Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity, Governance and Administration as forefront of IT Security model: European and North American Experience Vladislav Shapiro Director of Identity.

Similar presentations


Presentation on theme: "Identity, Governance and Administration as forefront of IT Security model: European and North American Experience Vladislav Shapiro Director of Identity."— Presentation transcript:

1 Identity, Governance and Administration as forefront of IT Security model: European and North American Experience Vladislav Shapiro Director of Identity Practice – IGA Dell/Immersion Consulting

2 Established in 1995, Orient Logic is a leading IT company and system integrator in Georgia.

3 Discussion points Current state of affairs in IT Security Basics of Identity Governance Administration Connecting the dots: agile I-G-A Use cases – Government of Austria, Bayern Department of Justice and State of Alabama

4 Current State of Affairs in IT Security

5 IT Security realities of today Change of focus: from protection the perimeter (external only) to the governance of the whole infrastructure (internal and external) Change of mentality: from “castle under siege” to “enemy is already here” Main external goal: advanced threat protection Main internal goal: IGA – Identity Governance and Administration Shift from pure technical-based to business and human factor focused solutions

6 WHO ARE THE “BAD GUYS”?

7

8 ATTACKS ALWAYS RELY ON INTERNAL PROCESS FLAWS No established business process for granting rights to individuals Lack of governance, access controls and monitoring No actionable reporting IGA SHOULD BE READY FOR ADVANCED THREATS

9 IGA ATR Best response practice: ATR+ IGA 9 Pre-Incident Preparation DetectTriage Collect Data : - Volatile Data - Forensic Dup. - Network Traffic Perform Analysis Take Action: Admin and Legal Reporting Incident Occurs: Point-In-Time or Ongoing Remediation: Technical Recovery from the Incident Status Reporting Identity Governance and Administration central authority Data feed Data feed Data feed Data feed Targets/Applications/Devices Account checks Access freeze Risk-based provisioning Notifications, access restore and provisioning Identity Data Sync Data feed

10 Basics of Identity Governance and Administration (IGA)

11 Three dimensions of IGA I - Identity Management G - Governance, Risk and Compliance (GRC) A – Administration – Access Management and Provisioning Main challenge: Make all three components connected to work as one

12 Three forces of IGA in your enterprise Identity owners (HR, Identity suppliers) - I –Responsibilities: manage identities, organization charts –Goal: make sure that identity and organization information is up to date Business owners (C-level managers, PM, compliance officers) - G –Responsibilities: manage all business-related matters, including governance, risk and compliance –Goal: make business successful and customers happy Technology owners (System admins, DB admins, etc.) - A –Responsibilities: support business with technology –Goal: All systems should be up and running 24-7 with no downtime

13 Identity Posture - how to evaluate Identity Posture is about how connected and in-sync three forces are – Three forces collaboration – Maturity of each force Identity Posture is about measuring maturity of – Identity model – Governance model – Administration model Identity Posture is about how enterprise can handle CHANGES – Identity updates – Governance processes restructuring – Administration redesigning

14 Connecting the dots – agile IGA

15 Connected I-G-A goal – be agile All elements are connected into one solution where each responsible person is a contributor to the system Each contributor has means to configure his/her own IGA elements within his knowledge IGA project should have short length phases with clear achievable milestones 15 I G GG A A Identity Governance Administration

16 Managers should easily see all the entitlements of an employee in one clear view Actionable All logical, physical systems, resources and assets. Identity - Identity Goal - Enterprise Visibility

17 Identity goal – separate business and technical views Business view Technical view

18 Governance goal – give dashboard views for current status visibility Managers should easily find the overall and specific status of requests and processes in the system

19 Governance goal - Access granting history audit People responsible for auditing should be able to see the history of assigning access and entitlements to the individuals

20 Governance goal – Approval Workflow builder Approval workflows should be built by the same people who are responsible for the granting process using regular tools, not scripts

21 Use Cases

22 Government of Austria Central portal for Austrian citizens requests Central business workflow engine for handling requests Monitoring automation and actionable reports

23 Bayern Department of Justice Internal personnel IGA: access control, governance and attestation Centralized Policy engine Advanced threat protection: external and internal Constant activity monitoring and actionable reports

24 State of Alabama State of Alabama was breached in 2012 –Millions of data records were stolen –State Web site was disabled –IT operations was paralyzed IT Security and IGA solution –Advanced threat detection software –IGA full suite solution –Privileged access manager Security and IGA education of the personnel


Download ppt "Identity, Governance and Administration as forefront of IT Security model: European and North American Experience Vladislav Shapiro Director of Identity."

Similar presentations


Ads by Google