1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing



Similar documents
1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Regulatory Compliance Using Identity Management

Integrating Hitachi ID Suite with WebSSO Systems

1 The intersection of IAM and the cloud

User Provisioning Best Practices

Service Offering: Outsourced IdM Administrator Service

Business-Driven, Compliant Identity Management

Approaches to Enterprise Identity Management: Best of Breed vs. Suites

Password Management Before User Provisioning

Self-Service, Anywhere

Identity and Access Management Point of View

The Unique Alternative to the Big Four. Identity and Access Management

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

How can Identity and Access Management help me to improve compliance and drive business performance?

RSA Identity Management & Governance (Aveksa)

Business-Driven, Compliant Identity Management

Extending Identity and Access Management

SAP Solution in Detail SAP NetWeaver SAP NetWeaver Identity Management. Business-Driven, Compliant Identity Management

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, :00 AM

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

Automated User Provisioning

Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS HEALTHCARE: A UNIQUELY COMPLEX ENVIRONMENT

Enterprise Management Solutions Protection Profiles

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

Self-Service Active Directory Group Management

Best Practices for Identity Management Projects

How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?

Five Business Drivers of Identity and Access Management

Hitachi ID Password Manager Frequently Asked Questions for Help Desk Managers

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

CA point of view: Content-Aware Identity & Access Management

Best Practices for Managing User Identifiers

Take Control of Identities & Data Loss. Vipul Kumra

Certified Identity and Access Manager (CIAM) Overview & Curriculum

The Return on Investment (ROI) for Forefront Identity Manager

Identity and Access Management

Identity & access management solution IDM365 for the Pharma & Life Science

SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management

<Insert Picture Here> Oracle Identity And Access Management

Leverage Your Financial System to Enable Sarbanes-Oxley Compliance: An Evaluator s Guide

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management

Establishing a Mature Identity and Access Management Program for a Financial Services Provider

Secure network guest access with the Avaya Identity Engines portfolio

Oracle Role Manager. An Oracle White Paper Updated June 2009

Identity & Access Management in the Cloud: Fewer passwords, more productivity

101 Things to Know About Single Sign On

Minimize Access Risk and Prevent Fraud With SAP Access Control

CSP & PCI DSS Compliance on HP NonStop systems

Provisioning and Deprovisioning 1 Provisioning/De-provisiong replacement 1

Authentication: Password Madness

Alberta Health Services Identity & Access Management (IAM) Alberta Netcare Access Request Process User Reference Guide

6. AUDIT CHECKLIST FOR NETWORK ADMINISTRATION AND SECURITY AUDITING

secure user IDs and business processes Identity and Access Management solutions Your business technologists. Powering progress

Identity Governance Evolution

FIFTH EDITION. Identity and Access Management Buyer s Guide

Use This Eight-Step Process for Identity and Access Management Audit and Compliance

Identity Access Management Challenges and Best Practices

Identity Relationship and Access Management for the Extended Enterprise

Quest One Identity Solution. Simplifying Identity and Access Management

PROTECT YOUR WORLD. Identity Management Solutions and Services

When millions need access: Identity management in an increasingly connected world

Identity and Access Management: The Promise and the Payoff

privileged identities management best practices

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

RFP BOR-1511 Federated Identity Services - Response to Questions / Answers

Managing Access for External Users with ARMS

Privileged Identity Management. An Executive Overview

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Hitachi ID Password Manager Telephony Integration

IMATS - SAMS User Registration Webinar

Securing the Cloud through Comprehensive Identity Management Solution

The Who, What, When, Where and Why of IAM Bob Bentley

Department of Information Technology Remote Access Audit Final Report. January promoting efficient & effective local government

Cloud Computing. Mike Bourgeois Platform as a Service Point of View September 17, 2015

Identity Management Roadmap and Maturity Levels. Martin Kuppinger Kuppinger Cole + Partner mk@kuppingercole.de

2013 AWS Worldwide Public Sector Summit Washington, D.C.

Softchoice Solution Guide: five things you need to know about single-sign on

Enterprise Identity Management Reference Architecture

Transcription:

1 Introduction to Identity Management Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications An overview of business drivers and technology solutions. 2 Identity and Access Needs are Ever-Changing Digital identities require frequent updates to reflect business changes: Who? (Types of users): Employees, contractors, vendors, partners, customers. Why? (Business events): Hire, move, change job function, terminate. What? (Change types:) Create/move/disable/delete user, update identity data and entitlements, reset passwords. Where? (Applications:) AD, Exchange, Notes, ERP, Linux/Unix, database, mainframe, physical assets. Complexity creates delay and reliability problems: Productivity: Slow onboarding, change fulfillment. Cost: Many FTEs needed to implement security changes. Security: Unreliable access termination, inappropriate user entitlements. Enforce SoD policies. Accountability: Who has access to what? How/when did they get it? 2015 Hitachi ID Systems, Inc. All rights reserved. 1

3 IAM in Silos In most organizations, many processes affect many applications. This many-to-many relationship creates complexity: 4 Identity and Access Problems For users How to request a change? Who must approve the change? When will the change be completed? Too many passwords. Too many login prompts. For IT support Onboarding, deactivation across many apps is challenging. More apps all the time! What data is trustworthy and what is obsolete? Not notified of new-hires/terminations on time. Hard to interpret end user requests. Who can request, who should authorize changes? What entitlements are appropriate for each user? The problems increase as scope grows from internal to external. 2015 Hitachi ID Systems, Inc. All rights reserved. 2

5 Identity and Access Problems (continued) For Security / risk / audit Orphan, dormant accounts. Too many people with privileged access. Static admin, service passwords a security risk. Weak password, password-reset processes. Inappropriate, outdated entitlements. Who owns ID X on system Y? Who approved entitlement W on system Z? Limited/unreliable audit logs in apps. For Developers Need temporary access (e.g., prod migration). Half the code in every new app is the same: Identify. Authenticate. Authorize. Audit. Manage the above. Mistakes in this infrastructure create security holes. 6 Externalize IAM From Application Silos The problem with IAM is complexity, due to silos. The obvious solution is to extract IAM functions from system and application silos. A shared infrastructure for managing users, their authentication factors and their security entitlements is the answer. 2015 Hitachi ID Systems, Inc. All rights reserved. 3

7 Integrated IAM Processes Business Processes IT Processes Hire Retire Resign Finish Contract New Application Retire Application Transfer Fire Start Contract Password Expiry Password Reset Identity and Access Management System Users Passwords Operating System Directory Application Database E-mail System ERP Legacy App Mainframe Groups Attributes Systems and Applications 8 Business Drivers for IAM Security / controls. Regulatory compliance. IT support costs. Service / SLA. Reliable deactivation. Strong authentication. Appropriate security entitlements. PCI-DSS, SOX, HIPAA, EU Privacy Directive, etc. Audit user access rights. Help desk call volume. Time/effort to manage access rights. Faster onboarding. Simpler request / approvals process. Reduce burden of too many login prompts and passwords. 2015 Hitachi ID Systems, Inc. All rights reserved. 4

9 IAM Strengthens Security Reliable and prompt global access termination. Reliable, global answers to "Who has What?" Access change audit trails. Sound authentication prior to password resets. Security policy enforcement: strong passwords, regular password changes, change authorization processes, SoD enforcement, new user standards, etc. Regulatory compliance: HIPAA, Sarbanes-Oxley, 21CFR11, etc. 10 Cost Savings Cost Item Before After Savings Help desk cost of password resets: 10,000 x 3 x $25 = $750,000 / year 10,000 x.6 x $13 = $78,000 / year = $672,000 / year New hire lost productivity 10,000 x 10% x 10 x $400 x 50% = $2M / year 10,000 x 10% x 1 x $400 x 50% = $200,000 / year = $1.8M / year Access change lost productivity 10,000 x 2 x 2 x $400 x 10% = $1.6M / year 10,000 x 2 x 1 x $400 x 10% = $800,000 / year = $800,000 / year 2015 Hitachi ID Systems, Inc. All rights reserved. 5

11 Elements of IAM Identity and access management solutions may incorporate many components, from multiple vendors: Privileged Telephone Access User Password Management Provisioning Identity Reset Synchronization Enterprise Role Single Management Signon Resource Password Access Management Requests ID Reconciliation Access Certification Web System of Single Record Signon Federation Directory Strong Virtual Authentication Directory Hitachi ID Systems Partners 12 Summary The problem with managing identities, security entitlements, passwords and related data is a business, not a technology problem: Too many business events, which impact Too many systems and applications. Technology solutions are available to address these problems: Password synchronization and reset Automated user provisioning and deactivation. Identity synchronization. Enforcement of policies using segregation-of-duties and roles. Periodic access review and cleanup (certification). Various kinds of single signon. 500, 1401-1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@hitachi-id.com www.hitachi-id.com Date: May 22, 2015 File: PRCS:pres

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information