Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.

Slides:

Advertisements

Similar presentations

Connected Health Framework

Advertisements

Tivoli Software from IBM Storage Resource Management Webcast

Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.

0 © 2011 Silver Spring Networks. All rights reserved. Building the Smart Grid.

MOBILIZING CRM ONE STEP AT A TIME Mark Wright, Sybase Senior Systems Consultant Nora Tucker, Sybase Product Marketing Manager Bill Laberis, IDG.

Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.

Privileged Identity Management Enterprise Password Vault

Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.

1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615)

ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.

7-1 INTRODUCTION: SoA Introduced SoA in Chapter 6 Service-oriented architecture (SoA) - perspective that focuses on the development, use, and reuse of.

Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)

Identity and Access Management Strategy and Solution.

Convergence – Driving down the Cost of Enterprise IT Christoph Rau BEA Vice President, Central & Eastern Europe October 23, 2003.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.

SE 464: Industrial Information systems Systems Engineering Department Industrial Information System LAB 02: Introduction to SAP.

University of California New Business Architecture Project 2010 Jan00 meeting notes.doc April 15, 2004 Accelerating the New Business Architecture UC Employment.

Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.

Critical Business Issue – Mobile Device Management “Afaria OnDemand from TPC” provides customers with the ability to leverage the full capabilities of.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

Microsoft Identity and Access Solutions Market Trends and Futures

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Cisco CloudVerse for Government: Helping Agencies Reduce Costs and Respond.

Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC

Connect. Transact. Profit. Lessons Learned: 5 Reasons Cloud is CFO Friendly.

Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.

© 2009 IBM Corporation Delivering Quality Service with IBM Service Management April 13 th, 2009.

a Service Oriented Architecture

Cloud Computing! Aber sicher ?!? Ralf Schnell Customer Solutions Architect Principal Cloud Strategist

Lee Kinsman (soon to be) Consultant, Chamonix IT Consulting

IBM Software Group - IBM Systems Group © 2006 IBM Corporation IBM Software Group | IBM Systems Grouppage 1 Team Collaboration Software Selling Strategy.

Competitive Differentiation: Using Technology to Deliver on Staples EASY Brand Promise Scott Floeck, Sr. Vice President, Staples, Inc.

Unify and Simplify: Security Management

Preparing your Fabric & Apps for Windows Server 2003 End of Support Jeff Woolsey Principal Program Manager.

The Value of Fusion Middleware for Oracle Applications Shari White Sr. Solutions Consultant, FMW.

SOLUTIONS FOR THE EFFICIENT ENTERPRISE Sameer Garde Country GM,India.

Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.

Highlights Builds on Splunk implementations – extending enterprise value to include mission-critical IBM mainframe data. Unified mainframe data source.

System Management for Virtualization and Automation in a Dynamic Data Center SVM’08 Munich Karsten Beins, Sen. Director Infrastructure Technology.

SOA Management Packs & Governance Cheat Sheet (Shared under OPN NDA - Last Updated: 8/3/2009)OPN NDA Target Account Profile Enterprises that: Have IT infrastructure.

Identity Management 20/01/2005 Abhai Chaudhary. Facts Today, many organizations routinely create and manage user identities and access privileges in 25.

Mark Estberg, John Howie Senior Directors Microsoft Corporation SESSION CODE: SIA317.

Video Media Center (VMC 1000 ™ ) Turn communications into content.

SAM for Virtualizatio n Presenter Name. Virtualization: a key priority for business decision makers Technavio forecasts that the global virtualization.

SPE CONSULTING. Project Overview Tasty Treats Corporation originally contacted SPE consulting upon being acquired by Royal Foods. Royal foods was focused.

One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.

The Cloud: Risks, Rewards and Realities Global customer base, major footprint in Fortune 500 Global presence with dual headquarters in the US & offices.

1 IBM TIVOLI Business Continuance Seminar Training Document.

Building a Fully Trusted Authentication Environment

University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.

Data Center Management Microsoft System Center. Objective: Drive Cost of Data Center Management 78% Maintenance 22% New Issue:Issue: 78% of IT budgets.

Management Information Systems Islamia University of Bahawalpur Delivered by: Tasawar Javed Lecture 3b.

Minimising IT costs, maximising operational efficiency IO and NIMM: Now is the time Glyn Knaresborough Director of Strategic Consulting.

1© Copyright 2015 EMC Corporation. All rights reserved. FEDERATION ENTERPRISE HYBRID CLOUD OPERATION SERVICES FULL RANGE OF SERVICES TO ASSIST YOUR STAFF.

“From GRID research to GRID business” Francesco Giglio

Introducing Novell ® Identity Manager 4 Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)

David Saslav Principal Product Manager Database and Application Server Technologies Oracle Corporation.

© 2015 TriZetto Corporation Managed Services Overview Presenter Names 2.

Operational Resilience DR’s Big Data Dilemma September 16, 2015 Datalink IT Resiliency Practice.

Cloud, big data, and mobility Your phone today probably meets the minimum requirements to run Windows Server 2003 Transformational change up.

MEASURING BPM SOFTWARE ROI AND ITS BENEFITS IN RISK MANAGEMENT PROCESS AUTOMATION Contact us at | Web : | Tel: 1.

An oil company in Canada

Citrix: Proactively Addressing Enterprise Wide Access Compliance with SAP® Access Violation Management Company Citrix Systems Inc. Headquarters Ft. Lauderdale,

Planning More Effectively with SAP® Sales and

Identity and Access Management

Transforming IT Management

Managing Technology at Plantronics

Microsoft Azure PaaS Helps Deliver a Scalable and Secure cIAM Platform to Global Customers “As a cloud-based cIAM platform, it is critical we deliver a.

The People Ready Vision for Business in the Enterprise

Presentation transcript:

Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist

Security Management - Challenges  Do you: –Control who has access to which resources –Know what is happening in your environment –Know what to do about it –Have the tools necessary to take action

Web Time Centralized Infrastructure Client/Server Complexity Flexibility On-Demand Computing and Web Services Information Technology Evolution

1 st Generation Gates, Guns, Guards Management Time Security Today 2 nd Generation Reactive Security 3 rd Generation Security as an Enabler 4 th Generation Proactive Security and Accountability Evolution of Information Security

Business Challenges  Optimize business –Eliminate inefficiencies –Reduce menial tasks  Reduce costs –Allow companies to do more with less –Enable on-demand capabilities  Mitigate risks –Manage identities — active and inactive  Enable compliance with industry regulations –Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act, Gramm-Leach-Bliley Act and others

Identity is at the Core of Business  Identities must be managed –Manage who is in your environment –Control what they can access and do –Know what users have done  Identity and access management is critical to total security management

IAM Defined - Gartner

Analysts Input... Partners Customers Employees What Analyst are Saying  Complex  Integration is key  Trend towards suites

Research Results Partners Customers Employees Business Challenges  Costly to manage users and access to assets  Difficult to know who has access to what  Helpdesk costs continue to grow  Difficult to manage users across different systems and applications  Compliance for various regulations – Basel II, EU Directive, GLB, HIPAA, Sarbanes Oxley

Research Results Partners Customers Employees Costs  Investing in point products to create a total solution is expensive  Complexity of: –Technology –Organization structure –Consolidation of identity stores  The cost of doing nothing is not recognized

Research Results Partners Customers Employees Technology Needs  Better Integration  Common UI  More automation  Standards Mainframe  Becoming more critical for web services  New uses – expanded role

Success Factors  Understand and quantify the cost of doing nothing  Implement as you go — start small, then scale  Support a heterogeneous environment –Help ensure broad platform and target system support  Protect your investments  Accommodate and correlate multiple data repositories  Help ensure you’re ready on-demand

Success Factors (cont’d)  Must contain end-to-end audit of all components  Couple provisioning, enforcement and audit  Proactive — discovery  Unified GUI — one touch provision/de-provision  Completeness — enterprise, customer and partners  Flexible platform or suite — best of both worlds

IAM Strategy Integrated Provisioning, Enforcement and Audit Across Enterprise and Federated Environments

Identity and Access Management “By 2005, the complexity of integrating the components of IAM solutions will cause 60 percent of enterprises to choose product suites that are owned or licensed by, and supported through, one vendor (0.7 probability).” Source: Gartner Group — The Identity & Access Market Landscape, November 2003

Cost of Doing Nothing  RON TM –Return on Negligence –What is the true cost of status quo?  Calculating costs (define simple formula) –Sum of –What is your cost? Annual turnover X cost of users management plus Annual reorganization X cost of users management plus Percentage of access growth (customers, partners) X costs of access management plus Cost of help desk support for password management plus Users lost productivity X annual turnover

Turning RON Into ROI  Identify costs leveraging RON calculator  Provision users, resources and privileges –Reduce costs — eliminate inefficiencies –Enable compliance — adhere to regulatory requirements –Increase productivity — do more with less

“There can be a great temptation to do nothing and put off the deployment of an Identity and Access Management solution, however, this approach can store up problems for the future.” Source: Butler Group — Identity and Access Management, September 2003 Identity and Access Management

IAM Goals Control and manage all enterprise and federated identities with a single, modular, integrated solution  Complete integration  Breadth and depth of the solution  Investment protection  Total security management

On-Demand Provisioning  Provisions users, enforcement rights and resources  Provides user access — when new services become available — such as servers, applications and systems  Enables users to be automatically created while the correct access is granted to the right resources

The Foundation for Total Identity and Access Management

Identity across the enterprise, partner and customer environments Complete Identity Visualization

User Management

Role Management

Policy-based Management

Self-Service Password Management

Workflow-based Approvals

Business Benefits  Business optimization –Eliminate inefficiencies –Reduce menial tasks  Cost reduction –Allow companies to do more with less –Enable on-demand capabilities  Risk mitigation –Manage identities — active and inactive  Regulatory compliance –HIPAA, Sarbanes-Oxley Act and others

 16,000+ employees worldwide  On the first day of employment: –Users have access to applications and systems  No delay in productivity –Users who change roles at CA automatically get new access rights  Role-based management –Upon departure, users are immediately removed  Reduces risks  Customer and partners access to service –Provisioning of users, access and privileges  Streamlines business processes How CA Uses IAM

Marge Greene Director, Human Resources Robert Stone EVP, Sales New Division Mary Rivers Sr.VP, Product New Division Bill Waltham Strategic Consultant “Hired Gun” eNEX Consulting, Inc. Plus 24 Other New Hires — Globally — This Week Case Study

WORK FLOW PROCESS Enterprise Critical Reliability Unlimited Scalability and more Case Study – Cont. Legacy eTrust ™ CA-ACF2 ® Security Oracle SAP NT MS Exchange Sun Solaris eTrust ™ Web Access Control Access & Accounts Created Audit Access Control eTrust Admin Marge Greene Director, Human Resources HR System HR Data Passed to Admin Admin Maps Job to Roles Robert Stone EVP, Sales New Division New Hire Procurement Facilities Department Manager Gives - OK

Questions? Q & A