IDM & IAM 2012

1,910 views
1,651 views

Published on

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,910
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
103
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

IDM & IAM 2012

  1. 1. IDM/IAM Identity & Access Management Tell me and I’ll forget Sigal Russin ,Show me and I may remember VP & Senior AnalystInvolve me and I’ll understand
  2. 2. Is it identity? 2Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  3. 3. Identity and Access Management Access Identity Directory Control Administration Services Strong Authentication Identity & Organization & Authorization Lifecycle Virtualization Risk Based Access Administration Control Enterprise Role Mng Synchronization Single Sign-On Provisioning & Federation Reconciliation Storage Web Services Security Compliance Automation Audit & ComplianceAudit Data Attestation Fraud Detection Segregation of Duties Controls Management Service Levels Risk Analysis Forensics Configuration Performance Automation 3 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  4. 4. Where to start ?! 4Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  5. 5. Explosion of IDs# of Business PartnersDigital IDs Automation (B2B) Company (B2E) Customers (B2C) Mobility Internet Client Server Mainframe Pre 1980’s 1980’s 1990’s 2000’s Time 5 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  6. 6. “Identity Chaos” Lots of users Multiple and systems repositories required to of identity do business information; Decentralized Multiple user management IDs, multiple , ad hoc data passwords sharing 6Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  7. 7. IDM – Identity Management 7Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  8. 8. 5 Core Elements of ID Management Federated Identity 8Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  9. 9. 5 Core Elements of ID Management 9Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  10. 10. 5 Core Elements of ID Management 10Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  11. 11. What’s next… 11Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  12. 12. Before Implementing Access Management 12Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  13. 13. After Implementing Access Management 13Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  14. 14. Trends Impacting IAM and privacy management sectorsTactical identity• IAM projects will generally be limited in scope and schedule to help ensure success.Identity assurance• Demands for stronger authentication and more mature identity provider infrastructures will raised.• You need to know which providers you are trusting, why, and for what. Gartner, Egham, UK, January 31, 2012, Summit 2012, March 12-13, London 14 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  15. 15. Trends Impacting IAM and privacy management sectorsThe identity bridge• A new architectural component is needed to manage the flow of identity information between cooperating organizations.• The edge of the organization is to look inward and outward simultaneously.Authorization• It will grow more complex and more urgent due to continuing regulatory pressure.• Authorization will assume a place as a first-class business function. Gartner, Egham, UK, January 31, 2012, Summit 2012, March 12-13, London 15 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  16. 16. Trends Impacting IAM and privacy management sectorsThe sea of tokens• The new tokens-and-transformers architecture is more modular, more flexible and more loosely coupled.Policy battles• Privacy and identity theft are having a serious impact on business operations and viability.• The business community, law enforcement and national security communities will continue to fight over identification, privacy laws and regulations. Gartner, Egham, UK, January 31, 2012, Summit 2012, March 12-13, London 16 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  17. 17. Identity Management MarketOverlap without integration causes consternation and cost Around 60 vendors in IDM Directory Authentication Password Management Access Management Provisioning Meta-directory Appliances Virtual Directory 17 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  18. 18. IAMs Biggest Concerns HP Research Report, Security & Risk Management Survey Conducted by Coleman Parkes Research, 2012 18Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  19. 19. Be Aware - Most of IDM projects failed • Allocating human resources for maintenance1 IDM project • Project Leaders: HR with cooperation of IT2 • Support from organizations high management3 • Sharing and training of all organization4 departments 19 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  20. 20. Most of IDM projects failed - Be Aware! • Data Cleansing: job definitions include user5 authorizations • Mirroring to organization processes – workflows will6 maximize ROI • If you choose a product make sure about the integration7 to all organization systems -Learn the product! • Step by Step-integration special groups on AD with one8 organizational system (SAP, billing, CRM etc.) 20 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  21. 21. Market OverviewVendor Access ProvN Passwd Meta AuthNIBMNovellOracleCAMicrosoftNetegrityOblixRSAEntrust = Partner provided 21 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  22. 22. Identity & Access Management - Israeli Market Positioning 1Q10-11 Estimated Technology Penetration Using this technolog y 27% Evaluating IDMIAM Not usingLocal Support 73% Player Worldwide IBM Leader CA Prominent Novell WAM Player Oracle-Sun SAP Quest BMC This analysis should be used with its supporting documents Microsoft Velo (OS) Market Presence 22 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  23. 23. 2012 World Leaders in Cloud Identity Management Market Presence Forrester Survey 23 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  24. 24. Centralize Security Maintain Enforce Control Audit Over Data Policies Assets IDM Benefits Automate Enhance Auditing Visibility Procedures Detect Security, Regulatory 24Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  25. 25. 2013 Will Change Enterprise IDM The rise of stateless identity ID standards Dissolving internal/external boundaries Identity assurance “It’s tough to pull your head up from the static world of on-premises user management to the more dynamic world.” 2013 Planning Guide: Identity and Privacy, by Ian Glazer 25 Sigal Russin’s work Copyright 2012 @STKI Do not remove November 14, 2012graphic or portion of graphic By UCStrategies Staff source or attribution from any
  26. 26. RecommendationsOrganization should translate the business world into projectspecification process Do not try to fit the IDM system to your organization Before starting – define SOW -> Consider alternatives-> POC for business process Organization limits – try to start IDM inside the organization Matching expectations of project initiators, users and decision makersMarketing the project to show the meanings and painfulproblems 26 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  27. 27. RecommendationsSmall steps such as Gradual connection to organization systems,initial provisioning, role based access control etc. Standardization- you don’t need to update the system all the time Organization password policy can take a part on IDM project – SSO on the last stage Workflows- pay attention for duplication or conflict in organizational identities Organizational Tree - reflect the organizational structure in HR and ITEach department has a manager (referant) who responsible formanagement permissions to the same department 27 Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  28. 28. Thank You! Scan Me To Your Contacts: 28Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic

×