Presentation is loading. Please wait.

Presentation is loading. Please wait.

StealthAUDIT For Access & Data Governance.

Published byDenis Lewis Modified over 6 years ago

Similar presentations

Presentation on theme: "StealthAUDIT For Access & Data Governance."— Presentation transcript:

1 StealthAUDIT For Access & Data Governance

2 STEALTHbits Technologies
Strong Management Team Access & Data Governance Expertise Strong & Growing Customer Base Purpose-built automation platform Infrastructure-independent Enterprise-Scale & Grade Patented Technologies Strong references & deployments 7 of the top 10 Financial services firms 3 of the top 5 Property insurance firms 2 of the top 5 Pharmacy Service firms Top 2 Telecommunications firms Strong Partner Ecosystem

3 Business Challenges Data Explosion 80% of Data is Unstructured
650% increase over 5 years (Gartner) Cloud, Mobility, Virtualization & Social Access Sprawl Constant Change Over-Provisioning Decentralized Management Active Directory Critical Infrastructure Highly Distributed Limited Oversight Organic Growth / M&A Group Proliferation Rising Risk Exposure Increasing Threat Landscape Tightening Regulatory Requirements Brand/Revenue Impact Whether you are coping with Security, Compliance or Operational challenges , chances are the common denominator is Active Directory. AD is a foundational element of every datacenter in the world. It is responsible for authenticating more than 80% of our Enterprise technology resources - yet it has evolved haphazardly . Part of the issue is the nature of AD’s design – it was intended to be a highly distributed and scalable authentication framework. Part of the issue is anything this flexible and complex is prone to organizational mis-management. It’s not uncommon to find small organizations struggling with multiple forests and domains geographically spread. When organizations grow through M&A the problem is compounded by the tendency to carelessly bolt-on trust relationships and never quite get to a point of appropriate decommissioning. Like our power grid, AD keeps the lights on but it has fallen into disrepair…operational hazards are lurking & security is lacking. ---- And like our critical infrastructures, the impact of mismanaged AD sprawl & Unchecked Data Growth is usually felt when there is an outage or a security incident. It’s common to uncover Toxic Operational Conditions and Security Risks when a reactive RCA is performed. The kinds of things that show up are pretty ugly and could have been avoided in the first place. Things like: Groups Token Bloat Security These issues can be very disruptive to Business As Usual computing and fatal for the adoption of new technologies like: Apps, Cloud Services, IAM, DLP, etc… Wouldn’t it be nice if you assess the current risks within AD, prioritize the most critical issues and develop a plan to remediate?

4 Business Impact Risk & Security Identify Policy Violations
Eliminate Over-Provisioning Enable Least-Privilege SOD Issues Operational Efficiency Simplified On-boarding Toxic Conditions Token Bloat / Group Hygiene Access Investigation Enable Technology Adoption Audit & Compliance Ability to Respond Audit Findings Time, Cost, & Effort And like our critical infrastructures, the impact of mismanaged AD sprawl & Unchecked Data Growth is usually felt when there is an outage or a security incident. It’s common to uncover Toxic Operational Conditions and Security Risks when a reactive RCA is performed. The kinds of things that show up are pretty ugly and could have been avoided in the first place. Things like: Groups Token Bloat Security These issues can be very disruptive to Business As Usual computing and fatal for the adoption of new technologies like: Apps, Cloud Services, IAM, DLP, etc… Wouldn’t it be nice if you assess the current risks within AD, prioritize the most critical issues and develop a plan to remediate?

5 Leverage Existing Investment in IAM
SILOS

6 StealthAUDIT for Access & Data Governance

7 Discover Active Directory
Discover Operational Risk Stale / Unused Objects Group Nesting Issues Cross-Domain Issues Incomplete Information Token Size Issues Discover Security Risk User Accounts & Attributes Groups & Memberships Security Policies Anomalies Prioritize & Remediate Active Directory Context DB Well StealthAUDIT for Access & Data Governance can help. We begin with Active Directory: Enumerate and Collect Data on the entire AD environment Focus on Users, Groups and their Relationships This gives us the ability answer your most pressing AD Hygiene questions Scan Once, Differentials going forward – AD is now in a continuous state of Audit. At this point you have collected all of the information necessary to perform an Active Directory clean-up in advance of an AD consolidation or IAM rollout. This is also an important on-going maintenance step for maturing the management of your AD environment. This data can be used in a stand alone fashion to improve AD Operational Management or applied to broader Security & Risk issues like Mitigating Open Access Risks etc… Next, let’s expand our visibility…

8 Discover Data Environment
Permission Sprawl Who Has Access to What? Who is Accessing What? How are Rights Applied? High Risk Repositories Open, Sensitive Stores Data Ownership Permissions, Activity, Content.. Shares/Folders/Files… Content Analysis Stale, Sensitive, Unused Content violations Prioritize & Remediate File Systems SharePoint Databases Other AD-Enabled Resources ADCD PDB Gaining Visibility and Control over your File Systems, SharePoint, SQL, Operating Systems (local groups/policies) is a good news/bad news proposition. First the bad: it’s impossible to visualize and control access without automation and a geometric progression in difficulty harder without first understanding Active Directory. The good news is StealthAUDIT understand AD and has the performance and scale to consume tremendous amounts of data about your AD Ecosystem. First we agentlessly collect directly applied permissions Collect file level meta data Ownership Last Mod File Type File Size Then we deploy Activity Agents to monitor File Use At this point we can determine who has access to what and what they are doing with it Run algorithm that calculates Effective Access Effective Access untangles groups and directly applied permissions in a way that allows easy analysis of who is really has access and how they got it. Why is this important – chances are people have access they don’t need Mishandling of data Attack/breach Stored in our purpose built database for analyzing the context of your AD environment and the permissions as they are applied on AD enabled resources. Now let’s bring the conversation back to the business challenges all of this helps to resolve: Access Sprawl Pace of Joiners Mover Leaver Activity Access Granted but Never thoroughly Reviewed/Adjusted Distributed Entitlement Stores Data Explosion 80% of an Organizations Data is Unstructured Big Data, Cloud, Virtualization, Mobility & Social Gartner predicts 650% increase in next 5 years Risk Exposure on the Rise Security Breaches Compliance Violations Jeopardize Project SLA’s Loss of Competitive Edge Brand/Revenue Impact You’re sure to uncover a lot of scary stuff…but where do you start? Virtual Entitlements Store

9 Prioritize Risk Exposure
File Systems Roadmap to Resolution Executive Dashboard & Drill Down Reports Visibility into Active Directory and Various Data Sources Analyze Permission Assignments Identify Ownership Remediation Modeling Weighted Risk Analysis Active Directory SharePoint Databases ADCD PDB Other AD-Enabled Resources Now let’s bring the conversation back to the business challenges and prioritizing our response to the findings Access Sprawl Pace of Joiners Mover Leaver Activity Access Granted but Never thoroughly Reviewed/Adjusted Distributed Entitlement Stores Data Explosion 80% of an Organizations Data is Unstructured Big Data, Cloud, Virtualization, Mobility & Social Gartner predicts 650% increase in next 5 years Risk Exposure on the Rise Security Breaches Compliance Violations Jeopardize Project SLA’s Loss of Competitive Edge Brand/Revenue Impact Virtual Entitlements Store

10 Remediate High-Risk Conditions
Access & Data Diligence Visibility Across the Microsoft Ecosystem Discover Operational & Security Risk Prioritize & Remediate Continuous Monitoring Automate & Integrate Transform Security Model to Support Future Expansion Identify Risk Transform Automate Review Entitlements Continuous Monitoring ADCD PDB Now that we know where to start, let’s remediate it . Dashboard Tactical Reports Action modules Integration into Ticketing Systems Integration into Change Management Once clean, let’s make sure any deviations are quickly corrected. Ongoing Monitoring Integration into GRC, DLP, SIEM, Attestation, IAM etc… Comprehensive program supporting every organizations data protection programs. Representing needs of: AD Engineering/Arch/Ops Info Security Arch/Eng/Ops Audit & Compliance Storage Arch/Eng/Ops Virtual Entitlements Store

11 Integrate with IAM Solutions
Active Directory Forests & Domains ISIM File Systems Databases SharePoint ADCD PDB Virtual Entitlements Store Applications

12 Self-Service Data Governance for ISIM
STEALTHbits identifies the unstructured data resources and introduces them into the ISIM workflows without user intervention. Resource risk profiles ensure optimal data protection. When an access request is made, STEALTHbits identifies the appropriate resource steward to approve or deny the request. ISIM requires the security group that should be used to grant permissions. The application of security groups is typically unmanaged and unpredictable. STEALTHbits eliminates the confusion and identifies the appropriate groups for each level of access. STEALTHbits automatically feeds the requisite intelligence into ISIM and maintains that information over time.

13 Self-Service Data Governance for ISIM
Your Value: Gain full visibility across unstructured data Fill access and permissions gaps Reducing risk and meeting compliance requirements Meeting customer security audit requirements Automated provisioning and de-provisioning via ISIM/ITIM

14 Self-Service Data Governance for ISIM
Customer Value: Gain full visibility across unstructured data Fill access and permissions gaps Reducing risk and meeting compliance requirements Meeting customer security audit requirements Automated provisioning and de-provisioning via ISIM/ITIM Your Value: Gives you a competitive edge Better understanding of your customer’s business Improve customer relationships Increased deal value = increased revenue Upsell opportunities with existing customers

15 Summary Leverage existing ISIM/ITIM technology
Extend your visibility into unstructured data Extended self-service requests of access to organizational resources Fulfill audit requirements Improved security posture Eliminates the blind spot in IAM & IAG

16 Questions?

Download ppt "StealthAUDIT For Access & Data Governance."

Similar presentations

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Copyright © 2014 STEALTHbits Technologies, Inc.. All rights reserved. | STEALTHbits Technologies, Inc. The Unstructured Data Challenge 1.

Copyright © 2014 STEALTHbits Technologies, Inc.. All rights reserved. | STEALTHbits Technologies, Inc. The Unstructured Data Challenge 1.
Extending IBM Security Identity Manager

Extending IBM Security Identity Manager
Extending IBM Security Identity Manager

Extending IBM Security Identity Manager
11© 2011 Hitachi Data Systems. All rights reserved. HITACHI DATA DISCOVERY FOR MICROSOFT® SHAREPOINT ® SOLUTION SCALING YOUR SHAREPOINT ENVIRONMENT PRESENTER.

11© 2011 Hitachi Data Systems. All rights reserved. HITACHI DATA DISCOVERY FOR MICROSOFT® SHAREPOINT ® SOLUTION SCALING YOUR SHAREPOINT ENVIRONMENT PRESENTER.
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.

Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.

©2011 Quest Software, Inc. All rights reserved. Patrick Hunter EMEA IDAM Team Lead 7 th February 2012 Creating simple, effective and lasting IDAM solutions.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Www.TeamCluster.com TeamCluster Project Real time project management solutions Harry Hvostov April 27, 2002.

TeamCluster Project Real time project management solutions Harry Hvostov April 27, 2002.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Comprehensive Project Management Solutions with the.NET Server family.

Comprehensive Project Management Solutions with the.NET Server family.
Introducing Novell ® Identity Manager 4 Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/E-mail (14pt)

Introducing Novell ® Identity Manager 4 Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)
Microsoft Azure and ServiceNow: Extending IT Best Practices to the Microsoft Cloud to Give Enterprises Total Control of Their Infrastructure MICROSOFT.

Microsoft Azure and ServiceNow: Extending IT Best Practices to the Microsoft Cloud to Give Enterprises Total Control of Their Infrastructure MICROSOFT.
GRC: Aligning Policy, Risk and Compliance

GRC: Aligning Policy, Risk and Compliance
Cloud, big data, and mobility 20032015 Your phone today probably meets the minimum requirements to run Windows Server 2003 Transformational change up.

Cloud, big data, and mobility Your phone today probably meets the minimum requirements to run Windows Server 2003 Transformational change up.

Similar presentations

Ads by Google