IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach"

Transcription

1 IDENTITY MANAGEMENT AND WEB SECURITY A Customer s Pragmatic Approach

2 AGENDA What is Identity Management (IDM) or Identity and Access Management (IAM)? Benefits of IDM IDM Best Practices Challenges to Implement Wrapping Up 2

3 IDM VS. IAM Identity Management (IDM) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity. (Techtarget, echtarget.com/definition/identitymanagement) Identity and Access Management (IAM) model provides a framework for simplifying the management of access to services, implementing policy, increasing transparency, and enabling operations to scale by integrating an enterprise identity management infrastructure with services provided by both central and distributed IT. (Internet2, Identity and Access Management) 3

4 IDENTITY AND ACCESS MANAGEMENT What Is It? Provisioning / De provisioning process improvement Life Cycle User On Boarding Access Control and Management Authentication (including multi factor and physical security) User Termination / Disablement Access Provisioning Single Sign On Password Self Service Access Management Access Control Provides security framework to assist with compliance 4

5 ORGANIZATIONAL IDENTITY MANAGEMENT DREAMS The Dream The Reality Centralized authentication and authorization infrastructure Common enterprise wide constituent identifier Strong authentication for all applications Centralized Identity Store Uniform and efficient provisioning workflow Multiple authentication and authorization infrastructures Multiple identifiers Variable authentication dependent on application Multiple Identity Stores / User repositories Disjointed workflows 5

6 Why Identity Management? Solution Web Single Sign On (WebSSO) Provisioning & Governance Role Based Access Control (RBAC) Federated Services Business Problem Multiple UserID s & Passwords Password Management Security Delayed On boarding Costly Password Resets Error Prone Orphan Accounts / De Provisioning Manual Periodic Access Review Hard to Detect Inappropriate Privileges Difficult to Enforce Segregation of Duties Control High Cost of Project Integration for future Partner site / Customer Integration Burden of Identity Ownership Value Single UserID Single Password Strong Authentication Audit Reports Centralized Password Automated Hire to Retire Process Self Service Approval Workflows Audit Reports Automate Audit and Compliance Reporting, Detect and Eliminate Orphan Accounts Streamline Periodic Access Review Process Improved Customer / Partner Relationship Improved Customer Enrollment New Services Value for Organization Single Password for Administrators/ Developers/ Non standard Users Eliminate need to logic multiple times Elimination of Network Service Request Form Access to view paystubs online VPN for all Self password reset Periodic Access Review to Peoplesoft Access Fine Grained Access Review Web Based Audit report dashboard egovernance Compliant 6

7 BASIC CAPABILITIES Automated account creation Directory/AD integration and synchronization Centralized authentication and authorization Delegated Administration Reduced/Single Sign On Event logging 7

8 ENHANCED CAPABILITIES User Self service Automated provisioning User interfaces ( My Identity ) Logging, auditing, and report Automated workflow IT User asset inventory Automated notifications Strong authentication 8

9 ADVANCED CAPABILITIES Role Based Access Control (RBAC) Advanced provisioning Role based self service Policy based asset management Customized compliance reports Advanced auditing and reporting Federated identity services IDM/SIEM integration Identity as a service (SOA) Physical access card integration 9

10 CHALLENGES Complexity of IAM software and product offerings Lack of education and awareness Poor understanding/communication of program benefits Platform vs. Point Solutions IT sponsorship vs. business sponsorship Budget Authoritative Sources Data Integrity Reluctance of system/data owners Slow deployment; failure to show rapid value or benefit capture 10

11 BEST PRACTICES Identity Strategy and Organizational Positioning Define the Business Benefit Planning and Effective Implementation Future Ready Architecture Today Select Best Identity Services Technology and Functionality Develop and communicate a Roadmap 11

12 Desired Future State Reduced / Single Sign-On PeopleSoft SSO Server Provisioning PeopleSoft Compliance Automation and Role Based Access Control Federations and Strong AuthN Maximo Portal Virtual Directory Provisioning Identity Analytics / RBAC Federation Trapeze SSO Server SharePoint OWA All Accounts A D AD Mail PSFT Max imo VPN / Laptop CRM Reporting Engine Workflow Engine Strong AuthN Internet Users /Customers / Partners Reduce Password Reset Reduced /Single Sign-On Establish Unique Global IDs Fraud Prevention Initiate Role Based Access Control Streamline Hire to Retire Process Self Password Reset Self Service Account Request Delegated Administration Approval Based Provisioning Periodic Access Review Compliance Reporting Segregation of Duties ( SoD) Access Certifications / Attestation Role Governance Rogue Acct Mgmt Multi-Factor AuthN Partner On-Boarding Authentication Security Real-time Anomaly Detection Proactive Fraud Prevention Reporting and forensics Security and Identity Governance Framework 12

13 WEB SECURITY Identity Federation Services Oriented Architecture (SOA) Centralized Account De/Provisioning Integration with Physical Security Attestation and Entitlements Role Based Access Control (RBAC) 13

14 Federated Services What is Identity Federation? Identity personal information used to identify a user Federation establish trust relationships among decentralized security and policy domains Benefits: Each domain shares its local identity and security information via standard mechanism Each domain retains its owns internal directory, meta-directory, account provisioning and PKI services No central identity repository SSO to heterogeneous applications on federal site 14

15 STREAMLINED PROVISIONING OF ACCOUNTS AND GROUPS HR CRM ABC + HR Application EPM Maximo Portal New Employee Maximo PAR / SPAR Trapeze GIS COGNOS New Contractors Manager Enters New Contractor Details AD Exchange Directory Net New Customers, Partners, Delegated Administrators Self Registration Approve or Reject IT Infrastructure Systems Physical Assets and IT Assets 15

16 Role Based Access Control 16

17 Advanced Security 17

18 WRAPPING UP Research Administrative / Programmatic Business Sponsor / Stakeholder Acceptance Communicate Plan Communicate Technical A well defined, single, logical identity repository shall contain the gold copy of all identity information that is in turn updated solely by trusted, authoritative sources. The identity infrastructure shall provide meaningful reports on auditable identity events as required for compliance purposes. The identity management infrastructure shall be sufficiently flexible and interoperable to support a heterogeneous environment. 18

19 Victor Iwugo Chief Information Security Officer Washington Metropolitan Area Transit Authority (WMATA) 19

Enterprise Identity Management Reference Architecture

Enterprise Identity Management Reference Architecture Enterprise Identity Management Reference Architecture Umut Ceyhan Principal Sales Consultant, IDM SEE Agenda Introduction Virtualization Access Management Provisioning Demo Architecture

More information

The Unique Alternative to the Big Four. Identity and Access Management

The Unique Alternative to the Big Four. Identity and Access Management The Unique Alternative to the Big Four Identity and Access Management Agenda Introductions Identity and Access Management (I&AM) Overview Benefits of I&AM I&AM Best Practices I&AM Market Place Closing

More information

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions Introduction This paper provides an overview of the integrated solution and a summary of implementation options

More information

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges 1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda Business challenges

More information

Quest One Identity Solution. Simplifying Identity and Access Management

Quest One Identity Solution. Simplifying Identity and Access Management Quest One Identity Solution Simplifying Identity and Access Management Identity and Access Management Challenges Operational Efficiency Security Compliance Too many identities, passwords, roles, directories,

More information

Identity Governance Evolution

Identity Governance Evolution Identity Governance Evolution Paola Marino Principal Sales Consultant Agenda Oracle Identity Governance Innovation Cloud Scenarios enabled by Oracle Identity Platform Agenda Oracle

More information

Oracle Identity And Access Management

<Insert Picture Here> Oracle Identity And Access Management Oracle Identity And Access Management Gautam Gopal, MSIST, CISSP Senior Security Sales Consultant Oracle Public Sector The following is intended to outline our general product direction.

More information

Oracle Mobile Security Suite. René Klomp 6 mei 2014

Oracle Mobile Security Suite. René Klomp 6 mei 2014 Oracle Mobile Security Suite René Klomp 6 mei 2014 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be

More information

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value. Security management White paper Develop effective user management to demonstrate compliance efforts and achieve business value. September 2008 2 Contents 2 Overview 3 Understand the challenges of user

More information

Identity Management Overview. Bill Nelson bill.nelson@gca.net Vice President of Professional Services

Identity Management Overview. Bill Nelson bill.nelson@gca.net Vice President of Professional Services Identity Management Overview Bill Nelson bill.nelson@gca.net Vice President of Professional Services 1 Agenda Common Identity-related Requests Business Drivers for Identity Management Account (Identity)

More information

Identity Management with midpoint. Radovan Semančík FOSDEM, January 2016

Identity Management with midpoint. Radovan Semančík FOSDEM, January 2016 Management with midpoint Radovan Semančík FOSDEM, January 2016 Radovan Semančík Current: Software Architect at Evolveum Architect of Evolveum midpoint Contributor to ConnId and Apache Directory API Past:

More information

RSA Identity Management & Governance (Aveksa)

RSA Identity Management & Governance (Aveksa) RSA Identity Management & Governance (Aveksa) 1 RSA IAM Enabling trusted interactions between identities and information Access Platform Authentication Federation/SSO Employees/Partners/Customers Identity

More information

Identity and Access Management

Identity and Access Management Cut costs. Increase security. Support compliance. www.siemens.com/iam Scenarios for greater efficiency and enhanced security Cost pressure is combining with increased security needs compliance requirements

More information

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management Introductions KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management Agenda 1. Introduction 2. What is Cloud Computing? 3. The Identity Management

More information

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet

More information

Identity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp.

Identity Management Basics. OWASP May 9, 2007. The OWASP Foundation. Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com. http://www.owasp. Identity Management Basics Derek Browne, CISSP, ISSAP Derek.Browne@Emergis.com May 9, 2007 Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms

More information

Identity Management. Presented by Richard Brown. November 2014. November 2014. MILCIS IdM

Identity Management. Presented by Richard Brown. November 2014. November 2014. MILCIS IdM Identity Management Presented by Richard Brown Who is Cogito? Who are we? Why listen to us? Started as an information protection company working on the ADO PKI Moved into IdM as natural progression to

More information

Integrating Hitachi ID Suite with WebSSO Systems

Integrating Hitachi ID Suite with WebSSO Systems Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication

More information

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Horst Bliedung Director International Sales CEE Siemens IT Solutions and Services

More information

Identity and Access Management for the Hybrid Enterprise

Identity and Access Management for the Hybrid Enterprise Identity and Access Management for the Hybrid Enterprise Redmond Identity Summit 2014 Directories Devices Identity Keith Brintzenhofe Microsoft Corporation Thank You to our Sponsors Gold Silver Plus Silver

More information

1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing

1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing 1 Introduction to Identity Management Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications An overview of business drivers and technology solutions. 2 Identity and Access Needs

More information

Identity & Access Management Gliding Flight. Paolo Ottolino PMP CISSP ISSAP CISA CISM OPST ITIL

Identity & Access Management Gliding Flight. Paolo Ottolino PMP CISSP ISSAP CISA CISM OPST ITIL Identity & Access Management Gliding Flight Paolo Ottolino PMP CISSP ISSAP CISA CISM OPST ITIL Agenda 1 General Concepts 2 Logical Components 3 Implementation Structure 4 5 Governance Web App Firewall

More information

Achieving HIPAA Compliance with Identity and Access Management

Achieving HIPAA Compliance with Identity and Access Management Achieving HIPAA Compliance with Identity and Access Management A Healthcare Case Study Stephen A. Whicker Manager Security Compliance HIPAA Security Officer AHIS/St. Vincent Health DISCLAIMER: The views

More information

Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1

Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1 Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1 Agenda Introduction PAGE 2 Organization Speakers Security Spectrum Information Security Spectrum Oracle Identity Management

More information

Presentation to House Committee on Technology: HHS System Identity & Access Management

Presentation to House Committee on Technology: HHS System Identity & Access Management Presentation to House Committee on Technology: HHS System Identity & Access Management Bowden Hight Deputy Executive Commissioner Information Technology Services Health and Human Services Commission May

More information

Stephen Hess. Jim Livingston. Program Name. IAM Executive Sponsors. Identity & Access Management Program Charter Dated 3 Jun 15

Stephen Hess. Jim Livingston. Program Name. IAM Executive Sponsors. Identity & Access Management Program Charter Dated 3 Jun 15 Program Name Identity and Access Management (IAM) Implementation IAM Executive Sponsors Jim Livingston Stephen Hess 1 P age Project Scope Project Description The goal of this project is to implement an

More information

Business and Process Requirements Business Requirements mapped to downstream Process Requirements. IAM UC Davis

Business and Process Requirements Business Requirements mapped to downstream Process Requirements. IAM UC Davis Business and Process Requirements Business Requirements mapped to downstream Process Requirements IAM UC Davis IAM-REQ-1 Authorization Capabilities The system shall enable authorization capabilities that

More information

Key New Capabilities Complete, Open, Integrated. Oracle Identity Analytics 11g: Identity Intelligence and Governance

Key New Capabilities Complete, Open, Integrated. Oracle Identity Analytics 11g: Identity Intelligence and Governance Key New Capabilities Complete, Open, Integrated Oracle Analytics 11g: Intelligence and Governance Paola Marino Principal Sales Consultant, Management Agenda Drivers Oracle Analytics

More information

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com R2 Oracle Privileged Account Manager 11gR2 Karsten Müller-Corbach karsten.mueller-corbach@oracle.com The following is intended to outline our general product direction. It is intended for information purposes

More information

Integrating your On-Premise Applications with Cloud Applications

<Insert Picture Here> Integrating your On-Premise Applications with Cloud Applications Integrating your On-Premise Applications with Cloud Applications Agenda Hybrid IT Infrastructure An Emerging Trend A New Set of Challenges The Five Keys to Overcoming the Challenges

More information

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole.

EXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole. KuppingerCole Report EXECUTIVE VIEW By Peter Cummings October 2013 EmpowerID 2013 By Peter Cummings pc@kuppingercole.com October 2013 Content 1 Vendor Profile... 3 2 Product Description... 4 2.1 Single

More information

Oracle Identity Governance - Complete Identity Lifecycle Management

Oracle Identity Governance - Complete Identity Lifecycle Management Oracle Identity Governance - Complete Identity Lifecycle Management M.Sc.Eng. Mārtiņš Orinskis, DPA Ltd lead project manager 07.11.2013 About me M.Sc.Eng. Mārtiņš Orinskis DPA Ltd lead project manager

More information

IQS Identity and Access Management

IQS Identity and Access Management IQS Identity and Access Management Identity Management Authentication Authorization Administration www.-center.com The next generation security solution 2003 RSA Security Conference IAM is a combination

More information

Identity and Access Management The road to sustained compliance

Identity and Access Management The road to sustained compliance Identity and Access Management The road to sustained compliance Identity and Access Management An overview 1 On-boarding is the process of establishing an identity for a person, device, or system account

More information

Integrated Identity and Access Management Architectural Patterns

Integrated Identity and Access Management Architectural Patterns Redpaper Axel Buecker Dwijen Bhatt Daniel Craun Dr. Jayashree Ramanathan Neil Readshaw Govindaraj Sampathkumar Integrated Identity and Access Management Architectural Patterns Customers implement an integrated

More information

Vermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0

Vermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0 Vermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0 EA APPROVALS EA Approving Authority: Revision

More information

Kuppinger Cole Virtual Conference The Three Elements of Access Governance

Kuppinger Cole Virtual Conference The Three Elements of Access Governance Kuppinger Cole Virtual Conference The Three Elements of Access Governance Martin Kuppinger, Kuppinger Cole mk@kuppingercole.com December 8th, 2009 This virtual conference is sponsored by Axiomatics and

More information

Sun and Oracle: Joining Forces in Identity Management

Sun and Oracle: Joining Forces in Identity Management Sun and Oracle: Joining Forces in Identity Management The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

More information

Discussion Overview. Company Background. IAM Inertia. IAM at Chase. IAM Program Progress. IAM Tools Integration. Program Lessons Learned

Discussion Overview. Company Background. IAM Inertia. IAM at Chase. IAM Program Progress. IAM Tools Integration. Program Lessons Learned Discussion Overview Company Background IAM Inertia IAM Value Proposition IAM at Chase IAM Team Scope and Mission IAM Program Functional Structure IAM Team Functional Structure IAM Program Progress IAM

More information

Strategic Identity Management for Industrial Control Systems

Strategic Identity Management for Industrial Control Systems Strategic Identity Management for Industrial Control Systems Justin Harvey Encari ICSJWG 2010 Spring Conference Ground Rules Sticking to vendor neutral Questions Welcome Email me for a copy of the deck:

More information

Automated User Provisioning

Automated User Provisioning Automated User Provisioning NOMINATING CATEGORY: ENTERPRISE IT MANAGEMENT INITIATIVES NOMINATOR: TONY ENCINIAS, CHIEF TECHNOLOGY OFFICER COMMONWEALTH OF PENNSYLVANIA 1 TECHNOLOGY PARK HARRISBURG, PA 17110

More information

Introduction to Identity and Access Management for the engineers. Radovan Semančík April 2014

Introduction to Identity and Access Management for the engineers. Radovan Semančík April 2014 Introduction to Identity and Access Management for the engineers Radovan Semančík April 2014 How it works now? Manager Admin Login Users Login Admin Login Login Login Theory Manager Admin Forgot password

More information

Identity & access management solution IDM365 for the Pharma & Life Science

Identity & access management solution IDM365 for the Pharma & Life Science Identity & access management solution IDM365 for the Pharma & Life Science Achieve compliance with regulations such as FDA DEA Security Regulation Sarbanes Oxley 1 Challenges in your sector Pharmaceutical

More information

Government of Canada Directory Services Architecture. Presentation to the Architecture Framework Advisory Committee November 4, 2013

Government of Canada Directory Services Architecture. Presentation to the Architecture Framework Advisory Committee November 4, 2013 Government of Canada Directory Services Architecture Presentation to the Architecture Framework Advisory Committee November 4, 2013 1 Agenda TIME TOPICS PRESENTERS 9:00 9:15 Opening Remarks Objective for

More information

Identity and Access Management Point of View

Identity and Access Management Point of View Identity and Access Management Point of View Agenda What is Identity and Access Management (IAM)? Business Drivers and Challenges Compliance and Business Benefits IAM Solution Framework IAM Implementation

More information

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience

Kenneth Hee Director, Business Development Security & Identity Management. Oracle Identity Management 11g R2 Securing The New Digital Experience Kenneth Hee Director, Business Development Security & Identity Management Oracle Identity Management 11g R2 Securing The New Digital Experience This document is for informational purposes. It is not a

More information

Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS HEALTHCARE: A UNIQUELY COMPLEX ENVIRONMENT

Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS HEALTHCARE: A UNIQUELY COMPLEX ENVIRONMENT Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS The promise of reduced administrative costs and improved caregiver satisfaction associated with user provisioning

More information

ADAPTABLE IDENTITY GOVERNANCE AND MANAGEMENT

ADAPTABLE IDENTITY GOVERNANCE AND MANAGEMENT OMADA IDENTITY SUITE - Adaptable Identity Management and Access Governance Governance Compliance Identity Management Cloud Self-Service Security Complete control of who has access to what is an essential

More information

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, 2004 9:00 AM

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, 2004 9:00 AM Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance RSA Security and Accenture February 26, 2004 9:00 AM Agenda Laura Robinson, Industry Analyst, RSA Security Definition of

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information

B2C, B2B and B2E:! Leveraging IAM to Achieve Real Business Value

B2C, B2B and B2E:! Leveraging IAM to Achieve Real Business Value B2C, B2B and B2E:! Leveraging IAM to Achieve Real Business Value IDM, 12 th November 2014 Colin Miles Chief Technology Officer, Pirean Copyright 2014 Pirean Limited. All rights reserved. Safe Harbor All

More information

Oracle Role Manager. An Oracle White Paper Updated June 2009

Oracle Role Manager. An Oracle White Paper Updated June 2009 Oracle Role Manager An Oracle White Paper Updated June 2009 Oracle Role Manager Introduction... 3 Key Benefits... 3 Features... 5 Enterprise Role Lifecycle Management... 5 Organization and Relationship

More information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Certified Identity and Access Manager (CIAM) Overview & Curriculum Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management

More information

Open Source Identity Management

Open Source Identity Management Open Source Management OpenAlt 2015 Radovan Semančík November 2015 Ing. Radovan Semančík, PhD. Software architect Co-owner of Evolveum (open source company) Architect of midpoint project Apache committer

More information

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success Manvendra Kumar AST Corporation, IL Scott Brinker College of American Pathologist, IL August

More information

Developing an Identity Management Strategy

Developing an Identity Management Strategy Developing an Identity Management Strategy Yvonne Wilson Technical Director Identity Management Oracle On Demand Risk Management, Oracle Corporation. Copyright 2011 Yvonne Wilson,Oracle

More information

U.S. DEPARTMENT OF COMMERCE UNITED STATES PATENT AND TRADEMARK OFFICE. Privacy Impact Assessment

U.S. DEPARTMENT OF COMMERCE UNITED STATES PATENT AND TRADEMARK OFFICE. Privacy Impact Assessment U.S. DEPARTMENT OF COMMERCE UNITED STATES PATENT AND TRADEMARK OFFICE Privacy Impact Assessment Enterprise Software Services PTOI-020-00 July 8, 2015 Privacy Impact Assessment This Privacy Impact Assessment

More information

Identity Management: Securing Information in the HIPAA Environment

Identity Management: Securing Information in the HIPAA Environment Identity Management: Securing Information in the HIPAA Environment Mark Dixon Chief Identity Officer North American Software Line of Business Sun Microsystems 1 Agenda Challenges we Face Identity and Access

More information

NCSU SSO. Case Study

NCSU SSO. Case Study NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must

More information

Identity Access Management Challenges and Best Practices

Identity Access Management Challenges and Best Practices Identity Access Management Challenges and Best Practices Mr. Todd Rossin, Managing Director/Founder IDMWorks Special Thanks to JHU APL for providing the Parsons Auditorium for our use this evening 1 December

More information

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress secure Identity and Access Management solutions user IDs and business processes Your business technologists. Powering progress 2 Protected identity through access management Cutting costs, increasing security

More information

Provisioning and Deprovisioning 1 Provisioning/De-provisiong replacement 1

Provisioning and Deprovisioning 1 Provisioning/De-provisiong replacement 1 Item Count Provisioning/Deprovisioning Automated Deprovisioning 1 Automated on/off boarding from an authoritative source AUTOMATED [DE-]PROVISIONING 1 Removal of resources at the appropriate time 1 Timeliness

More information

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT Solution in Detail NetWeaver BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING NetWeaver IDENTITY MANAGEMENT Identity management today presents organizations with a host of challenges. System landscapes

More information

Regulatory Compliance Using Identity Management

Regulatory Compliance Using Identity Management Regulatory Compliance Using Identity Management 2015 Hitachi ID Systems, Inc. All rights reserved. Regulations such as Sarbanes-Oxley, FDA 21-CFR-11 and HSPD-12 require stronger security, to protect sensitive

More information

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM Toby Emden Vice President Strategy and Practices 2014 CONTENTS Evolution Business Drivers Provisioning

More information

Business-Driven, Compliant Identity Management

Business-Driven, Compliant Identity Management SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance

More information

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments Executive Overview... 3 Introduction...

More information

Conceptual Design. Forefront Identity Manager. Karen McLaughlin

Conceptual Design. Forefront Identity Manager. Karen McLaughlin Conceptual Design Karen McLaughlin January 29, 2013 Overview The purpose of this design is to provide information on the value in addition to Global Address List Synchronization (GAL Sync) that a full

More information

Provide access control with innovative solutions from IBM.

Provide access control with innovative solutions from IBM. Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business

More information

Take Control of Identities & Data Loss. Vipul Kumra

Take Control of Identities & Data Loss. Vipul Kumra Take Control of Identities & Data Loss Vipul Kumra Security Risks - Results Whom you should fear the most when it comes to securing your environment? 4. 3. 2. 1. Hackers / script kiddies Insiders Ex-employees

More information

- Identity & Access Management

- Identity & Access Management IBM Software Group NSHE - Identity & Access Management 2006 IBM Corporation Identity & Access Management Access Management and The Monitoring, Auditing and Reporting for Compliance So What s The Problem

More information

Trust but Verify: Best Practices for Monitoring Privileged Users

Trust but Verify: Best Practices for Monitoring Privileged Users Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity

More information

RSA enables rapid transformation of Identity and Access Governance processes

RSA enables rapid transformation of Identity and Access Governance processes RSA enables rapid transformation of Identity and Access Governance processes Sean Peasley, Principal Laxman Tathireddy, Senior Manager Deloitte & Touche LLP Cyber Risk Services Identity and Access Governance

More information

Best Practices Report

Best Practices Report Overview As an IT leader within your organization, you face new challenges every day from managing user requirements and operational needs to the burden of IT Compliance. Developing a strong IT general

More information

Minimize Access Risk and Prevent Fraud With SAP Access Control

Minimize Access Risk and Prevent Fraud With SAP Access Control SAP Solution in Detail SAP Solutions for Governance, Risk, and Compliance SAP Access Control Minimize Access Risk and Prevent Fraud With SAP Access Control Table of Contents 3 Quick Facts 4 The Access

More information

RSA Identity and Access Management 2014

RSA Identity and Access Management 2014 RSA Identity and Access Management 2014 1 Agenda Today s Enterprises and IAM Customer Challenges IAM Requirements RSA IAM Our Competitive Advantage Leading The Pack RSA Views on Identity Management and

More information

Streamlining Human Capital Management with Identity and Access Management. An Oracle White Paper December 2008

Streamlining Human Capital Management with Identity and Access Management. An Oracle White Paper December 2008 Streamlining Human Capital Management with Identity and Access Management An Oracle White Paper December 2008 NOTE: The following is intended to outline our general product direction. It is intended for

More information

How Accenture is taking SAP NetWeaver Identity Management to the next level. Kristian Lehment, SAP AG Matthew Pecorelli, Accenture

How Accenture is taking SAP NetWeaver Identity Management to the next level. Kristian Lehment, SAP AG Matthew Pecorelli, Accenture How Accenture is taking SAP NetWeaver Identity Management to the next level Kristian Lehment, SAP AG Matthew Pecorelli, Accenture In This Session You will receive an overview of the functionality that

More information

(A) User Convenience. Password Express Benefits. Increase user convenience and productivity

(A) User Convenience. Password Express Benefits. Increase user convenience and productivity Comparison Feature Sheet Feature Sheet is a next generation password management and password synchronization tool that provides users with reduced sign on experience across all applications and password

More information

Different Patterns of Identity Management Implemented in Cloud Computing

Different Patterns of Identity Management Implemented in Cloud Computing 2011 International Conference on Advancements in Information Technology With workshop of ICBMG 2011 IPCSIT vol.20 (2011) (2011) IACSIT Press, Singapore Different Patterns of Identity Management Implemented

More information

Identity and Access. Management Services. HCL Information Security Practice. Terrorist Sabotage. Identity Theft. Credit Card Fraud

Identity and Access. Management Services. HCL Information Security Practice. Terrorist Sabotage. Identity Theft. Credit Card Fraud Terrorist Sabotage Theft Credit Card Fraud Theft Corporate Malfeasance HCL Information Security Practice Why to go for IAM? Terrorist sabotage. theft. Credit card fraud. Corporate malfeasance. Privacy

More information

Single Sign-On. Security and comfort can be friend. Arnd Langguth. alangguth@novell.com. September, 2006

Single Sign-On. Security and comfort can be friend. Arnd Langguth. alangguth@novell.com. September, 2006 Single Sign-On Security and comfort can be friend. Arnd Langguth alangguth@novell.com September, 2006 Identity proliferation in the enterprise Password management problem How many passwords do you have?

More information

STATE OF NEW YORK IT Transformation. Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses

STATE OF NEW YORK IT Transformation. Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses STATE OF NEW YORK IT Transformation Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses June 8, 2012 Appendix B Consolidated Vendor Questions with

More information

Governance, Risk & Compliance for Public Sector

Governance, Risk & Compliance for Public Sector Governance, Risk & Compliance for Public Sector Steve Hagner EMEA GRC Solution Sales From egovernment to Oracle igovernment Increase Efficiency and Transparency Oracle igovernment

More information

Identity & Access Management Case Study & Lessons Learned. Prepared by Tariq Jan

Identity & Access Management Case Study & Lessons Learned. Prepared by Tariq Jan Identity & Access Management Case Study & Lessons Learned Prepared by Tariq Jan Investment Bank Case Study Top 5 leading global financial services firm $116 billion in revenue $2 trillion in assets 220k

More information

Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost

Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost Timothy Siu SE Manager, JES Nov/10/2003 sun.com/solutions/

More information

C21 Introduction to User Access

C21 Introduction to User Access C21 Introduction to User Access Management Introduction to User Access Management What we'll cover today What is it? Why do I care? Current trends in Identity & Access Management How do I audit it? What

More information

Identity & Access Management new complex so don t start?

Identity & Access Management new complex so don t start? IT Advisory Identity & Access Management new complex so don t start? Ing. John A.M. Hermans RE Associate Partner March 2009 ADVISORY Agenda 1 KPMG s view on IAM 2 KPMG s IAM Survey 2008 3 Best approach

More information

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology Establishing A Multi-Factor Authentication Solution Report to the Joint Legislative Oversight Committee on Information Technology Keith Werner State Chief Information Officer Department of Information

More information

Delivering value to the business with IAM

Delivering value to the business with IAM Delivering value to the business with IAM IDM, 18 th June 2014 Colin Miles Chief Technology Officer, Pirean Copyright 2014 Pirean Limited. All rights reserved. Safe Harbor All statements other than statements

More information

CA Technologies Solutions for Criminal Justice Information Security Compliance

CA Technologies Solutions for Criminal Justice Information Security Compliance WHITE PAPER OCTOBER 2014 CA Technologies Solutions for Criminal Justice Information Security Compliance William Harrod Advisor, Public Sector Cyber-Security Strategy 2 WHITE PAPER: SOLUTIONS FOR CRIMINAL

More information

BUYER S GUIDE. Identity Management and Governance

BUYER S GUIDE. Identity Management and Governance BUYER S GUIDE Identity Management and Governance 2 BUYER S GUIDE: IDENTITY MANAGEMENT AND GOVERNANCE Overview For those charged with selecting all or part of their organization s Identity Management and

More information

Oracle Reference Architecture and Oracle Cloud

Oracle Reference Architecture and Oracle Cloud Oracle Reference Architecture and Oracle Cloud Anbu Krishnaswamy Anbarasu Enterprise Architect Social. Mobile. Complete. Global Enterprise Architecture Program Safe Harbor Statement The following is intended

More information

Security and Identity

Security and Identity Security and Identity Management J. Alberto Yépez Vice President Oracle Corporation Agenda Corporate Background Business Drivers Oracle s Strategy Case Studies Oracle s Differentiation

More information

Research. Identity and Access Management Defined

Research. Identity and Access Management Defined Research Publication Date: 4 November 2003 ID Number: SPA-21-3430 Identity and Access Management Defined Roberta J. Witty, Ant Allan, John Enck, Ray Wagner An IAM solution requires multiple products from

More information

www.pwc.com PwC The Path Forward for Data Analysis and Continuous Auditing May 2011

www.pwc.com PwC The Path Forward for Data Analysis and Continuous Auditing May 2011 www.pwc.com The Path Forward for Data Analysis and Continuous Auditing May 2011 Agenda What are we hearing in the market? The CA Maturity Path Where to start? What is the difference between CA & CCM? Best

More information

Identity and Access Management. An Introduction to IAM

Identity and Access Management. An Introduction to IAM Identity and Access Management An Introduction to IAM Table of contents Introduction... 3 What is Identity and Access Management?... 3 Identity and Access Management components... 3 Business drivers for

More information

The Principles of Audit Automation for Access Control

The Principles of Audit Automation for Access Control The Principles of Audit Automation for Access Control Redmond Identity Summit 2014 Directories Devices Identity Marvin Tansley Thank You to our Sponsors Gold Silver Plus Silver Agenda The Role of Identity

More information

Complete Database Security. Thomas Kyte http://asktom.oracle.com/

Complete Database Security. Thomas Kyte http://asktom.oracle.com/ Complete Database Security Thomas Kyte http://asktom.oracle.com/ Agenda Enterprise Data Security Challenges Database Security Strategy Oracle Database Security Solutions Defense-in-Depth Q&A 2 Copyright

More information

Identity Management Roadmap and Maturity Levels. Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de

Identity Management Roadmap and Maturity Levels. Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de Identity Roadmap and Maturity Levels Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de Major Trends in Identity Guidelines for an IAM roadmap Service-orientation: Identity has to provide defined

More information