SlideShare a Scribd company logo

Intro to Identity Management

Hitachi ID Systems, Inc.
Hitachi ID Systems, Inc.

Managing the User Lifecycle across On-Premises and Cloud Hosted Applications

TechnologyBusiness
1 of 6
Download to read offline
1 Introduction to Identity Management Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications An overview of business drivers and technology solutions. 2 Identity and Access Needs are Ever-Changing Digital identities require constant Complexity creates delay and reliability administration to reflect business changes: problems: • Who? (Types of users): • Productivity: Employees, contractors, vendors, Slow onboarding, change fulfillment. partners, customers. • Cost: • Why? (Business events): Many FTEs needed to implement security Hire, move, change job function, changes. terminate. • Security: • What? (Change types:) Unreliable access termination, Create/move/disable/delete user, update inappropriate user entitlements. Enforce identity data and entitlements, reset SoD policies. passwords. • Accountability: • Where? (Applications:) Who has access to what? How/when did AD, Exchange, Notes, ERP, Linux/Unix, they get it? database, mainframe, physical assets. © 2011 Hitachi ID Systems, Inc. All rights reserved. 1
Slide Presentation 3 IAM in Silos In most organizations, many processes affect many applications. This many-to-many relationship creates complexity: 4 Identity and Access Problems For users For IT support • How to request a change? • Onboarding, deactivation across many • Who must approve the change? apps is challenging. • When will the change be completed? • More apps all the time! • Too many passwords. • What data is trustworthy and what is • Too many login prompts. obsolete? • Not notified of new-hires/terminations on time. • Hard to interpret end user requests. • Who can request, who should authorize changes? • What entitlements are appropriate for each user? • The problems increase as scope grows from internal to external. © 2011 Hitachi ID Systems, Inc. All rights reserved. 2
Slide Presentation 5 Identity and Access Problems (continued) For Security / risk / audit For Developers • Orphan, dormant accounts. • Need temporary access (e.g., prod • Too many people with privileged access. migration). • Static admin, service passwords a • Half the code in every new app is the security risk. same: • Weak password, password-reset processes. – Identify. • Inappropriate, outdated entitlements. – Authenticate. • Who owns ID X on system Y? – Authorize. • Who approved entitlement W on system – Audit. Z? – Manage the above. • Limited/unreliable audit logs in apps. • Mistakes in this infrastructure create security holes. 6 Externalize IAM From Application Silos • The problem with IAM is complexity, due to silos. • The obvious solution is to extract IAM functions from system and application silos. • A shared infrastructure for managing users, their authentication factors and their security entitlements is the answer. © 2011 Hitachi ID Systems, Inc. All rights reserved. 3
Slide Presentation 7 Integrated IAM Processes Business Processes IT Processes Hire Retire Resign Finish Contract New Application Retire Application Transfer Fire Start Contract Password Expiry Password Reset Identity Management System Users Passwords Operating Directory Application Database E-mail ERP Legacy Mainframe Groups System System App Attributes Systems and Applications 8 Business Drivers for IAM Security / controls. • Reliable deactivation. • Strong authentication. • Appropriate security entitlements. Regulatory • PCI-DSS, SOX, HIPAA, EU Privacy Directive, etc. compliance. • Audit user access rights. IT support costs. • Help desk call volume. • Time/effort to manage access rights. Service / SLA. • Faster onboarding. • Simpler request / approvals process. © 2011 Hitachi ID Systems, Inc. All rights reserved. 4
Slide Presentation 9 IAM Strengthens Security • Reliable and prompt global access termination. • Reliable, global answers to "Who has What?" • Access change audit trails. • Sound authentication prior to password resets. • Security policy enforcement: strong passwords, regular password changes, change authorization processes, SoD enforcement, new user standards, etc. • Regulatory compliance: HIPAA, Sarbanes-Oxley, 21CFR11, etc. 10 Cost Savings and Productivity Cost Item Before After Savings Help desk cost of 10,000 x 3 x $25 10,000 x .6 x $13 = $672,000 / year password resets: = $750,000 / year = $78,000 / year New hire lost 10,000 x 10% x 10 x 10,000 x 10% x 1 x = $1.8M / year productivity $400 x 50% $400 x 50% = $2M / year = $200,000 / year Access change 10,000 x 2 x 2 x 10,000 x 2 x 1 x = $800,000 / year lost productivity $400 x 10% $400 x 10% = $1.6M / year = $800,000 / year Password Resets New Users Access Changes Users: 10,000 Staff turnover: 10% Days to change 2 access: Password resets / 3 Days to setup 10 user / year: a new user: Security changes 2 / year per user: Cost per help 25 Value of user $400 / day desk call: productivity: Productivity of 90% users waiting for Productivity of 50% changed access: users waiting for new access: © 2011 Hitachi ID Systems, Inc. All rights reserved. 5
Slide Presentation 11 Elements of IAM Identity and access Privileged management solutions Telephone Password User Password Management Provisioning Identity may incorporate many Reset Synchronization Enterprise components, from Role Single Management multiple vendors: Signon Resource Password Access Management Requests Access ID Certification Reconciliation Web System of Single Record Signon Federation Directory Strong Virtual Authentication Directory Hitachi ID Systems Partners 12 Summary • The problem with managing identities, security entitlements, passwords and related data is a business, not a technology problem: – Too many business events, which impact – Too many systems and applications. • Technology solutions are available to address these problems: – Password synchronization and reset – Automated user provisioning and deactivation. – Identity synchronization. – Enforcement of policies using segregation-of-duties and roles. – Periodic access review and cleanup (certification). – Various kinds of single signon. 500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com File: PRCS:pres www.Hitachi-ID.com Date: March 22, 2011

Recommended

Hitachi ID Identity Manager: Detailed presentation
Hitachi ID Identity Manager: Detailed presentationHitachi ID Identity Manager: Detailed presentation
Hitachi ID Identity Manager: Detailed presentationHitachi ID Systems, Inc.
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Systems, Inc.
 
Hitachi ID Solutions Supporting SOX Compliance
Hitachi ID Solutions Supporting SOX ComplianceHitachi ID Solutions Supporting SOX Compliance
Hitachi ID Solutions Supporting SOX ComplianceHitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Systems, Inc.
 
Defining Enterprise Identity Management
Defining Enterprise Identity ManagementDefining Enterprise Identity Management
Defining Enterprise Identity ManagementHitachi ID Systems, Inc.
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 

Recommended

Hitachi ID Identity Manager: Detailed presentation
Hitachi ID Identity Manager: Detailed presentationHitachi ID Identity Manager: Detailed presentation
Hitachi ID Identity Manager: Detailed presentationHitachi ID Systems, Inc.
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Systems, Inc.
 
Hitachi ID Solutions Supporting SOX Compliance
Hitachi ID Solutions Supporting SOX ComplianceHitachi ID Solutions Supporting SOX Compliance
Hitachi ID Solutions Supporting SOX ComplianceHitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Systems, Inc.
 
Defining Enterprise Identity Management
Defining Enterprise Identity ManagementDefining Enterprise Identity Management
Defining Enterprise Identity ManagementHitachi ID Systems, Inc.
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
Healthcare it consolidated
Healthcare it consolidatedHealthcare it consolidated
Healthcare it consolidatedOracleIDM
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracleIDM
 
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...Hitachi ID Systems, Inc.
 
Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4OracleIDM
 
Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formulaOracleIDM
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalOracleIDM
 
Round table guide
Round table guideRound table guide
Round table guideOracleIDM
 
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...Hitachi ID Systems, Inc.
 
Advanced persistent threats
Advanced persistent threatsAdvanced persistent threats
Advanced persistent threatsNetwork Intelligence India
 
Ioug webcast entitlements in check
Ioug webcast entitlements in checkIoug webcast entitlements in check
Ioug webcast entitlements in checkOracleIDM
 
Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineNovell
 
Gartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalGartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalOracleIDM
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationOracleIDM
 
Biz case-keynote-final copy
Biz case-keynote-final copyBiz case-keynote-final copy
Biz case-keynote-final copyOracleIDM
 
Declarative security-oes
Declarative security-oesDeclarative security-oes
Declarative security-oesOracleIDM
 
Scaling identity to internet proportions
Scaling identity to internet proportionsScaling identity to internet proportions
Scaling identity to internet proportionsOracleIDM
 
Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsHitachi ID Systems, Inc.
 
Managing Passwords for Mobile Users
Managing Passwords for Mobile UsersManaging Passwords for Mobile Users
Managing Passwords for Mobile UsersHitachi ID Systems, Inc.
 
Beyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningBeyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningHitachi ID Systems, Inc.
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management ProjectsHitachi ID Systems, Inc.
 
Password Manager: Detailed presentation
Password Manager: Detailed presentationPassword Manager: Detailed presentation
Password Manager: Detailed presentationHitachi ID Systems, Inc.
 

More Related Content

What's hot

Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
Healthcare it consolidated
Healthcare it consolidatedHealthcare it consolidated
Healthcare it consolidatedOracleIDM
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracleIDM
 
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...Hitachi ID Systems, Inc.
 
Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4OracleIDM
 
Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formulaOracleIDM
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalOracleIDM
 
Round table guide
Round table guideRound table guide
Round table guideOracleIDM
 
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...Hitachi ID Systems, Inc.
 
Ioug webcast entitlements in check
Ioug webcast entitlements in checkIoug webcast entitlements in check
Ioug webcast entitlements in checkOracleIDM
 
Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineNovell
 
Gartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalGartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalOracleIDM
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationOracleIDM
 
Biz case-keynote-final copy
Biz case-keynote-final copyBiz case-keynote-final copy
Biz case-keynote-final copyOracleIDM
 
Declarative security-oes
Declarative security-oesDeclarative security-oes
Declarative security-oesOracleIDM
 
Scaling identity to internet proportions
Scaling identity to internet proportionsScaling identity to internet proportions
Scaling identity to internet proportionsOracleIDM
 

What's hot (17)

Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
 
Healthcare it consolidated
Healthcare it consolidatedHealthcare it consolidated
Healthcare it consolidated
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
 
Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4Cso oow12-summit-sonny-sing hv4
Cso oow12-summit-sonny-sing hv4
 
Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formula
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-final
 
Round table guide
Round table guideRound table guide
Round table guide
 
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
 
Advanced persistent threats
Advanced persistent threatsAdvanced persistent threats
Advanced persistent threats
 
Ioug webcast entitlements in check
Ioug webcast entitlements in checkIoug webcast entitlements in check
Ioug webcast entitlements in check
 
Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product Line
 
Gartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalGartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-final
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformation
 
Biz case-keynote-final copy
Biz case-keynote-final copyBiz case-keynote-final copy
Biz case-keynote-final copy
 
Declarative security-oes
Declarative security-oesDeclarative security-oes
Declarative security-oes
 
Scaling identity to internet proportions
Scaling identity to internet proportionsScaling identity to internet proportions
Scaling identity to internet proportions
 

Viewers also liked

Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsHitachi ID Systems, Inc.
 
Beyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningBeyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningHitachi ID Systems, Inc.
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management ProjectsHitachi ID Systems, Inc.
 
Standard IAM Business Processes: Corporate / Intranet Deployment
Standard IAM Business Processes: Corporate / Intranet DeploymentStandard IAM Business Processes: Corporate / Intranet Deployment
Standard IAM Business Processes: Corporate / Intranet DeploymentHitachi ID Systems, Inc.
 
The Intersection of Identity Management and Cloud Computing
The Intersection of Identity Management and Cloud ComputingThe Intersection of Identity Management and Cloud Computing
The Intersection of Identity Management and Cloud ComputingHitachi ID Systems, Inc.
 
Why be part of the Clariba Experience?
Why be part of the Clariba Experience?Why be part of the Clariba Experience?
Why be part of the Clariba Experience?Clariba
 
Keperluan asas haiwan
Keperluan asas haiwanKeperluan asas haiwan
Keperluan asas haiwanlimhueishyn
 
Superchaging big production systems on Firebird: transactions, garbage, maint...
Superchaging big production systems on Firebird: transactions, garbage, maint...Superchaging big production systems on Firebird: transactions, garbage, maint...
Superchaging big production systems on Firebird: transactions, garbage, maint...Mind The Firebird
 
Quick email best practices overview
Quick email best practices overviewQuick email best practices overview
Quick email best practices overviewBill Powell
 
IE - IMBA application - Mohab Soliman - August 2015 (Question G)
IE - IMBA application - Mohab Soliman - August 2015 (Question G)IE - IMBA application - Mohab Soliman - August 2015 (Question G)
IE - IMBA application - Mohab Soliman - August 2015 (Question G)MohabSoliman2015
 

Viewers also liked (16)

Integrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO SystemsIntegrating Hitachi ID Management Suite with WebSSO Systems
Integrating Hitachi ID Management Suite with WebSSO Systems
 
Managing Passwords for Mobile Users
Managing Passwords for Mobile UsersManaging Passwords for Mobile Users
Managing Passwords for Mobile Users
 
Beyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User ProvisioningBeyond Roles: A Practical Approach to Enterprise User Provisioning
Beyond Roles: A Practical Approach to Enterprise User Provisioning
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
 
Password Manager: Detailed presentation
Password Manager: Detailed presentationPassword Manager: Detailed presentation
Password Manager: Detailed presentation
 
Standard IAM Business Processes: Corporate / Intranet Deployment
Standard IAM Business Processes: Corporate / Intranet DeploymentStandard IAM Business Processes: Corporate / Intranet Deployment
Standard IAM Business Processes: Corporate / Intranet Deployment
 
The Intersection of Identity Management and Cloud Computing
The Intersection of Identity Management and Cloud ComputingThe Intersection of Identity Management and Cloud Computing
The Intersection of Identity Management and Cloud Computing
 
Moving a Local Food Agenda Through Strategic Messaging
Moving a Local Food Agenda Through Strategic MessagingMoving a Local Food Agenda Through Strategic Messaging
Moving a Local Food Agenda Through Strategic Messaging
 
Why be part of the Clariba Experience?
Why be part of the Clariba Experience?Why be part of the Clariba Experience?
Why be part of the Clariba Experience?
 
Besmettelijke woninginbraken
Besmettelijke woninginbrakenBesmettelijke woninginbraken
Besmettelijke woninginbraken
 
Gladys
GladysGladys
Gladys
 
Keperluan asas haiwan
Keperluan asas haiwanKeperluan asas haiwan
Keperluan asas haiwan
 
The solution
The solutionThe solution
The solution
 
Superchaging big production systems on Firebird: transactions, garbage, maint...
Superchaging big production systems on Firebird: transactions, garbage, maint...Superchaging big production systems on Firebird: transactions, garbage, maint...
Superchaging big production systems on Firebird: transactions, garbage, maint...
 
Quick email best practices overview
Quick email best practices overviewQuick email best practices overview
Quick email best practices overview
 
IE - IMBA application - Mohab Soliman - August 2015 (Question G)
IE - IMBA application - Mohab Soliman - August 2015 (Question G)IE - IMBA application - Mohab Soliman - August 2015 (Question G)
IE - IMBA application - Mohab Soliman - August 2015 (Question G)
 

Similar to Intro to Identity Management

Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business CaseHitachi ID Systems, Inc.
 
Hitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Systems, Inc.
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management StrategyNetIQ
 
Hitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Systems, Inc.
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the CloudRichard Diver
 
Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryProlifics
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraORACLE USER GROUP ESTONIA
 
Mobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama AbushabanMobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama AbushabanOsama Abushaban
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insightruiruitang
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insightruiruitang
 

Similar to Intro to Identity Management (20)

Introduction to Identity Management
Introduction to Identity ManagementIntroduction to Identity Management
Introduction to Identity Management
 
Building an Identity Management Business Case
Building an Identity Management Business CaseBuilding an Identity Management Business Case
Building an Identity Management Business Case
 
Who will guard the guards
Who will guard the guardsWho will guard the guards
Who will guard the guards
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA Compliance
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Identity and Access Lifecycle Automation
Identity and Access Lifecycle AutomationIdentity and Access Lifecycle Automation
Identity and Access Lifecycle Automation
 
Introducing Salesforce Identity
Introducing Salesforce IdentityIntroducing Salesforce Identity
Introducing Salesforce Identity
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Hitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB Compliance
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management Suite
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 
Identity and Security in the Cloud
Identity and Security in the CloudIdentity and Security in the Cloud
Identity and Security in the Cloud
 
Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities Industry
 
SmartERP PeopleSoft Security
SmartERP PeopleSoft Security SmartERP PeopleSoft Security
SmartERP PeopleSoft Security
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi Tara
 
Mobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama AbushabanMobile Services & E-Services Case Study By Osama Abushaban
Mobile Services & E-Services Case Study By Osama Abushaban
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 

More from Hitachi ID Systems, Inc.

How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?Hitachi ID Systems, Inc.
 
Hitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Systems, Inc.
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Systems, Inc.
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication ManagementHitachi ID Systems, Inc.
 

More from Hitachi ID Systems, Inc. (18)

Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Maximizing Value
Maximizing ValueMaximizing Value
Maximizing Value
 
Authentication Management
Authentication ManagementAuthentication Management
Authentication Management
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
 
Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager
Hitachi ID Privileged Access Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Management Suite
Hitachi ID Management SuiteHitachi ID Management Suite
Hitachi ID Management Suite
 
Hitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate Edition
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and Technology
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group Manager
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager Brochure
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication Management
 

Recently uploaded

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Recently uploaded (20)

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

Intro to Identity Management

  • 1. 1 Introduction to Identity Management Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications An overview of business drivers and technology solutions. 2 Identity and Access Needs are Ever-Changing Digital identities require constant Complexity creates delay and reliability administration to reflect business changes: problems: • Who? (Types of users): • Productivity: Employees, contractors, vendors, Slow onboarding, change fulfillment. partners, customers. • Cost: • Why? (Business events): Many FTEs needed to implement security Hire, move, change job function, changes. terminate. • Security: • What? (Change types:) Unreliable access termination, Create/move/disable/delete user, update inappropriate user entitlements. Enforce identity data and entitlements, reset SoD policies. passwords. • Accountability: • Where? (Applications:) Who has access to what? How/when did AD, Exchange, Notes, ERP, Linux/Unix, they get it? database, mainframe, physical assets. © 2011 Hitachi ID Systems, Inc. All rights reserved. 1
  • 2. Slide Presentation 3 IAM in Silos In most organizations, many processes affect many applications. This many-to-many relationship creates complexity: 4 Identity and Access Problems For users For IT support • How to request a change? • Onboarding, deactivation across many • Who must approve the change? apps is challenging. • When will the change be completed? • More apps all the time! • Too many passwords. • What data is trustworthy and what is • Too many login prompts. obsolete? • Not notified of new-hires/terminations on time. • Hard to interpret end user requests. • Who can request, who should authorize changes? • What entitlements are appropriate for each user? • The problems increase as scope grows from internal to external. © 2011 Hitachi ID Systems, Inc. All rights reserved. 2
  • 3. Slide Presentation 5 Identity and Access Problems (continued) For Security / risk / audit For Developers • Orphan, dormant accounts. • Need temporary access (e.g., prod • Too many people with privileged access. migration). • Static admin, service passwords a • Half the code in every new app is the security risk. same: • Weak password, password-reset processes. – Identify. • Inappropriate, outdated entitlements. – Authenticate. • Who owns ID X on system Y? – Authorize. • Who approved entitlement W on system – Audit. Z? – Manage the above. • Limited/unreliable audit logs in apps. • Mistakes in this infrastructure create security holes. 6 Externalize IAM From Application Silos • The problem with IAM is complexity, due to silos. • The obvious solution is to extract IAM functions from system and application silos. • A shared infrastructure for managing users, their authentication factors and their security entitlements is the answer. © 2011 Hitachi ID Systems, Inc. All rights reserved. 3
  • 4. Slide Presentation 7 Integrated IAM Processes Business Processes IT Processes Hire Retire Resign Finish Contract New Application Retire Application Transfer Fire Start Contract Password Expiry Password Reset Identity Management System Users Passwords Operating Directory Application Database E-mail ERP Legacy Mainframe Groups System System App Attributes Systems and Applications 8 Business Drivers for IAM Security / controls. • Reliable deactivation. • Strong authentication. • Appropriate security entitlements. Regulatory • PCI-DSS, SOX, HIPAA, EU Privacy Directive, etc. compliance. • Audit user access rights. IT support costs. • Help desk call volume. • Time/effort to manage access rights. Service / SLA. • Faster onboarding. • Simpler request / approvals process. © 2011 Hitachi ID Systems, Inc. All rights reserved. 4
  • 5. Slide Presentation 9 IAM Strengthens Security • Reliable and prompt global access termination. • Reliable, global answers to "Who has What?" • Access change audit trails. • Sound authentication prior to password resets. • Security policy enforcement: strong passwords, regular password changes, change authorization processes, SoD enforcement, new user standards, etc. • Regulatory compliance: HIPAA, Sarbanes-Oxley, 21CFR11, etc. 10 Cost Savings and Productivity Cost Item Before After Savings Help desk cost of 10,000 x 3 x $25 10,000 x .6 x $13 = $672,000 / year password resets: = $750,000 / year = $78,000 / year New hire lost 10,000 x 10% x 10 x 10,000 x 10% x 1 x = $1.8M / year productivity $400 x 50% $400 x 50% = $2M / year = $200,000 / year Access change 10,000 x 2 x 2 x 10,000 x 2 x 1 x = $800,000 / year lost productivity $400 x 10% $400 x 10% = $1.6M / year = $800,000 / year Password Resets New Users Access Changes Users: 10,000 Staff turnover: 10% Days to change 2 access: Password resets / 3 Days to setup 10 user / year: a new user: Security changes 2 / year per user: Cost per help 25 Value of user $400 / day desk call: productivity: Productivity of 90% users waiting for Productivity of 50% changed access: users waiting for new access: © 2011 Hitachi ID Systems, Inc. All rights reserved. 5
  • 6. Slide Presentation 11 Elements of IAM Identity and access Privileged management solutions Telephone Password User Password Management Provisioning Identity may incorporate many Reset Synchronization Enterprise components, from Role Single Management multiple vendors: Signon Resource Password Access Management Requests Access ID Certification Reconciliation Web System of Single Record Signon Federation Directory Strong Virtual Authentication Directory Hitachi ID Systems Partners 12 Summary • The problem with managing identities, security entitlements, passwords and related data is a business, not a technology problem: – Too many business events, which impact – Too many systems and applications. • Technology solutions are available to address these problems: – Password synchronization and reset – Automated user provisioning and deactivation. – Identity synchronization. – Enforcement of policies using segregation-of-duties and roles. – Periodic access review and cleanup (certification). – Various kinds of single signon. 500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com File: PRCS:pres www.Hitachi-ID.com Date: March 22, 2011