Identity, Governance and Administration as forefront of IT Security model: European and North American Experience Vladislav Shapiro Director of Identity.

Slides:



Advertisements
Similar presentations
Network Systems Sales LLC
Advertisements

Steve Lewis J.D. Edwards & Company
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
© 2004 Intelliob Technologies (P) Ltd.. All rights reserved. This presentation is for informational purposes only. Intelliob makes no warranties, express.
A Federated Approach to Systems Management Todd Nugent Mike Huffstatler Sr. Product Specialist Systems Engineer.
Security and Personnel
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.
Security Controls – What Works
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Lower costs and improve predictability Automation Enable service owners to focus on work that adds business value Reduce error-prone manual activities.
Computer Security: Principles and Practice
Stephen S. Yau CSE , Fall Security Strategies.
GALILEO GeorgiaBEST GeorgiaFIRST Georgia ONmyLINE GeorgiaVIEW GIL PeachNet USG123 Dotting Your I’s and Crossing Your T’s: Preparing for an IT Audit David.
Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Microsoft Premier Support for Office 365 Service Introduction
Defining Services for Your IT Service Catalog
Network security policy: best practices
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Copyright © Panaya Oracle ® E-Business Suite Testing: How to Get Your Business Users On-Board Amir Farhi Director, Product Marketing.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
IDENTITY MANAGEMENT: PROTECTING FROM THE INSIDE OUT MICHAEL FORNAL, SECURITY ANALYST PROVIDENCE HEALTH & SERVICES SOURCE SEATTLE CONFERENCE
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
Web Site Content Protection Solution. Protecting Web Site Content with.
©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.
Dell Connected Security Solutions Simplify & unify.
Security Architecture
Threat Assessment in a Logical Environment U.S. Financial Infrastructure Physical to Logical environment Protection and Threat Assessment Safe School.
User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.
Chapter 6 of the Executive Guide manual Technology.
Auditing Information Systems (AIS)
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
The Cloud: Risks, Rewards and Realities Global customer base, major footprint in Fortune 500 Global presence with dual headquarters in the US & offices.
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Novell Compliance Management Platform Update CMP & CMP Extension for SAP Environments Leo Castro Product Marketing Manager Patrick Gookin.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
SecSDLC Chapter 2.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
PRESENTATION TITLE Presented by: Xxxx Xxxxx. Providence Health & Services Very large Catholic healthcare system 33 hospitals in AK, CA, MT, OR, WA 65,000.
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
GRC: Aligning Policy, Risk and Compliance
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
IBM Control Desk Enabling the Enterprise App Store –
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Managing Office 365 Identities and Requirements.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
OIT Security Operations
3 Do you monitor for unauthorized intrusion activity?
Cisco Compliance Management and Configuration Service
Critical Security Controls
Microsoft 365 Get help with regulatory compliance
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
Collaborative Business Solutions
JOINED AT THE HIP: DEVSECOPS AND CLOUD-BASED ASSETS
The Software-Defined Perimeter in Action
Microsoft Data Insights Summit
Contract Management Software 100% Cloud-Based ContraxAware provides you with a deep set of easy to use contract management features.
Contract Management Software from ContraxAware Simplify Your Contract Management Process.
Presentation transcript:

Identity, Governance and Administration as forefront of IT Security model: European and North American Experience Vladislav Shapiro Director of Identity Practice – IGA Dell/Immersion Consulting

Established in 1995, Orient Logic is a leading IT company and system integrator in Georgia.

Discussion points Current state of affairs in IT Security Basics of Identity Governance Administration Connecting the dots: agile I-G-A Use cases – Government of Austria, Bayern Department of Justice and State of Alabama

Current State of Affairs in IT Security

IT Security realities of today Change of focus: from protection the perimeter (external only) to the governance of the whole infrastructure (internal and external) Change of mentality: from “castle under siege” to “enemy is already here” Main external goal: advanced threat protection Main internal goal: IGA – Identity Governance and Administration Shift from pure technical-based to business and human factor focused solutions

WHO ARE THE “BAD GUYS”?

ATTACKS ALWAYS RELY ON INTERNAL PROCESS FLAWS No established business process for granting rights to individuals Lack of governance, access controls and monitoring No actionable reporting IGA SHOULD BE READY FOR ADVANCED THREATS

IGA ATR Best response practice: ATR+ IGA 9 Pre-Incident Preparation DetectTriage Collect Data : - Volatile Data - Forensic Dup. - Network Traffic Perform Analysis Take Action: Admin and Legal Reporting Incident Occurs: Point-In-Time or Ongoing Remediation: Technical Recovery from the Incident Status Reporting Identity Governance and Administration central authority Data feed Data feed Data feed Data feed Targets/Applications/Devices Account checks Access freeze Risk-based provisioning Notifications, access restore and provisioning Identity Data Sync Data feed

Basics of Identity Governance and Administration (IGA)

Three dimensions of IGA I - Identity Management G - Governance, Risk and Compliance (GRC) A – Administration – Access Management and Provisioning Main challenge: Make all three components connected to work as one

Three forces of IGA in your enterprise Identity owners (HR, Identity suppliers) - I –Responsibilities: manage identities, organization charts –Goal: make sure that identity and organization information is up to date Business owners (C-level managers, PM, compliance officers) - G –Responsibilities: manage all business-related matters, including governance, risk and compliance –Goal: make business successful and customers happy Technology owners (System admins, DB admins, etc.) - A –Responsibilities: support business with technology –Goal: All systems should be up and running 24-7 with no downtime

Identity Posture - how to evaluate Identity Posture is about how connected and in-sync three forces are – Three forces collaboration – Maturity of each force Identity Posture is about measuring maturity of – Identity model – Governance model – Administration model Identity Posture is about how enterprise can handle CHANGES – Identity updates – Governance processes restructuring – Administration redesigning

Connecting the dots – agile IGA

Connected I-G-A goal – be agile All elements are connected into one solution where each responsible person is a contributor to the system Each contributor has means to configure his/her own IGA elements within his knowledge IGA project should have short length phases with clear achievable milestones 15 I G GG A A Identity Governance Administration

Managers should easily see all the entitlements of an employee in one clear view Actionable All logical, physical systems, resources and assets. Identity - Identity Goal - Enterprise Visibility

Identity goal – separate business and technical views Business view Technical view

Governance goal – give dashboard views for current status visibility Managers should easily find the overall and specific status of requests and processes in the system

Governance goal - Access granting history audit People responsible for auditing should be able to see the history of assigning access and entitlements to the individuals

Governance goal – Approval Workflow builder Approval workflows should be built by the same people who are responsible for the granting process using regular tools, not scripts

Use Cases

Government of Austria Central portal for Austrian citizens requests Central business workflow engine for handling requests Monitoring automation and actionable reports

Bayern Department of Justice Internal personnel IGA: access control, governance and attestation Centralized Policy engine Advanced threat protection: external and internal Constant activity monitoring and actionable reports

State of Alabama State of Alabama was breached in 2012 –Millions of data records were stolen –State Web site was disabled –IT operations was paralyzed IT Security and IGA solution –Advanced threat detection software –IGA full suite solution –Privileged access manager Security and IGA education of the personnel

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.