RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation



Similar documents
RSA Identity Management & Governance (Aveksa)

RSA Identity and Access Management 2014

RSA enables rapid transformation of Identity and Access Governance processes

Quest One Identity Solution. Simplifying Identity and Access Management

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Identity and Access Management Point of View

INTELLIGENCE DRIVEN IDENTITY AND ACCESS MANAGEMENT

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

It s 2014 Do you Know where Your digital Identity is? Rapid Compliance with Governance Driven IAM. Toby Emden Vice President Strategy and Practices

B2C, B2B and B2E:! Leveraging IAM to Achieve Real Business Value

The. Tenets of IAM. Putting Identity Management at the Center of Security. Darran Rolls, Chief Technology Officer

Take Control of Identities & Data Loss. Vipul Kumra

Identity Lifecycle Management. Lessons Learned

SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management

C21 Introduction to User Access

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

PROTECT YOUR WORLD. Identity Management Solutions and Services

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?

Enterprise Identity Management Reference Architecture

People-Focused Access Management. Software Consulting Support Services

WHITEPAPER. The Death of the Traditional ECM System. SharePoint and Office365 with Gimmal can Enable the Modern Productivity Platform

Moving beyond Virtualization as you make your Cloud journey. David Angradi

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

SAP HANA Cloud Portal Overview and Scenarios

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC

VALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud

Oracle Role Manager. An Oracle White Paper Updated June 2009

The Who, What, When, Where and Why of IAM Bob Bentley

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?

A Smarter Way to Manage Identity

<Insert Picture Here> Oracle Identity And Access Management

Metrics that Matter Security Risk Analytics

Operationalize Policies. Take Action. Establish Policies. Opportunity to use same tools and practices from desktop management in server environment

Business-Driven, Compliant Identity Management

Business-Driven, Compliant Identity Management

CONNECTING ACCESS GOVERNANCE AND PRIVILEGED ACCESS MANAGEMENT

SAP HANA Cloud Platform for SuccessFactors High Level Overview August 2013

HP SOA Systinet software

ADAPTABLE IDENTITY GOVERNANCE AND MANAGEMENT

AD Management Survey: Reveals Security as Key Challenge

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

Delivering value to the business with IAM

A Comprehensive Cloud Management Platform with Vblock Systems and Cisco Intelligent Automation for Cloud

Foundation ACTIVE DIRECTORY AND MICROSOFT EXCHANGE PROVISIONING FOR HEALTHCARE PROVIDERS HEALTHCARE: A UNIQUELY COMPLEX ENVIRONMENT

SAP Identity Management Overview

MatchPoint Benefits with SharePoint 2013

Secure Cloud Computing

Simplify Identity Management with the CA Identity Suite

A7 / SAP Financial Services Forum 2014 / September 9-10, 2014 / London / UK Cloud Strategy for Banking Run Simple with SAP

API Management: Powered by SOA Software Dedicated Cloud

Streamlining Identity and Access Management through Unified Identity and Access Governance Solutions

Strengthen security with intelligent identity and access management

Xerox Workflow Automation Services Solutions Brochure. Xerox DocuShare 7.0. Enterprise content management for every organization.

<Insert Picture Here> Integrating your On-Premise Applications with Cloud Applications

Vodafone Total Managed Mobility

The RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief

Audit & Inspection Management. Enterprise Cloud Audit & Inspection Management Solution

Accenture Human Capital Management Solutions. Transforming people and process to achieve high performance

The 7 Tenets of Successful Identity & Access Management

> Solution Overview COGNIZANT CLOUD STEPS TRANSFORMATION FRAMEWORK THE PATH TO GROWTH

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing

Digital Marketing. SiMplifieD.

The Jamcracker Enterprise CSB AppStore Unifying Cloud Services Delivery and Management for Enterprise IT

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

Identity and Access Management The road to sustained compliance

Select the right solution for identity and access governance

An Evaluation Framework for Selecting an Enterprise Cloud Provider

Safeguarding the cloud with IBM Dynamic Cloud Security

IT Operations Management. Intelligent. Integrated. Innovative.

can I customize my identity management deployment without extensive coding and services?

Kuppinger Cole Virtual Conference The Three Elements of Access Governance

VCE SUPPORT OVERVIEW. Investment Protection and Welcome Peace of Mind

FUJITSU Software Interstage Business Operations Platform: A Foundation for Smart Process Applications

Identity & Access Management new complex so don t start?

The CMDB: The Brain Behind IT Business Value

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

HP Service Manager software

Cloud SSO and Federated Identity Management Solutions and Services

Adabas und Natural für das Digitale Unternehmen

VCE BUSINESS UPDATE AND OVERVIEW

..making process automation a business priority..

Cloud Access Security Broker. Ted Hendriks HP Atalla Pre-Sales Consultant, APJ Region HP Enterprise Security Products

Top Eight Identity & Access Management Challenges with SaaS Applications. Okta White Paper

Transcription:

RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation

Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet SLA s to the business

JULY 30, 2002

Seemingly Simple Questions Who has access to what? How did they receive it? How confident are you that people have only appropriate access? Are you compliant with internal and external security guidelines? How do you currently onboard new employees? Contractors? Other users? How much time and effort do you spend provisioning user access? How do you manage the complete identity lifecycle? What if you could easily answer these questions?

Current Challenges Audit, Risk & Compliance Increased Compliance & Threat Requirements Line of Business Business Efficiency & Agility Demands Information Security Team Increasing Complexity & Scale of Infrastructure Applications Cloud & Mobile IT Infrastructure Data

IAM 2.0 Access Governance Accesovrnance Apps Plus One View of All Access Business Managers VIA Perform Access Reviews File Share Directories HR Systems DB Security Team VIA Enforce Access Policies Systems Cloud Audit Team VIA Obtain Access Forensics Apps All Company Resources Centralized and Automated Key Governance Processes IAM Team VIA Simple GUI Administration

Two Primary Drivers Driver: Secure Access Driver: Achieve Compliance Multi-factor Auth Single-Sign On Federation Via Access Entitlements Via Governance Roles Policies Fulfillment Certifications Governance Reviews Authorization Request Via Lifecycle Collections

Question: What is the largest driver of an Identity and Access Management Solution in your Organization? Increase Visibility and Control of User Access Reduce Cost of Identity and Access Management Reduce Risk Caused by Inappropriate User Access Improve Audit Readiness and Continuous Compliance Enable Business Users to make Access Decisions Results

RSA Via The Smart Identity Solution that protects from endpoint to cloud Via relies on context, not just static rules And adapts to constantly changing environments Via Access Via Governance Via is business-driven so informed decisions keep it in lock-step as the business evolves Via enables comprehensive visibility across traditional silos, providing greater insight into how users and information interact Via Lifecycle Via delivers consumer levels of usability Making lives easier for end users while enabling the business

RSA Takes a Business-Driven Approach to Lifecycle & Governance RSA Via Lifecycle and Governance Built on RSA s Market-Leading Identity Management and Governance (IMG) platform Platform Benefits Shift Decision Making and Accountability to the Business Centralized Identity & Business Context Business Process-Driven Policy-Based Automation

A Phased Approach Visibility & Certification Policy Management Access Request Role & Group Management Account & Entitlement Collection Segregation of Duties Access Request Portal Role Discovery & Definition Access Reviews Joiners, Movers, and Leavers Policy-Based Change Management Role Maintenance Data Visibility Compliance Controls Access Administration Group Analysis & Cleanup Provisioning Task Notification Service Desk Integration Automated Provisioning

A Business Process IT Security Perspective Audit, Risk & Compliance Ensure Compliance and Manage Risk Business Processes Enable the Business: Ownership & Accountability Line of Business Information Security Visibility and Control across Entire IT infrastructure Enterprise, Mobile & Cloud Applications and Data

Important News about RSA Via Lifecycle and Governance Rebranded from RSA Identity Management and Governance to RSA Via Lifecycle and Governance (RSA Via L&G) First New release with new branding Version 7.0 External Launch: July 22, 2015 Themes: Make it Easy, Visibility and Effectiveness, Performance and Scale, One RSA

Continued New Improvements - Visibility and Effectiveness Time to Value improvements in 7.0 - Unauthorized Change Detection - Rapid App Collector for App onboarding and configuration guides - Playbooks and Best Practices Guides - Online Context Sensitive Help - Enhanced Platform - High Availability and Disaster Recovery - Improved Performance and Scale

EMC IT A Real World Example

EMC IT EMC Data points 70,000 employees + contractors worldwide EMC ranks 128 in the Fortune 500 Reported revenues of $24.4 billion in 2014 Joe Dowling Director Identity Management EMC IT

Access Management Challenges No authoritative source of user access Multiple access request systems Approval group management not up to date Complex architecture - Identity Management Solution with other vendors Result : Audit Findings Unhappy Line-of-Business Productivity loss Manual recertification process for SAP ~300 Spreadsheets Months to complete

Project Considerations Objectives Reduce access recertification time Increase effectiveness of reviews Automated access collection and fulfillment Implementation Deployed RSA IMG platform Collected Identity data Collected ERP access entitlements Collected role approvers Configured access reviews Real time reporting Intuitive easy to use web interface

EMC Access Reviews: Now! Collection Applications Scheduled & Automated Entitlement Collection RSA IMG Managers perform reviews directly Web-Based UI! Automated Reminders Automated System Reviews Initiated Review Review Results & Change Requests Results automatically stored in centralized DB App Owner & System Administrators Automated validation of change completion Manual Ticket Creation Execution of Changes in Systems Remediation

Quick Wins Realized Remediated audit findings Reduction in time to complete User Access Reviews Improved reporting on orphaned accounts Auditor approved solution Established a single user access repository High approval rating from business users

Phased Implementation Next Steps Develop and establish mover process Continue to expand user access collection Develop Roles/ACLs based on job function Establish Role Lifecycle Management Establish automatic provisioning/deprovisioning of access

Lessons Learned Don t underestimate data quality issues Cross functional team dependencies Establish top down support Establish a decision matrix for application inclusion Choose a product that simplifies architecture and support Communicate, communicate, communicate

Questions?

Why RSA? Configuration, Not Customization Superior Architecture Fastest Time-to-Value Lowest TCO Enables Business Agility Business-Driven Centralized Identity Store Provisioning 2.0 RSA Identity Management and Governance Comprehensive Security Solution Integrated Part of RSA s Security Portfolio Cloud and Mobile Support Intelligence-Driven Security

Configuration, Not Customization Visibility & Certification Coding-Centric 70% Policy Management Configuration-Based Access Request Role & Group Management 70% of customers go live within 4 months Configuration eliminates need for complex coding Simple project phases Fastest Time-to-Value Configuration, not Coding Phased Projects SaaS and on-premise options Lowest TCO Less reliance on external consultants Self-sufficient IAM teams Enables Business Agility Quickly respond to new business demands Easily adapt to infrastructure and organizational changes

Superior Architecture Access Reviews Access Request & Approvals Business-Driven Streamlined business processes Separates business and integration logic Collections XMDB one brain Identities Accounts Entitlements Roles Policies Workflows Centralized Identity Store (XMDB) Rich identity context across all resources, users, and attributes Automated Manual Access Changes Provisioning Business logic Integration logic Provisioning 2.0 Fast and simple app onboarding Accelerate provisioning via automation Resources

Comprehensive Security Solution XMDB one brain Easily Integrate with Security Ecosystem Part of RSA s Leading Security Portfolio Connect to SIEM, GRC, Authentication, DLP and SSO Visibility Analysis Action Cloud and Mobile Support Seamless management of SaaS apps MyAccessLive: Identity-as-a-Service MyAccessMobile: Native Mobile App SIEM GRC Authentication DLP SSO Intelligence-Driven Security Visibility, Analysis, Action

Why Provisioning 2.0? Provisioning deployments have failed to reach the level of maturity that customers expect Provisioning technologies are arduous to deploy and require significant development efforts Gartner Provisioning 1.0 Difficult to Connect Applications Ineffective Solution Fails to Meet Today s Needs Provisioning 2.0 Rapid Application Onboarding Governance-Driven Meets Current and Future Needs

How RSA Delivers Provisioning 2.0 Rapid Application Onboarding Configuration, not customization Reduce onboarding effort by 75% Governance-Driven via Business Processes Ensure all users have appropriate access Simplifies the provisioning problem + Meets Current and Future Needs Leverage existing provisioning for added value Easily support cloud and mobile initiatives

An Integrated Approach to IAM Access Intelligence Existing Identity Infrastructure GRC ASOC Strong, contextsensitive authentication Via Access Via Governance Policies Roles Attributes Entitlements Reviews Provisioning Via Lifecycle Policies and Processes Access Request & Approval Workflows

Configuration, Not Customization Creating an Access Review for just a few groups SailPoint: Heavy Coding Required RSA IMG: Simple Configuration

Configuration, Not Customization Provisioning Connector Creation Sun IDM: Heavy Coding Required RSA IMG: Simple Configuration

PROGRAM SCOPE Which App and Data Resources? Which Business Processes? Provisioning: Replace or Augment? Collections Access Reviews Access Request Roles Policies Approvals XMDB one brain Change Validation Resources Manual Provisioning Automated

Challenge: Scale and Scope of Identity Information Controls Applications Directories File Shares SharePoint Databases 10,000 Users 100,000 Accounts 10M User Entitlements 1,000 Information Resources Each user has 10 accounts Each account has 100 entitlements Each application has 10-100+ entitlement types

RSA s IMG Platform Architecture Business Agility Operational Efficiency Reduced Risk Compliance Assurance Business- Friendly UI Process Orchestration Identities, Resources, Policies Integrated Workflow Business Logic for Policy-based Governance Security Integration Fabric Integration Logic Directory Systems HR Systems On-premise Applications Data Shared Files Cloud Applications SIEM DLP GRC