1 / 29

INNOVATION

INNOVATION. l eave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology is at its best . ATP – Dublin, OH August 14, 2013. WHO IS IDMWORKS. www. idmworks .com.

faith
Télécharger la présentation

INNOVATION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology is at its best. ATP – Dublin, OH August 14, 2013

  2. WHO IS IDMWORKS www.idmworks.com Identity & Access Management | Managed Services | Custom Application Development | Data Center Solutions Operational Since 2004 Privately Owned D&B Rating of 95% 65+ Consultants Proven methodology & approach, 95% of employees are US Citizens, 100% are W2, 25% have US Government security clearances, each consultant has an average of +5 years experience in Identity and Access Management, & our consultants are located throughout North America Vendor Partnerships with: Aveksa, Axiomatics, Avatier, CA, Courion, CyberArk, FoxT, Hitachi, IBM, Microsoft, NetIQ (Novell ), Oracle (includes Sun & Passlogix), PingIdentity, Quest (Dell), RSA & SailPoint Oracle Platinum Partner NetIQ Elite Partner CA Elite Partner Hundreds of Successful Engagement with Clients Across Multiple Sectors www.idmworks.com For more information please visit our website: 2 of 29

  3. What is IDENTITY & ACCESS MANAGEMENT

  4. Identity & Access management Data center migration Custom development Managed services IDMWORKS is one of the top ten Identity and Access Management IAM consultancies in the US with extensive experience helping clients solve challenges across all IAM disciplines and vendor technologiesaccording to Gartner 2012. 4 of 29

  5. Gartner Definitions of the iam space www.idmworks.com ASSESSMENT & ROADMAP Review and Planning User Provisioning Automation of user management and access to systems within an organization Change Management Automation and support for development, rollout and maintenance of system components from current state to future state Role LifeCycle Management Modeling and implementation of Roles within an organization Access Management Real-time enforcement of application security using identity-based controls and provisioned access rights  • Governance • Implementation of a controls based framework and a robust governance program • Audit & Compliance • Support for laws, regulation and policies defined within an organization for Business and ITDevelopment Program, Military Health Systems (MHS), US Army, US Air Force, US Navy 6 of 29

  6. www.idmworks.com SuccessApproach Validate your current state Highlight your constraints Identify your crucial success factors Define your desired state & first win Develop your blueprint Deliver a step by step roadmap: Costs Timelines Milestones Business Justification 7 of 29

  7. Product Areas in IAM www.idmworks.com Provisioning & Password Management Access Control Access Governance Single Sign-on & Federation Privileged User Management 8 of 29

  8. Provisioning & Password Mgt www.idmworks.com Trouble Ticket System Human Resources Employee Adds Moves Deletes Active Directory Spreadsheet Applications Applications Applications Emails 9 of 29

  9. Provisioning & Password Mgt www.idmworks.com Manual System Requires Multi-Steps Takes Weeks or Months No Audit Trail Employee Adds Moves Deletes Trouble Ticket System Reports/ Audits Human Resources Spreadsheet Active Directory Reports/ Audits Applications Applications Applications Reports/ Audits Emails 10 of 29

  10. Provisioning & Password Mgt www.idmworks.com ORACLE | NETIQ |CA| QUEST| COURION| MICROSOFT| IBM|SAILPOINT| AVEKSA Automated/self-service system Real time Includes audit Trail Provisioning & Password Management Human Resources Reports/ Audits Active Directory Applications Applications Applications Identity Management System Employee Adds Moves Deletes 11 of 29

  11. VOICE OFEXPERIENCE www.idmworks.com Assess environment and interview stakeholders to find gaps in “as-is” and “should-be” states Form a team of Business Owners, IT Sec, Audit and Compliance Focus on workflow and narrow the initial goal: Human or non-human Address mobile environment (BYOD) Areas that can be improved quickly Gain Executive buy-in for funding by focusing on gains: Automate the account process: new, change, & remove for efficiency Improved speed to onboard Improve security on entitlement creep Improved audit on off-boarding Speed to deliver audit data 12 of 29

  12. Validating access entitlements www.idmworks.com RBAC: Create Role ABAC: Define Attributes PBAC: Create Policies Automate Access Single Sign-On Employee Adds Moves Deletes Trouble Ticket System Access Control Reports/ Audits Human Resources Spreadsheet Active Directory Reports/ Audits Applications Applications Applications Reports/ Audits Emails 13 of 29

  13. Validating access entitlements www.idmworks.com Automated Validation of Entitlements Attestation Automated Audit Employee Adds Moves Deletes Trouble Ticket System Access Control Reports/ Audits Human Resources Spreadsheet Active Directory Reports/ Audits Access Governance Applications Applications Applications Reports/ Audits Emails 14 of 29

  14. Validating access entitlements www.idmworks.com Automated Changes Real-Time Policy Enforcement 2) Management Approvals 3) Audit Trail Access Control & Governance AGS System Attestation Human Resources Reports/ Audits ORACLE NETIQ CA DELL/QUEST COURION IBM AVATIER SAILPOINT AVEKSA AXIOMATICS Provisioning & Password Management Identity Management System Active Directory Reports/ Audits Applications Applications Applications 15 of 29

  15. VOICE OFEXPERIENCE www.idmworks.com Assess environment and interview stakeholders to find key applications that require automation for improved compliance Form another team of Business Owners & IT Sec to define the ideal user experience (Employee and Manager) Review organizational goals around user accounts: RBAC ABAC PBAC Automate the process, then look for the orphans and exceptions Focus on: Speed to respond and remediate audit findings Automation of manual audit response process Address mobile environment (BYOD) 16 of 29

  16. Access to external apps www.idmworks.com Applications Applications Applications Every Application Requires Integration to Every External Application for Access Trouble Ticket System System Adds Moves Deletes Spreadsheet Emails Employee Adds Moves Deletes Manual Process Requires App Development Takes Weeks or Months No Common Control No Audit 17 of 20

  17. Access to external apps www.idmworks.com Applications Applications Applications ORACLE NETIQ CA DELL/QUEST Microsoft PingIdentity IBM Trouble Ticket System System Adds Moves Deletes Spreadsheet Emails Single Sign On and Federation Employee Adds Moves Deletes Centralized Security Policy Enforcement Complete Audit Trail 18 of 29

  18. VOICE OFEXPERIENCE www.idmworks.com Focus on the client Employee satisfaction around SSO Customer / Partner integration (ease of doing business) Assess the number of SAS connections and pick two for early federation to use as a use case for standard approach Consider human and non-human systems integration Tie project with cloud initiatives HR CRM Supply chain 19 of 29

  19. PRIVILEGED USER ACCESS Applications Applications Applications System Admins Developers Root Access Root Access Root Access Root Access Root Access Everyone has same access No audit IT Admins In addition to System Admins, Dbase Admins, Server Admins & Infra Admins… Every Non Human Applications Have Access to Systems Which Requires Manual Development & Audit 20 of 29

  20. PRIVILEGED USER ACCESS Applications Applications Applications Can filter access Log usage and record suspicious activity Audit System Admins One-time use Developers Privileged User Management Password Vault Session Record Request IT Admins 21 of 29

  21. VOICE OFEXPERIENCE www.idmworks.com Form a team of IT Sec, Development, Audit and Compliance to define the approach to control “superuser” access Assess your current state and define gaps to desired state Implement a Privileged User/Account/Access Management solution Automate the process, then look for orphans and exceptions 22 of 29

  22. VENDORS www.idmworks.com Provisioning & Password Management Access Control Access Governance ORACLE NETIQ CA DELL/QUEST COURION MICROSOFT AVATIER SAILPOINT AVEKSA Single Sign-on & Federation ORACLE NETIQ CA DELL/QUEST COURION IBM AVATIER SAILPOINT AVEKSA AXIOMATICS Privileged User Management ORACLE NETIQ CA, IBM DELL/QUEST MICROSOFT PINGIDENTITY ORACLE DELL/QUEST CYBERARK 23 of 29

  23. IDMWORKS FOOTPRINT www.idmworks.com HIGHER EDUCATION West Virginia U, Ithaca College, City University of New York, U of Massachusetts, Embry-Riddle Aeronautical University, Widener College, Coppin State College, Syracuse U, Ohio State U, Northland College FINANCIAL Alliance Data, TD Bank N.A., Freddie Mac, Woodforest National Bank, Northern Trust Bank, ITT, Capital One, M&T Bank, MBNA, Great American Financial, JPMC COMMERCIAL General Motors, Lowes, Holland America Line, Carmax, Subaru of America, AAA, Freightliner, Condé Nast, Gartner, Paychex, Tyco Electronics, Toyota Motor Sales, Dell, AON, Towers Perrin, Rohn & Haas, Rockwell Automation, McDonalds Corp, Oppenheimer Funds, Nike HEALTH CARE Dignity Health, Health First, Catholic Healthcare West, Children’s Hospital of Philadelphia (CHOP), Priority Health, Excellus BCBS, Wellmark BCBS, Kaiser Permanente, Horizon BCBS, BCBS Michigan, Carefirst BCBS, Cincinnati Children’s, Unitrin, Guardian, Select Medical, Center for Medicare & Medicade, United Health Group, GlaxoSmithKline, Baylor Health Group, Lawrence Livermore National Laboratory UTILITIES ERCOT, Pennsylvania Power & Light, We Energies, Midwest ISO, Uti GOVERNMENT Department of Defense (DOD), Joint Chiefs of Staff, Defense Information System Agency (DISA), United Nations Development Program, Military Health Systems (MHS), US Army, US Air Force, US Navy www.idmworks.com STATE & LOCAL NYDOH, Hennepin County 3 of 29

  24. CLIENT CASE STUDY www.idmworks.com PROVISIONING 60,000 employee Healthcare Provider Operating forty facilities throughout CA, NV & AZ 6000 employee changes per month (was manual & batch processing) Legacy IdM environment migrated to new provisioning platform Centralized authentication & authorization Identified most critical applications Automated access to top 25 application with plan for +400 other applications Improved audit compliance requirements 24 of 29

  25. CLIENT CASE STUDY www.idmworks.com ACCESS GOVERNANCE 8700 employees operating in 70 countries with numerous remote users Largest independent provider of insurance claims management solutions for risk and insurance industry Access Governance project Initial quick start didn’t produce fully functional system Tied role management to provisioning Access rights can be de-provisioned real-time Automated logging & reporting for compliance 25 of 29

  26. CLIENT CASE STUDY www.idmworks.com SINGLE SIGN-ON & FEDERATION 44000 employee apparel manufacturer & retailer operating worldwide Huge supply chain network with numerous SAS connections Trusted partners in the US and overseas Federated identity and Federated single sign-on needs addressed Automated logging and reporting for compliance 26 of 29

  27. Key Questions www.idmworks.com Who are the key stakeholders in your IAM project(s)? How are you communicating cost benefits of your identity and access management system(s)? Have you assessed the following: Automated Provisioning Password Management Access Governance Single Sign-On & Federation Privileged User Access Management How are you maintaining and improving IAM systems? How are you working with audit and compliance ? CONTACT US Loremipsum dolor, 03663, State, Country P. 123 456 7890 / email@domain.com 27 of 29

  28. ASSESSMENT APPROACH www.idmworks.com Validate your current state Highlight your constraints Identify your crucial success factors Define your desired state & first win Develop your blueprint Deliver a step by step roadmap: Costs Timelines Milestones Business Justification 28 of 29

  29. THANK YOU

More Related