector V.2 Final Draft May 1, 2014 financial_nccoe@nist.gov This revision incorporates comments from the public. Page Use case 1 Comments
More informationRSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively
RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively Arrow ECS DLP workshop, Beograd September 2011 Marko Pust marko.pust@rsa.com 1 Agenda DLP in general What to expect from
More informationIBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk
Amir Jaibaji - Product Management Program Director IBM Information Lifecycle Governance IBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk Enterprise big
More informationCAS8489 Delivering Security as a Service (SIEMaaS) November 2014
CAS8489 Delivering Security as a Service (SIEMaaS) November 2014 Usman Choudhary Senior Director usman@netiq.com Rajeev Khanolkar CEO SecurView Agenda What is Security Monitoring? Definition & concepts
More informationBy Makesh Kannaiyan makesh.k@sonata-software.com 8/27/2011 1
Integration between SAP BusinessObjects and Netweaver By Makesh Kannaiyan makesh.k@sonata-software.com 8/27/2011 1 Agenda Evolution of BO Business Intelligence suite Integration Integration after 4.0 release
More informationHow Accenture is taking SAP NetWeaver Identity Management to the next level. Kristian Lehment, SAP AG Matthew Pecorelli, Accenture
How Accenture is taking SAP NetWeaver Identity Management to the next level Kristian Lehment, SAP AG Matthew Pecorelli, Accenture In This Session You will receive an overview of the functionality that
More informationBUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT
Solution in Detail NetWeaver BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING NetWeaver IDENTITY MANAGEMENT Identity management today presents organizations with a host of challenges. System landscapes
More informationMicrosoft s Compliance Framework for Online Services
Microsoft s Compliance Framework for Online Services Online Services Security and Compliance Executive summary Contents Executive summary 1 The changing landscape for online services compliance 4 How Microsoft
More informationBusiness-Driven, Compliant Identity Management
SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance
More informationModule 6 Essentials of Enterprise Architecture Tools
Process-Centric Service-Oriented Module 6 Essentials of Enterprise Architecture Tools Capability-Driven Understand the need and necessity for a EA Tool IASA Global - India Chapter Webinar by Vinu Jade
More information3rd Party Assurance & Information Governance 2014-2016 outlook IIA Ireland Annual Conference 2014. Straightforward Security and Compliance
3rd Party Assurance & Information Governance 2014-2016 outlook IIA Ireland Annual Conference 2014 Continuous Education Services (elearning/workshops) Compliance Management Portals Information Security
More informationAPIs The Next Hacker Target Or a Business and Security Opportunity?
APIs The Next Hacker Target Or a Business and Security Opportunity? SESSION ID: SEC-T07 Tim Mather VP, CISO Cadence Design Systems @mather_tim Why Should You Care About APIs? Amazon Web Services EC2 alone
More informationEnterprise Rights Management
Enterprise Rights Management Siemens PLM Software Status Partnership with Gigatrust Joachim Deisinger Darryl Worsham February 2011 2011. Siemens Product Lifecycle Management Software Inc. All rights reserved
More informationWhite Paper The Identity & Access Management (R)evolution
White Paper The Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 A New Perspective on Identity & Access Management Executive Summary Identity & Access Management
More informationOverview of Portfolio Management Reporting Capabilities within PPM 5.0 at Molex Session: 2813. Troy Ward John Hoover
Overview of Portfolio Management Reporting Capabilities within PPM 5.0 at Molex Session: 2813 Troy Ward John Hoover Abstract This PPM education session will focus on best practices at Molex in Portfolio
More informationW H IT E P A P E R. Salesforce CRM Security Audit Guide
W HITEPAPER Salesforce CRM Security Audit Guide Contents Introduction...1 Background...1 Security and Compliance Related Settings...1 Password Settings... 2 Audit and Recommendation... 2 Session Settings...
More informationUser Driven Security. 5 Critical Reasons Why It's Needed for DLP. TITUS White Paper
User Driven Security 5 Critical Reasons Why It's Needed for DLP TITUS White Paper Information in this document is subject to change without notice. Complying with all applicable copyright laws is the responsibility
More informationHow To Secure A Database From A Leaky, Unsecured, And Unpatched Server
InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions Agenda Any questions unresolved? The Guardium Architecture Integration with Existing Infrastructure Summary Any questions
More informationIdentity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp.
Identity Management Basics Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com May 9, 2007 Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms
More informationSymantec to Acquire Clearwell Systems, Inc. May 19, 2011
Symantec to Acquire Clearwell Systems, Inc. May 19, 2011 1 Forward-Looking Statements This presentation contains forward-looking statements within the meaning of U.S. federal securities laws, including
More informationADAPTABLE IDENTITY GOVERNANCE AND MANAGEMENT
OMADA IDENTITY SUITE - Adaptable Identity Management and Access Governance Governance Compliance Identity Management Cloud Self-Service Security Complete control of who has access to what is an essential
More informationAccenture & NetSuite
Accenture & NetSuite Gray background is only to allow visibility of all elements on page. Delete as needed. Delivering High Performance Turn off NOTES in Layers menu to Through the Cloud eliminate these
More informationEMC Documentum Information Rights Management
EMC Documentum Information Rights Management David Mendel Sr. Product Marketing Manager EMC Corporation June 2008 1 Securing Content Across the Enterprise Documentum Security Overview Confirm System is
More information05.0 Application Development
Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development
More informationSupply Chain Management Build Connections
Build Connections Enabling a business in manufacturing Building High-Value Connections with Partners and Suppliers Build Connections Is your supply chain responsive, adaptive, agile, and efficient? How
More informationRamco Cloud for Connected Enterprise RACE
Ramco Cloud for Connected Enterprise RACE There is an Ecosystem around every Enterprise Dealers Sub-Dealers Retailers Franchisee Distributors Wholesalers Service Centres Channels Suppliers Manufacturing
More informationManaging Open Source Code Best Practices
Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate
More informationToday s Volatile World Needs Strong CFOs
Financial Planning Today s Volatile World Needs Strong CFOs Strategist Steward Operator CFO 2014 SAP AG or an SAP affiliate company. All rights reserved. 2 2 Top Business Priorities for the CFO Finance
More informationDynamic Enterprise Performance Management
TM Dynamic Enterprise Performance Management Data. Insights. Action. 1 Pull insight out of the chaos Chaos. It s a word that few CFOs would like associated with their businesses; but when it comes to decision
More informationENTERPRISE CONTENT MANAGEMENT. Which one is best for your organisation?
ENTERPRISE CONTENT MANAGEMENT Which one is best for your organisation? INFORMATION MANAGEMENT Information management environments are comprised of legacy information resident in line of business applications,
More informationManaging Complex Capital Portfolio using PPM integration with PS, CATS & FICO. Session: 2804. Sanjaya Una
Managing Complex Capital Portfolio using PPM integration with PS, CATS & FICO Session: 2804 Sanjaya Una Agenda 1. About GyanSys 2. Overview - PPM 5.0 Technical Architecture 3. Case Study Managing Complex
More informationProtect the data that drives our customers business. Data Security. Imperva s mission is simple:
The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent
More informationINFOR 10 ERP DISCRETE ienterprise (XA) PRODUCT ROADMAP
INFOR 10 ERP DISCRETE ienterprise (XA) PRODUCT ROADMAP Agenda XA Evolution Infor 10 and XA XA Business Case XA Conference Announcements XA Development Roadmap 2 3 Copyright 2011 Infor. All rights reserved.
More informationEnabling Data Quality
Enabling Data Quality Establishing Master Data Management (MDM) using Business Architecture supported by Information Architecture & Application Architecture (SOA) to enable Data Quality. 1 Background &
More informationInformation Classification:
Information Classification: First Step to Effective Information Security" Sylvia C. Diaz, MS, MBA, CIPP/US! Associate Director, Information Governance" Biogen Idec" A little bit about me" Sylvia C. Diaz,
More informationJourney to the Private Cloud. Key Enabling Technologies
Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010 1 The current I/T state: Infrastructure sprawl Information explosion
More informationTrust but Verify: Best Practices for Monitoring Privileged Users
Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity
More informationSAP HANA Live for SAP Business Suite. David Richert Presales Expert BI & EIM May 29, 2013
SAP HANA Live for SAP Business Suite David Richert Presales Expert BI & EIM May 29, 2013 Agenda Next generation business requirements for Operational Analytics SAP HANA Live - Platform for Real-Time Intelligence
More informationHow to Solve the B2B Integration and Managed File Transfer challenge in Retail Business
How to Solve the B2B Integration and Managed File Transfer challenge in Retail Business Rochelle Harrison Senior Client Technical Professional/Industry Solutions Successful File Transfer The Drivers Business
More informationAras Innovator Solutions for Complex Materials. Copyright 2012 Ceradyne
Aras Innovator Solutions for Complex Materials Agenda About Ceradyne Problem Statements Aras Innovator Solutions Our Integrated Solutions for PLM & beyond Business Intelligence Why PLM/PDM? PLM Architectures
More informationRemote Access Platform. Architecture and Security Overview
Remote Access Platform Architecture and Security Overview NOTICE This document contains information about one or more ABB products and may include a description of or a reference to one or more standards
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationReal-Time Database Protection and. Overview. 2010 IBM Corporation
Real-Time Database Protection and Monitoring: IBM InfoSphere Guardium Overview Agenda Business drivers for database security InfoSphere Guardium architecture Common applications The InfoSphere portfolio
More informationWebsense Data Security Solutions
Data Security Suite Data Discover Data Monitor Data Protect Data Endpoint Data Security Solutions What is your confidential data and where is it stored? Who is using your confidential data and how? Protecting
More informationwww.ducenit.com Analance Data Integration Technical Whitepaper
Analance Data Integration Technical Whitepaper Executive Summary Business Intelligence is a thriving discipline in the marvelous era of computing in which we live. It s the process of analyzing and exploring
More informationGoverned Migration using Dell One Identity Manager
Governed Migration using Dell One Identity Manager How Dell Identity Manager not only reduces migration costs and improves migration outcomes, but delivers ongoing value Abstract Sooner or later, your
More informationWHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity
WHITE PAPER Practical Information Governance: Balancing Cost, Risk, and Productivity Sponsored by: EMC Corporation Laura DuBois August 2010 Vivian Tero EXECUTIVE SUMMARY Global Headquarters: 5 Speen Street
More informationStrategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP
Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP Principal Systems Engineer Symantec LAMC Agenda 1 What DLP is and its purpose 2 Challenges
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationSeminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues. Palace Hotel Saigon, HCMC, November 19 th 2014
Seminar on Unfair Competition Enforcement in the United States and Supply Chain Cybersecurity Issues Palace Hotel Saigon, HCMC, November 19 th 2014 Cyber Security and Supply Chain Integrity as Risk Factors
More informationRSA Identity and Access Management 2014
RSA Identity and Access Management 2014 1 Agenda Today s Enterprises and IAM Customer Challenges IAM Requirements RSA IAM Our Competitive Advantage Leading The Pack RSA Views on Identity Management and
More informationCloud Security: The Grand Challenge
Dr. Paul Ashley IBM Software Group pashley@au1.ibm.com Cloud Security: The Grand Challenge Outline Cloud computing: the pros, the cons, the blind spots Security in the cloud - what are the risks now and
More informationThe Power of Risk, Compliance & Security Management in SAP S/4HANA
The Power of Risk, Compliance & Security Management in SAP S/4HANA OUR AGENDA Key Learnings Observations on Risk & Compliance Management Current State Current Challenges The SAP GRC and Security Solution
More informationSecurity Overview. BlackBerry Corporate Infrastructure
Security Overview BlackBerry Corporate Infrastructure Published: 2015-04-23 SWD-20150423095908892 Contents Introduction... 5 History... 6 BlackBerry policies...7 Security organizations...8 Corporate Security
More informationDow Corning Uses Enterprise Rights Management to Help Protect Intellectual Property
Dow Corning Uses Enterprise Rights Management to Help Protect Intellectual Property Overview Country or Region: United States Industry: Manufacturing Customer Profile Dow Corning is a global leader in
More informationData Security: Strategy and Tactics for Success
Data Security: Strategy and Tactics for Success DatabaseVisions,Inc. Fairfax, Va Oracle Gold Partner Solution Provider Oracle Security Specialized www.databasevisions.com Overview Cloud Computing presents
More informationManufacturer to Enhance Efficiency with Improved Identity Management
Microsoft Forefront: Security Products for Business Customer Solution Case Study Manufacturer to Enhance Efficiency with Improved Identity Management Overview Country or Region: United States Industry:
More informationRSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation
RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More informationDigital Signatures for SharePoint
Digital Signatures for SharePoint Rodd Schlerf ARx - FDA Markets Manager fda@arx.com Jonathan Schreiber ARx - SE Manager ARX 855 The Folsom most St. widely Suite 939 deployed San Francisco, signature CA
More informationHow can Identity and Access Management help me to improve compliance and drive business performance?
SOLUTION BRIEF: IDENTITY AND ACCESS MANAGEMENT (IAM) How can Identity and Access Management help me to improve compliance and drive business performance? CA Identity and Access Management automates the
More informationSAP Business ByDesign and SAP ERP. SAP Business ByDesign for Subsidiaries Overview of Functional and Technical Integration with Headquarters SAP ERP
SAP Business ByDesign and SAP ERP SAP Business ByDesign for Subsidiaries Overview of Functional and Technical Integration with Headquarters SAP ERP SAP Business ByDesign for Subsidiaries Table of Contents
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationW H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010
W H I T E P A P E R E n a b l i n g S h a r e P o i n t O p e r a t i o n a l E f f i c i e n c y a n d I n f o r m a t i o n G o v e r n a n c e w i t h E M C S o u r c e O n e Sponsored by: EMC Corporation
More informationThe Accenture/ Siemens PLM Software Alliance
The Accenture/ Siemens PLM Software Alliance Enabling Efficient Product Lifecycle Management Companies in a wide range of industries rely upon Product Lifecycle Management (PLM) to grow their business,
More informationThe Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach
The Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach by Philippe Courtot, Chairman and CEO, Qualys Inc. Information Age Security Conference - London - September 25
More informationAssetCenter 4.4. Total Asset Visibility and Control. Control Costs. Ensure Compliance. Reduce Complexity
AssetCenter 4.4 Total Asset Visibility and Control Control Costs Ensure Compliance Reduce Complexity Peregrine AssetCenter Compliance requirements. Complex infrastructure. Exploding demand. Tighter budgets.
More informationEND-TO-END BANKING SOLUTIONS
END-TO-END BANKING SOLUTIONS AND SERVICES PARTNERING WITH THAKRAL ONE BI AND ANALYTICS MOVING FROM BIG DATA TO REAL DATA Increased pressures from regulatory compliance, rapid global economic changes, and
More informationIntegrating GRC with Performance Management Demands Enterprise Solutions
As published in the April n May n June 2008 issue of Integrating GRC with Performance Demands Enterprise Solutions by Lee Dittmar, Principal, Deloitte Consulting LLP and Peter Vogel, Senior Manager, Deloitte
More informationRapid Development of Smart and Self-Adaptive Cloud, Mobile & IoT Applications - Accelerating the Last Mile of Cloud Computing
Rapid Development of Smart and Self-Adaptive Cloud, Mobile & IoT Applications - Accelerating the Last Mile of Cloud Computing Jesse Shiah CEO and Co-founder Jesse.shiah@agilepoint.com 2013 AgilePoint,
More informationInforCloudSuite Industrial
InforCloudSuite Industrial Industry Suite Handbook Overview What if... You could quickly and easily take steps to embrace speed and agility, while reducing IT upgrade and maintenance costs within your
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More information