Your SlideShare is downloading. ×
How to Deliver Closed-Loop Compliance
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

How to Deliver Closed-Loop Compliance

514
views

Published on

Brainwave General Manager Cyril Gollain delivers this Solution Showcase session.

Brainwave General Manager Cyril Gollain delivers this Solution Showcase session.

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
514
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Presenter’s Logo Here 2013 Open Stack Identity Summit - France Closed-Loop Remediation without breaking a sweat
  • 2. About Brainwave
  • 3. 2011 Product RTM Innovation award 2010 Brainwave creation 1st patent 2012 20+ customers Gartner IAG Magic Quadrant 2013 KuppingerCole Leadership Compass Gartner Cool Vendor 2013 International Biz Dvp 25+ customers
  • 4. What we do •  Our software helps our customers better control compliance and assess the risks related to permissions and access on any kind of resource •  Who can access NASsecretverysecretdocument.xls? •  Are there users who can access remotely to the ERP and issue bank transfers? •  Who left the Accounting Department and kept access to our data over the last six months?
  • 5. Access Entropy
  • 6. Access rights control: Compliance is at stake! •  As stated by Deloitte in their GFSI Security Survey, top external audit findings are about excessive access rights, Segregation of duties breaches and developper access to production systems http://www.deloitte.com/gfsi/securitysurvey 6
  • 7. Brainwave Identity GRC Software solution for access compliance and risk assessment
  • 8. Approach Company Policies, Regulations… Information System Identity GRC Cloud Devices Reports + Insight: •  What are my risks? •  What needs to be fixed? •  Am I compliant?
  • 9. The Identity Ledger 9
  • 10. Benefits •  Improve Data Quality •  Automate controls over fine-grained entitlements •  Even on very large scale (100M+ access rights, 1000s of SoD rules…) •  Provide operational reporting on top of IAM infrastructure •  Build business-oriented review / recertification processes…
  • 11. Brainwave Customers (extract) 11
  • 12. Connectorless Top Secret 12
  • 13. Integration with OpenIDM
  • 14. Identity GRC + OpenIDM Automated remediation actions Manual operations Automated provisioning IT Resources Accounts and fine-grained access rights information Identities and access rights assignments HR and organization-related information Access logs •  •  •  •  •  14 Access rights reconciliation Theoretical rights control Account Recertification process Remediation process Controls & Insight
  • 15. Integration with OpenIDM •  Simple interface (REST services) •  easy to implement and maintain, easy to package •  Ability to automate remediation •  or to mix manual/automated scenarios •  Ability to demonstrate improvement over time •  Enforce remediation, track status, verify desired state •  Nice, customizable GUI and workflow processes
  • 16. Demo time
  • 17. Other ways to leverage Brainwave
  • 18. « Pull » approach •  Build Views to query Brainwave Ledger and instantly publish REST services 18
  • 19. « Push » approach •  Trigger email messages / reports based on control results, review results… 19
  • 20. Presenter’s Logo Here 2013 Open Stack Identity Summit - France Thank you! Questions? Sebastien FAIVRE, Cyril GOLLAIN, Brainwave cyril.gollain@brainwave.fr +33.6 13 78 52 04