Centrify Server Suite Health Check



Similar documents
Centrify OS X Basic Jump Start

Centrify DirectAudit Jump Start Service

Centrify Express72 Jump Start Upgrade Service

Centrify Suite Enterprise Edition Online Training

Centrify Server Suite, Standard Edition Design Service

Centrify Cloud Connector Deployment Guide

Office 365 Single Sign-On: High Availability Without High Complexity

Google Apps Deployment Guide

What s New in Centrify Privilege Service Centrify Identity Platform 15.4

TOGAF Certification for People Training Course Accreditation Policy

Centrify Server Suite Management Tools

ADOBE PSLT - ADOBE EXPERIENCE MANAGER: MANAGED SERVICES BASIC (2015V2.1)

Risk Management of Outsourced Technology Services. November 28, 2000

AGREEMENT- LEXMARK ENTERPRISE SOFTWARE, LLC

Implementation Consulting

Cloud Hosting Terms and Conditions

Request for Proposal For: PCD-DSS Level 1 Service Provider St. Andrew's Parish Parks & Playground Commission Bid Deadline: August 17, 2015 at 12 Noon

Speeding Office 365 Implementation Using Identity-as-a-Service

DQS UL ASSESSMENT AND CERTIFICATION REGULATIONS

State of Oregon. State of Oregon 1

Cloud Computing Security Considerations

THIS SERVICE LEVEL AGREEMENT DEFINES THE SERVICE LEVELS PROVIDED TO YOU BY THE COMPANY.

Lumous standard terms and conditions web design and development

SYSTEM SOFTWARE AND OR HARDWARE SUPPORT SERVICES (PREMIUM 24x7)

Automated Provisioning Extensibility Engineering Services

DS Customer Support Team will make reasonable effort to provide high quality Support Service and comply with these Support Policies.

HYBRID SOLUTIONS INDEPENDENT SOFTWARE VENDOR AGREEMENT

ZIMPERIUM, INC. END USER LICENSE TERMS

Hosted SharePoint: Questions every provider should answer

Overview Software Assurance is an annual subscription that includes: Technical Support, Maintenance and Software Upgrades.

Windows Least Privilege Management and Beyond

Attachment for IBM Internet Security Systems Products and Services

TENDER NUMBER: ITT/SACU/015/2015/O Information and Communication Technology (ICT) Audit IT Effectiveness Review

TO: Chief Executive Officers of National Banks, Federal Branches and Data-Processing Centers, Department and Division Heads, and Examining Personnel

Sample Statement of Work

ATTACHMENT 1: CONTRACTOR PAST PERFORMANCE REPORT CONSULTING SERVICES Note: Continuation sheets may be used if more space is required.

Information Security Program Management Standard

Software Support Maintenance Agreement

Spambrella SaaS Support Terms & Conditions

How To Use Adobe Software For A Business

<name of project> Software Project Management Plan

Vermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0

PerfectForms End-User License Agreement

InForm On Demand Single Trial Services Description

GUIDANCE FOR MANAGING THIRD-PARTY RISK

By using the Cloud Service, Customer agrees to be bound by this Agreement. If you do not agree to this Agreement, do not use the Cloud Service.

The Open Group Certified IT Specialist (Open CITS) Program: Accreditation Agreement. May 2011 Revision The Open Group

AriesoGEO Support Services Terms and Conditions (12x5)

Development, Acquisition, Implementation, and Maintenance of Application Systems

THIS SERVICE LEVEL AGREEMENT DEFINES THE SERVICE LEVELS PROVIDED TO YOU BY THE COMPANY ( Exchange My Mail ).

Professional Services Agreement

TUFIN SOFTWARE NORTH AMERICA, INC. GENERAL TERMS AND CONDITIONS FOR SUPPORT AND MAINTENANCE SERVICES [Last revised: May 11, 2014]

Centrify Identity Service and Mac - Online Training

Infrastructure Technical Support Services. Request for Proposal

ITSM Process Description

COMPUTER SERVICES AGREEMENT

Service Schedule for CLOUD SERVICES

PROJECT MANAGEMENT PLAN TEMPLATE < PROJECT NAME >

MICHIGAN DEPARTMENT OF TECHNOLOGY, MANAGEMENT AND BUDGET UCC and CPC MDOS Letters to FileNet PROJECT MANAGER STATEMENT OF WORK (SOW)

SOFTWARE UPDATE SERVICES (SUS)

AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND

Supplier Information Security Addendum for GE Restricted Data

Service Description. vstart Solution Assistance & Consulting Service

END USER LICENSE AGREEMENT DATABASE MANAGEMENT TOOL LICENSE

VENDOR MANAGEMENT. General Overview

Questionmark Terms and Conditions for providing Software Support and Consulting Services

BCS Premier Services Service Description

Internet Trading Regulations Of the Karachi Stock Exchange (Guarantee) Limited

Media Shuttle s Defense-in- Depth Security Strategy

City of Vallejo REQUEST FOR PROPOSAL WORKERS COMPENSATION CLAIMS AUDIT

SAAS MADE EASY: SERVICE LEVEL AGREEMENT

IEEE COMPUTER SOCIETY ONLINE PRODUCTS AGREEMENT. Address. . Facsimile

MASTER SERVICES AGREEMENT - DIGITAL ADVERTISING SERVICES

An Overview of Samsung KNOX Active Directory and Group Policy Features

ELLIPTICS, LTD. TERMS OF SERVICE. For Elliptics branded products: Webcrossing Core, Webcrossing Community, Webcrossing Neighbors 1.

Gatekeeper PKI Framework. February Registration Authority Operations Manual Review Criteria

GENERAL TERMS AND CONDITIONS FOR SAP CLOUD SERVICES ( GTC )

ediscovery Implementation Services Statement of Work To be Executed under State Blanket Contract ITS53 Cat2B

Strategic Network Consulting

Automatic Recurring Payment Application

CONSULTING SERVICES AGREEMENT

GENERAL OPERATIONS MANUAL FOR ASTM PRODUCT CERTIFICATION PROGRAM

CAP CONSULTING SERVICES AGREEMENT

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

CITRIX SYSTEMS, INC. SOFTWARE LICENSE AGREEMENT

THIS SERVICE LEVEL AGREEMENT DEFINES THE SERVICE LEVELS PROVIDED TO YOU BY COMPANY.

SAAS SERVICES ORDER FORM

Janison Terms and Conditions. Updated Jan 2013

CRM in a Day Support Services Agreement

ADVANCED CUSTOMER SUPPORT ORACLE FUNCTIONAL HELP DESK EXHIBIT

Technology Partner Program

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Vendor Management. Outsourcing Technology Services

CA Privileged Identity Manager r12.x (CA ControlMinder) Implementation Proven Professional Exam

CRM Support Services Agreement

TALECH SAAS SERVICES ORDER FORM. Fax:

Cloud Computing: Legal Risks and Best Practices

Enterprise Single Sign-On SOS. The Critical Questions Every Company Needs to Ask

ADP Ambassador /Referral Rewards Program. Terms and Conditions of Use

Transcription:

CENTRIFY OPERATIONS HEALTH CHECK OVERVIEW Centrify Server Suite Health Check Summary Have you ever wondered if your organization is using Centrify s solution to the fullest potential? At Centrify, we take our role as one of your trusted advisors seriously. Our primary focus has always been to ensure that your organization is successful in your deployment of Centrify software. Our Centrify Operations Health Check helps ensure that your current deployment is as optimized as possible. If it isn t, we will provide you with recommendations and specific areas of improvement. What does a Health Check do for me? A Centrify Senior Consultant will meet with your Operations and Security teams to discuss Provisioning, Access Controls, Architecture, Audit Architecture, and Centrify Specific Operations. If new Identity Management personnel have joined your team, this is a great learning opportunity for them. In each case, the Senior Consultant will look to score the Approach, Deployment, and Results. There will be a technical overview open to all the involved technical teams midway through the engagement. The senior consultant will review the findings and recommendations with those who played a valuable role in completing the analysis. This overview also allows the technical teams an opportunity to add to the documentation. We conduct a presentation for your Executive Team covering the Score Card, our Findings, Recommendations, Ownership Matrix, and a Heat Map referencing risk and impact factors against Financial, Reputational, Security, Regulatory, and Performance areas. Benefits of the Centrify Operational Health Check Maximize the efficiency of your Identity Management capabilities. Align and integrate the scope of current IT projects with current Centrify solution capabilities. Address two key points that reduce the effectiveness of many IT Projects: o o Projects are typically limited in overall scope. They may identify some current pain points (authentication), but rarely do they encompass roadmap level vision or scalability (privilege management, user provisioning, on-premise & off premise access etc). Projects rarely get re-funded for a second iteration. All projects have resources, and in the IT organization those resources are usually heavily leveraged and only have a specific amount of time to deliver. Anything not initially part of the project charter often is permanently omitted despite clear organizational benefits. A Centrify Operational Health Check takes the guesswork out of future projects associated with your Identity Management capabilities. Acting on our Health Check findings will help you to optimize your environment. Those changes might be a simple configuration change handled by your local administrators. They might also involve interdepartmental meetings to determine ownership and prioritization of the recommendations. It could also include scheduling some time for Centrify to come on site and assist in a design or upgrade, or implementation services. Our best practices and findings from our Global 1 customers are the basis of our recommendations. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 1

Deliverables As part of the service, you will receive the following: Over 8 specific checks that focus on Provisioning, Access Controls, Architecture, Audit Architecture, and specific Centrify Operations that measure documentation, process, and ownership against our best practices and industry standards. A Health Check Document with a breakdown of all Findings and Recommendations, Score Card input, and Score Card Heat Map. Executive Presentation of Health Check Findings, Recommendations, and Score Card. Duration Duration is 5 consecutive business days at customer facility. Who Should Participate The Senior Consultant will need to speak to a diverse number of resources based on their participation in the day-today operations of Centrify's solution. Most organizations name a Centrify Administrator to be available for the duration of the engagement. If we need to expand to other department resources, we would normally meet with these other departments in the first 48 to 7 hours: Security Organization, Linux/UNIX Operations, Active Directory Architect, System Administrators. If a project or change manager is assigned to the project they should also plan to attend. Format Daily process and administrative discussions held at the customer s location. The provisioning and de-provisioning of a test account will be part of the processes reviewed. This test user account will be completely removed and deleted at the end of the engagement. Logistics This package is delivered on-site only. The project room should be equipped with an LCD projector, a whiteboard with dry-erase markers, and a printer should be available. Customer participants will require direct network access. Pricing and Ordering This offering is invoiced on purchase and is valid for 6 months from the date of purchase. Contact your Centrify Sales representative for pricing details for your region and to arrange for a time, place, and schedule. Customizations The Centrify Professional Services team has the skill and expertise to handle or assist with many implementation customizations where needed. If there are extra implementation tasks that are required, custom scripting needs, custom integration requirements, or any other technical services that will be useful to customer success with Centrify, our services team can set up a pre-sales scoping call to provide custom implementation estimates to fulfill these needs. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED

CENTRIFY OPERATIONS HEALTH CHECK Centrify Health Check Focus Area A D R Score Provisioning 4. Assessment Summary Impact Improvement Necessary 4. Access. 4. Architecture. Major Deficiency 4. Audit Architecture. No System or Process in Place 1. Centrify Operations 4.5 5. Privilege Management for Unix. 4. Push Software, Join, Test.8. UNIX Service Accounts 6 4 6 5.5 Outstanding. Privilege Management for Windows. No System or Process in Place.1 Troubleshooting.8 5. A: Approach D: Deployment R: Results Score = (A + D + x R)/4 No System or Process in Place Major Deficiency Satisfactory Outstanding - Priv Management for Windows and Audit Architecture - Architecture - Provisioning, Access, Centrify Ops, Priv Management, Push Software Join and Text, and Troubleshooting - UNIX Service Accounts 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED

Day Description Daily Overview 1 Centrify Professional Services and your personnel review the following areas within your environment: Provisioning: 1 key checkpoints Access: 14 key checkpoints Architecture: key checkpoints Example checkpoints: User, Group, Host, Service Account, and Emergency Access (provisioning and de-provisioning). Granular single system access, Grouped system access, and Overall system access. Access accountability with Separation of Duties, and Classic vs. Hierarchical Zone administration processes. Centrify Professional Services and your personnel review the following areas within your environment: Audit Architecture: key checkpoints Centrify Specific Operations: 1 key operations Example checkpoints and operations: Audit Architecture, Critical Systems, Audit Infrastructure, Audit Roles and Separation of Duties, Database Model and Data Retention (Active vs. Attached vs. Archive), Disaster Recovery Plan. Centrify Professional Services will wrap up any follow up meetings, or details, and complete Health Check documentation in the first part of the workday. Technical Presentation of Centrify Operational Health Check document Typically this will be an afternoon session with an open invitation to the technical team(s), department(s) that have provided key information for the analysis, findings and recommendations to date. If a conference room is not suitable, a WebEx invitation is also an available resource to present to larger environments. The main purpose of this meeting is to allow the technical teams who either handle the day-to-day operations, or who have ownership over the operations to ensure the data is accurate, but also to allow for feedback that we can add into the document. Example: Findings: All de-provisioned users in Active Directory are disabled and remain in the original OU structure. There is also no documented process to delete the overall user object. Recommendation: Centrify recommends creating a new Organization Unit with specific delegated access controls applied to specific Administrators. One group would have the delegated ability to add users and disable user objects there. Another group would have the delete user object permission. This would implement a separation of duties best practice. We also recommend a Governance and Policy review to define and document an expected process for user de-provisioning. 9 days is a typical and widely accepted delete user object timeframe. Update: The Security Department initiated new Disabled Accounts OU structure and implemented a delegated security model with limited access and capability. A meeting is scheduled next week with Human Resources, Security, and IT Governance Chair to define process for complete user account deletion. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 4

4 The Centrify consultant will work offsite to complete the following documentation: Finalize Centrify Operational Health Check Document Prepare Executive Health Check Overview Finalize invitation(s) with Project Manager or Executive Sponsor for the overview meeting. If time permits any updates can be demonstrated to the consultant that might have a reflection on the final scoring of the overall Health Check scorecard. The consultant will communicate/email when and if this time is available. 5 Key Centrify Leadership and Centrify consultant will present the overall findings of the Centrify Operational Health Check to your Executive team, which will include: Overall Score Card Heat map chart for Risk and Impact results Findings, Recommendations, and internal Feedback Findings and Recommendations Planning Card This presentation is typically held in the morning and allows for potential engagement closure, or it can evolve into a lunch and open discussion forum. Key Assumptions Client understands that Centrify's performance of the Services and delivery of agreed upon deliverables under this Health Check is dependent in part upon Client's actions, and Client therefore agrees to cooperate with Centrify in a commercially reasonable manner in the completion of the Services by Centrify. Centrify will promptly notify Client of any delays of potential delays in Centrify's ability to undertake and complete performance in accordance with the applicable schedule resulting from the inaction of Client. Client will provide all hardware, software, facilities, equipment, and Client personnel (including technical resources) necessary to complete the project. These resources will be provided when they are needed in order to avoid project delays. Client will appoint a single point of contact for the duration of the project. This person will have project management responsibilities, be technically astute and familiar with Client change request processes as well as have the authority to expedite if necessary. If any Consulting Services engagement is cancelled by Client less than three () weeks before the scheduled start date for such Services, Centrify will most likely not be able to reschedule the engagement and be out the revenue. Centrify will make every effort to redeploy the consultant and if Centrify is able then the Client agrees to pay Client agrees to pay any reasonable fees and expenses incurred by Centrify in terms of travel cancellations. If Centrify is not able to redeploy the consultant then Client agrees to pay the full amount of the Consulting Fees that would have been properly invoiced by Centrify had Client not cancelled such engagement, and also any reasonable fees and expenses incurred by Centrify in terms of travel cancellations. For multiple week engagements this only applies for each week that is less than the three () week cancellation notice. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 5

All materials and information, generated or used by Centrify in the performance of the Services, including but not limited to the Deliverables ( Consulting Materials ), and all intellectual property rights therein, shall be the property of Centrify. Centrify hereby grants to Client a personal, non-transferable, non-sublicensable, nonexclusive license to use, reproduce, copy and display any Consulting Materials solely for Company s internal business purposes. Client obtains no title or ownership in any Consulting Materials, and Centrify retains all right, title and interest in and to any Consulting Materials. Client retains all right, title, and interest in and to Client data. Engagement Management includes activities performed in support of this Statement of Work that require management expertise, oversight, control, and direction in team building, communications, time management, quality assurance and quality control and management, and cost management. Centrify Professional Services will regularly communicate personnel and resource requirements for this Statement of Work to be a success, ensure appropriate staffing and scheduling of Centrify personnel for this Statement of Work, and ensure deliverable quality and timeliness. Impracticability. Centrify shall not be required to provide any portion of the Services to the extent the performance of such Services becomes "Impracticable" as a result of a cause or causes outside the reasonable control of Centrify including unfeasible technological requirements, or to the extent the performance of such Services would require Centrify to violate any applicable laws, rules or regulations or would result in the breach of any software license or other applicable contract. Scope Change Control During the performance of the engagement, certain issues may arise that effectively prevent the completion of the work outlined in this Health Check within the planned timeframe, such as, but not limited to, hardware or network failures or outages in Client s environment, problems with Client s in-house software or Client s third-party software, or the unavailability of key Client personnel. If this situation occurs, the designated Centrify representative will work with Client to identify and document the scope change, its impact on the project approach, timing, fees, resources, and the quality of project results. Centrify will document this using either the Centrify Change Request Form or an appropriate Change Control form provided by Client. Any change in scope must be agreed to in writing prior to Centrify reengaging on the project and will require the signature of the Centrify Technical Services Vice President and the appropriate Client representative. Any other problems, disputes or issues arising during this engagement should be communicated as soon as possible after identification to the designated Centrify Consultant for resolution. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 6

Timeframe and Resources Centrify estimates that Centrify s work on the project will require the number of person-days reflected in the total days below in order to complete based upon the scope and assumptions described in this Health Check and will be performed according to the following planned schedule: Activity Estimated Days Centrify Server Suite Health Check 5 Total Days 5 This proposal is based on a standard eight (8) hour workday. Any work performed in excess of a standard eight-hour workday may be subject to an hourly over time charge based on the hourly rate currently being charged to Client. If this condition occurs, Centrify will notify the Client contact, provide a change request form and obtain approval in writing from the customer prior to the overtime work being performed. In performing this engagement, Centrify will assist in prioritizing and sizing Centrify s recommended changes, and will assist with implementing the recommended changes as time permits (i.e., up to the amount of time presented in the table above). Centrify cannot commit to assisting with implementing all of the changes Centrify will recommend as it is impossible at this point in time to determine the amount of effort that will be required to fully implement those recommendations. Circumstances may necessitate changes to the tasks and/or time estimates. If this situation occurs, Centrify will follow the change control procedures defined in the Health Check. Period of Performance The period of performance for this Health Check begins upon the date of mutual signature by authorized representatives of Centrify and Client and continues through the Completion Date (as defined below). All work must be scheduled to be completed within six months (18 days) of the start of the performance period. Any modifications or extensions will be requested through Change Control for review and discussion. Completion date. The Completion Date will be the earlier of (1) the date on which all Services and Deliverables defined in Section 1 are completed, or () six months after the date of mutual signature of this Health Check by authorized representatives of Centrify and Client. Acceptance Period. For each Activity described under this Health Check, Client shall have a 15-day "Acceptance Period" beginning on the Completion Date. During the Acceptance Period, Client may reject an Activity on the basis that it fails to conform to the written description of the Activity or Client believes the Activity has not been completed by giving written notice to Centrify. Unless such rejection notice is given during the acceptance/rejection period, as described above, the Activity will be deemed accepted by Customer at the end of the Acceptance Period. Rejection and Cure. Centrify shall have thirty () days from the date of written notification of non-completion to cure any nonconformance. Acceptance on the Activity will then be calculated from the date of delivery of the new version of the Deliverables. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 7

Professional Fees and Expenses The fees for the Services will be outlined in the customer quotation/product schedule. Any fees that are quoted on a daily basis are equated to an hourly rate based on an eight (8) hour day (hourly rate = daily rate divided by eight hours). Unless otherwise set forth in the customer quotation/product schedule, all Services are recorded and will be billed on this hourly basis. This fee estimate includes the travel and expenses for one (1) week long trip Centrify will perform in completing this project. Centrify will adhere to the Client s travel policies once they are provided to Centrify as long as they are provided before travel has been arranged. Personnel Personnel Quality. Centrify agrees that all personnel used by Centrify to perform the Services will be competent and adequately trained by Centrify to perform the Services in accordance with the provisions of this Health Check. Background Checks. Centrify shall perform commercially reasonable background checks on all personnel assigned by Centrify to provide the Services under this Health Check. These background checks include and are not limited to: criminal history for the past seven years, verification of employment, credit history, and education verification. Client may request in writing a letter of proof from Centrify s background check provider that the Background Check was completed successfully. Subcontractors Permitted. Centrify may engage a Subcontractor to perform all or any portion of its duties under this Agreement provided that any such Subcontractor agrees in writing to be bound by confidentiality obligations at least as protective as the terms of this Health Check regarding confidentiality. Subcontractors are subject to Centrify s standard Background Checks. Centrify remains responsible for the performance of such Subcontractor. Centrify will obtain written permission from Client before assigning a Subcontractor to work on this Health Check. Subcontractor Defined. As used in this Agreement, "Subcontractor" will mean any individual, partnership, corporation, firm, association, unincorporated organization, joint venture, trust or other entity engaged to perform hereunder. Subcontractors will be Centrify Certified Administrators who have undergone a rigorous training program from Centrify. 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 8

About Centrify Centrify is the leader in securing enterprise identities against cyberthreats that target today s hybrid IT environment of cloud, mobile and on-premises. The Centrify Identity Platform protects against the leading point of attack used in data breaches compromised credentials by securing an enterprise s internal and external users as well as its privileged accounts. Centrify delivers stronger security, continuous compliance and enhanced user productivity through single sign-on, multi-factor authentication, mobile and Mac management, privileged access security and session monitoring. Centrify is trusted by over 5 customers, including more than half of the Fortune 5. Learn more at www.centrify.com. Santa Clara, California: +1 (669) 444-5 Email: sales@centrify.com EMEA: +44 () 144 1795 Web: www.centrify.com Asia Pacific: +61 1 795 789 Brazil: +55 11 958 4876 Latin America: +1 5 9 554 Centrify is a registered trademark and Centrify Server Suite and Centrify User Suite are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners. Copyright 5-16 Centrify Corporation. CCS-HEALTH -16-1-1 16 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information