Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.

Published byAlison Sharp Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist."— Presentation transcript:

1 Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist

2 Security Management - Challenges  Do you: –Control who has access to which resources –Know what is happening in your environment –Know what to do about it –Have the tools necessary to take action

3 Web Time Centralized Infrastructure Client/Server 19601970 1980 1990 2000 Complexity Flexibility On-Demand Computing and Web Services Information Technology Evolution

4 1 st Generation Gates, Guns, Guards Management Time Security Today 2 nd Generation Reactive Security 3 rd Generation Security as an Enabler 4 th Generation Proactive Security and Accountability Evolution of Information Security

5 Business Challenges  Optimize business –Eliminate inefficiencies –Reduce menial tasks  Reduce costs –Allow companies to do more with less –Enable on-demand capabilities  Mitigate risks –Manage identities — active and inactive  Enable compliance with industry regulations –Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act, Gramm-Leach-Bliley Act and others

6 Identity is at the Core of Business  Identities must be managed –Manage who is in your environment –Control what they can access and do –Know what users have done  Identity and access management is critical to total security management

7 IAM Defined - Gartner

8 Analysts Input... Partners Customers Employees What Analyst are Saying  Complex  Integration is key  Trend towards suites

9 Research Results Partners Customers Employees Business Challenges  Costly to manage users and access to assets  Difficult to know who has access to what  Helpdesk costs continue to grow  Difficult to manage users across different systems and applications  Compliance for various regulations – Basel II, EU Directive, GLB, HIPAA, Sarbanes Oxley

10 Research Results Partners Customers Employees Costs  Investing in point products to create a total solution is expensive  Complexity of: –Technology –Organization structure –Consolidation of identity stores  The cost of doing nothing is not recognized

11 Research Results Partners Customers Employees Technology Needs  Better Integration  Common UI  More automation  Standards Mainframe  Becoming more critical for web services  New uses – expanded role

12 Success Factors  Understand and quantify the cost of doing nothing  Implement as you go — start small, then scale  Support a heterogeneous environment –Help ensure broad platform and target system support  Protect your investments  Accommodate and correlate multiple data repositories  Help ensure you’re ready on-demand

13 Success Factors (cont’d)  Must contain end-to-end audit of all components  Couple provisioning, enforcement and audit  Proactive — discovery  Unified GUI — one touch provision/de-provision  Completeness — enterprise, customer and partners  Flexible platform or suite — best of both worlds

14 IAM Strategy Integrated Provisioning, Enforcement and Audit Across Enterprise and Federated Environments

15 Identity and Access Management “By 2005, the complexity of integrating the components of IAM solutions will cause 60 percent of enterprises to choose product suites that are owned or licensed by, and supported through, one vendor (0.7 probability).” Source: Gartner Group — The Identity & Access Market Landscape, November 2003

16 Cost of Doing Nothing  RON TM –Return on Negligence –What is the true cost of status quo?  Calculating costs (define simple formula) –Sum of –What is your cost? Annual turnover X cost of users management plus Annual reorganization X cost of users management plus Percentage of access growth (customers, partners) X costs of access management plus Cost of help desk support for password management plus Users lost productivity X annual turnover

17 Turning RON Into ROI  Identify costs leveraging RON calculator  Provision users, resources and privileges –Reduce costs — eliminate inefficiencies –Enable compliance — adhere to regulatory requirements –Increase productivity — do more with less

18 “There can be a great temptation to do nothing and put off the deployment of an Identity and Access Management solution, however, this approach can store up problems for the future.” Source: Butler Group — Identity and Access Management, September 2003 Identity and Access Management

19 IAM Goals Control and manage all enterprise and federated identities with a single, modular, integrated solution  Complete integration  Breadth and depth of the solution  Investment protection  Total security management

20 On-Demand Provisioning  Provisions users, enforcement rights and resources  Provides user access — when new services become available — such as servers, applications and systems  Enables users to be automatically created while the correct access is granted to the right resources

21 The Foundation for Total Identity and Access Management

22 Identity across the enterprise, partner and customer environments Complete Identity Visualization

23 User Management

24 Role Management

25 Policy-based Management

26 Self-Service Password Management

27 Workflow-based Approvals

28 Business Benefits  Business optimization –Eliminate inefficiencies –Reduce menial tasks  Cost reduction –Allow companies to do more with less –Enable on-demand capabilities  Risk mitigation –Manage identities — active and inactive  Regulatory compliance –HIPAA, Sarbanes-Oxley Act and others

29  16,000+ employees worldwide  On the first day of employment: –Users have access to applications and systems  No delay in productivity –Users who change roles at CA automatically get new access rights  Role-based management –Upon departure, users are immediately removed  Reduces risks  Customer and partners access to service –Provisioning of users, access and privileges  Streamlines business processes How CA Uses IAM

30 Marge Greene Director, Human Resources Robert Stone EVP, Sales New Division Mary Rivers Sr.VP, Product New Division Bill Waltham Strategic Consultant “Hired Gun” eNEX Consulting, Inc. Plus 24 Other New Hires — Globally — This Week Case Study

31 WORK FLOW PROCESS Enterprise Critical Reliability Unlimited Scalability and more Case Study – Cont. Legacy eTrust ™ CA-ACF2 ® Security Oracle SAP NT MS Exchange Sun Solaris eTrust ™ Web Access Control Access & Accounts Created Audit Access Control eTrust Admin Marge Greene Director, Human Resources HR System HR Data Passed to Admin Admin Maps Job to Roles Robert Stone EVP, Sales New Division New Hire Procurement Facilities Department Manager Gives - OK

32 Questions? Q & A

Download ppt "Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist."

Similar presentations

Connected Health Framework

Connected Health Framework
Tivoli Software from IBM Storage Resource Management Webcast

Tivoli Software from IBM Storage Resource Management Webcast
Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.

Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.
0 © 2011 Silver Spring Networks. All rights reserved. Building the Smart Grid.

0 © 2011 Silver Spring Networks. All rights reserved. Building the Smart Grid.
MOBILIZING CRM ONE STEP AT A TIME Mark Wright, Sybase Senior Systems Consultant Nora Tucker, Sybase Product Marketing Manager Bill Laberis, IDG.

MOBILIZING CRM ONE STEP AT A TIME Mark Wright, Sybase Senior Systems Consultant Nora Tucker, Sybase Product Marketing Manager Bill Laberis, IDG.
Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.

Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.
Privileged Identity Management Enterprise Password Vault

Privileged Identity Management Enterprise Password Vault
Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.

Audit Issues regarding Passwords on Elevated Privilege Accounts Gene Scheckel Global Internal Audit.
1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615) 747-3735.

1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615)
ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.

ETrust End to End Security Management Bernd Dultinger Sales Manager South CEE & Turkey.
7-1 INTRODUCTION: SoA Introduced SoA in Chapter 6 Service-oriented architecture (SoA) - perspective that focuses on the development, use, and reuse of.

7-1 INTRODUCTION: SoA Introduced SoA in Chapter 6 Service-oriented architecture (SoA) - perspective that focuses on the development, use, and reuse of.
Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)

Enhancing Productivity & Lowering Costs with CA Management Software Case study Zürcher Kantonalbank (ZKB)
Identity and Access Management Strategy and Solution.

Identity and Access Management Strategy and Solution.
Convergence – Driving down the Cost of Enterprise IT Christoph Rau BEA Vice President, Central & Eastern Europe October 23, 2003.

Convergence – Driving down the Cost of Enterprise IT Christoph Rau BEA Vice President, Central & Eastern Europe October 23, 2003.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.

UC San Diego EH&S Staff Meeting Project 2010 Jan00 meeting notes.doc May 5, 2004 Update on the New Business Architecture EH&S Staff Meeting.
SE 464: Industrial Information systems Systems Engineering Department Industrial Information System LAB 02: Introduction to SAP.

SE 464: Industrial Information systems Systems Engineering Department Industrial Information System LAB 02: Introduction to SAP.
University of California New Business Architecture Project 2010 Jan00 meeting notes.doc April 15, 2004 Accelerating the New Business Architecture UC Employment.

University of California New Business Architecture Project 2010 Jan00 meeting notes.doc April 15, 2004 Accelerating the New Business Architecture UC Employment.
Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.

Is Your IT Out of Alignment? Chargeback and Billing with Parallels Automation Brian Shellabarger, Chief Architect - SaaS.
Critical Business Issue – Mobile Device Management “Afaria OnDemand from TPC” provides customers with the ability to leverage the full capabilities of.

Critical Business Issue – Mobile Device Management “Afaria OnDemand from TPC” provides customers with the ability to leverage the full capabilities of.

Similar presentations

Ads by Google