SlideShare a Scribd company logo

EIC 2022 - Elimity - Trimming down user access governance to its essentials

M
Maarten Decat

Securing access to data and applications has become a cornerstone of any modern cybersecurity strategy. In the IAM market, user access governance projects have a history of incurring multi-year roll-outs and requiring specialized personnel, making many companies shy away and bear excessive cyber risk. In this space, Elimity tries to break the status quo. As an innovator, Elimity provides a data-driven platform that specifically offers the essentials for user access governance: automated data collection, holistic risk analytics and user-friendly access reviews integrated with ITSM. As a result, the platform lets companies achieve mature access governance in a matter of days, not months. In this presentation, Maarten gives an overview of the essentials of user access governance, showcase the Elimity platform and how it is successfully applied in practice.

Software
1 of 20
Download to read offline
info@elimity.com Trimming down user access governance to its essentials Innovation talk May 12, 2022 - EIC 2022
elimity.com Dr. Maarten Decat Co-founder and CEO maarten@elimity.com Trimming down user access governance to its essentials Innovation talk May 12, 2022 - EIC 2022
IoT devices Customers Cloud services Partners SaaS apps Employees Home office Corporate network Personal devices Mobile devices THE IT LANDSCAPE HAS CHANGED
IoT devices Customers Cloud services Partners SaaS apps Employees Home office Corporate network Personal devices Mobile devices THE IT LANDSCAPE HAS CHANGED
IoT devices Customers Cloud services Partners SaaS apps Employees Home office Corporate network Personal devices Mobile devices WHAT STILL CONNECTS ALL THE PIECES: IDENTITY THE IT LANDSCAPE HAS CHANGED ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS
Secure access IDENTITY HAS ENTERED CYBERSECURITY ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS Good extra reading: www.idsalliance.org SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible
Secure access IDENTITY HAS ENTERED CYBERSECURITY ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS Good extra reading: www.idsalliance.org SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible
SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible IDENTITY HAS ENTERED CYBERSECURITY FOCUS OF IGA MARKET Optimize costs, improve efficiency Multi-year, multi-million projects ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS
SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible IDENTITY HAS ENTERED CYBERSECURITY FOCUS OF IGA MARKET Optimize costs, improve efficiency Multi-year, multi-million projects 90% of the companies out there are not able to regularly review user access
ELIMITY Helping companies take control over who can access what without hassle. NO-NONSENSE APPROACH Think big, take small steps. NO-NONSENSE PLATFORM End-to-end governance cockpit. NO-NONSENSE SECURITY & IDENTITY EXPERTS Don't reinvent the wheel.
THE ESSENTIALS OF USER ACCESS GOVERNANCE To get in control fast, focus on: 1. Creating visibility: build a central view of users and permissions from any application or data source. 2. Reviewing access: involve IT and business to remove unneeded accounts and accesses 3. Monitoring over time to stay on top of the situation at all time. 0 Collect data 1 3 Continuously in control Review Understand Monitor 2 4 Act
| Take control Consolidate control Identify access risks Clean up & monitor Set up identity governance Increase operational efficiency Optimize control Design a role model Design SOD policies Introduce governance processes (requests, reviews, JML) Automate provisioning Improve decision making Improve data quality Review Address violations Get notified of new violations Fundamentally improved cyber security Structural control SECURITY-FIRST IGA IS A NEW JOURNEY Everything we do focuses on cyber security and efficiency: no multi-year IAM roll-outs, but quickly identifying access risk, cleaning up and introducing governance where needed. Go for security improvements in a matter of days, not months or years,
| 8 CATEGORIES OF KEY RISK INDICATORS KEY RISK INDICATORS Orphaned accounts 1 Privileged accounts 2 Access accumulation 3 Identity hygiene 4 Role hygiene 5 Data quality 6 Segregation of duties 7 Business-specific indicators 8 Read the guide: elimity.com/kri-guide Want to know more?
API ... ELIMITY PLATFORM 4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts ALERTS Elimity Insights elimity.com/start-now CHANGE REQUESTS MONITOR UNDERSTAND REVIEW On-premise agent ... Db CSV LDIF 2. File upload connectors 3. Push agents
4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
Start now ✓ ✓ Free Standard Enterprise ITSM integration Library of connectors ✓ ✓ ✓ Task reminders ✓ ✓ ✓ ✓ Single Sign-On Access profiles Monitoring & alerts ✓ ✓ ✓ ✓ Usage logs Virtual private cloud ✓ ✓ Enterprise support Library of security controls ✓ ✓ ✓ Insights & analytics ✓ ✓ ✓ “ Elimity offers unparalleled cost efficiency within identity management. They provide a combination of smart people and smart technology. ─ Stéphan Hellmann, Chief Security Officer, Byblos Bank Europe elimity.com/start-now
| SaaS platform for security-first IGA ABOUT ELIMITY Maarten Decat Co-founder & CEO maarten@elimity.com For more guides, visit: www.elimity.com/guides User Access Screening Solution brief How to prove that you are in control Guide For more customer cases, visit: www.elimity.com/cases MORE RESOURCES Access Certifications as a Service Solution brief Enterprise-wide visibility of users and their accesses Customer case elimity.com/start-now

Recommended

Webinar hiware
Webinar hiwareWebinar hiware
Webinar hiwareSeokminyoon4
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud worldZscaler
 
Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Digital Transformation EXPO Event Series
 
Securing Applications using WSO2 Identity Server and CASQUE
Securing Applications using WSO2 Identity Server and CASQUESecuring Applications using WSO2 Identity Server and CASQUE
Securing Applications using WSO2 Identity Server and CASQUEWSO2
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupCohesive Networks
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital SecurityShawn Wells
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
Successful Industrial IoT Patterns
Successful Industrial IoT PatternsSuccessful Industrial IoT Patterns
Successful Industrial IoT PatternsWSO2
 

Recommended

Webinar hiware
Webinar hiwareWebinar hiware
Webinar hiwareSeokminyoon4
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud worldZscaler
 
Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Turtles, Trust and The Future of Cybersecurity
Turtles, Trust and The Future of Cybersecurity Digital Transformation EXPO Event Series
 
Securing Applications using WSO2 Identity Server and CASQUE
Securing Applications using WSO2 Identity Server and CASQUESecuring Applications using WSO2 Identity Server and CASQUE
Securing Applications using WSO2 Identity Server and CASQUEWSO2
 
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupCohesive Networks
 
2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital Security2017-07-12 GovLoop: New Era of Digital Security
2017-07-12 GovLoop: New Era of Digital SecurityShawn Wells
 
Iot Security and Privacy at Scale
Iot Security and Privacy at ScaleIot Security and Privacy at Scale
Iot Security and Privacy at ScaleWinston Morton
 
Successful Industrial IoT Patterns
Successful Industrial IoT PatternsSuccessful Industrial IoT Patterns
Successful Industrial IoT PatternsWSO2
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldMark Nunnikhoven
 
A Blueprint for Cloud-Native Financial Institutions
A Blueprint for Cloud-Native Financial InstitutionsA Blueprint for Cloud-Native Financial Institutions
A Blueprint for Cloud-Native Financial InstitutionsAngelo Agatino Nicolosi
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation finalAlgoSec
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloudsdevillers
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update SlidesJim Kaplan CIA CFE
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Advanced Web Security Deployment
Advanced Web Security DeploymentAdvanced Web Security Deployment
Advanced Web Security DeploymentCisco Canada
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
WSO2Con EU 2015: IoT in Finance
WSO2Con EU 2015: IoT in FinanceWSO2Con EU 2015: IoT in Finance
WSO2Con EU 2015: IoT in FinanceWSO2
 
Deploy & Manage BYOD and VDI Services
Deploy & Manage BYOD and VDI ServicesDeploy & Manage BYOD and VDI Services
Deploy & Manage BYOD and VDI ServicesCisco Canada
 
digital strategy and information security
digital strategy and information securitydigital strategy and information security
digital strategy and information securityProf. Jacques Folon (Ph.D)
 
Elizabeth Lawler - Devops, security, and compliance working in unison
Elizabeth Lawler - Devops, security, and compliance working in unisonElizabeth Lawler - Devops, security, and compliance working in unison
Elizabeth Lawler - Devops, security, and compliance working in unisonDevSecCon
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...SolarWinds
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesKai Wähner
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...Codemotion
 
Product security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsProduct security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsLabSharegroup
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 

More Related Content

Similar to EIC 2022 - Elimity - Trimming down user access governance to its essentials

Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldMark Nunnikhoven
 
A Blueprint for Cloud-Native Financial Institutions
A Blueprint for Cloud-Native Financial InstitutionsA Blueprint for Cloud-Native Financial Institutions
A Blueprint for Cloud-Native Financial InstitutionsAngelo Agatino Nicolosi
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation finalAlgoSec
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloudsdevillers
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Advanced Web Security Deployment
Advanced Web Security DeploymentAdvanced Web Security Deployment
Advanced Web Security DeploymentCisco Canada
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
WSO2Con EU 2015: IoT in Finance
WSO2Con EU 2015: IoT in FinanceWSO2Con EU 2015: IoT in Finance
WSO2Con EU 2015: IoT in FinanceWSO2
 
Deploy & Manage BYOD and VDI Services
Deploy & Manage BYOD and VDI ServicesDeploy & Manage BYOD and VDI Services
Deploy & Manage BYOD and VDI ServicesCisco Canada
 
Elizabeth Lawler - Devops, security, and compliance working in unison
Elizabeth Lawler - Devops, security, and compliance working in unisonElizabeth Lawler - Devops, security, and compliance working in unison
Elizabeth Lawler - Devops, security, and compliance working in unisonDevSecCon
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...SolarWinds
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesKai Wähner
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...Codemotion
 
Product security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsProduct security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsLabSharegroup
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 

Similar to EIC 2022 - Elimity - Trimming down user access governance to its essentials (20)

Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud World
 
A Blueprint for Cloud-Native Financial Institutions
A Blueprint for Cloud-Native Financial InstitutionsA Blueprint for Cloud-Native Financial Institutions
A Blueprint for Cloud-Native Financial Institutions
 
2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final2018 11-19 improving business agility with security policy automation final
2018 11-19 improving business agility with security policy automation final
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Multi-tenancy In the Cloud
Multi-tenancy In the CloudMulti-tenancy In the Cloud
Multi-tenancy In the Cloud
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Advanced Web Security Deployment
Advanced Web Security DeploymentAdvanced Web Security Deployment
Advanced Web Security Deployment
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
WSO2Con EU 2015: IoT in Finance
WSO2Con EU 2015: IoT in FinanceWSO2Con EU 2015: IoT in Finance
WSO2Con EU 2015: IoT in Finance
 
Deploy & Manage BYOD and VDI Services
Deploy & Manage BYOD and VDI ServicesDeploy & Manage BYOD and VDI Services
Deploy & Manage BYOD and VDI Services
 
digital strategy and information security
digital strategy and information securitydigital strategy and information security
digital strategy and information security
 
Elizabeth Lawler - Devops, security, and compliance working in unison
Elizabeth Lawler - Devops, security, and compliance working in unisonElizabeth Lawler - Devops, security, and compliance working in unison
Elizabeth Lawler - Devops, security, and compliance working in unison
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
 
Log Analytics for Distributed Microservices
Log Analytics for Distributed MicroservicesLog Analytics for Distributed Microservices
Log Analytics for Distributed Microservices
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...
 
Product security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security CertsProduct security by Blockchain, AI and Security Certs
Product security by Blockchain, AI and Security Certs
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 

Recently uploaded

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 

Recently uploaded (20)

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 

EIC 2022 - Elimity - Trimming down user access governance to its essentials

  • 1. info@elimity.com Trimming down user access governance to its essentials Innovation talk May 12, 2022 - EIC 2022
  • 2. elimity.com Dr. Maarten Decat Co-founder and CEO maarten@elimity.com Trimming down user access governance to its essentials Innovation talk May 12, 2022 - EIC 2022
  • 5. IoT devices Customers Cloud services Partners SaaS apps Employees Home office Corporate network Personal devices Mobile devices WHAT STILL CONNECTS ALL THE PIECES: IDENTITY THE IT LANDSCAPE HAS CHANGED ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS
  • 6. Secure access IDENTITY HAS ENTERED CYBERSECURITY ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS Good extra reading: www.idsalliance.org SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible
  • 7. Secure access IDENTITY HAS ENTERED CYBERSECURITY ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS Good extra reading: www.idsalliance.org SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible
  • 8. SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible IDENTITY HAS ENTERED CYBERSECURITY FOCUS OF IGA MARKET Optimize costs, improve efficiency Multi-year, multi-million projects ISO 27001 A.9 Access Control NIST 800-53 Control family: Access Control CIS CONTROLS 14. Controlled Access Based on the Need to Know ISO27001 NIST GDPR SOC2 NIS SOX CIS
  • 9. SECURITY-FIRST IDENTITY GOVERNANCE Ensure that only the right people have the right level of access to the right resources as fast and at the lowest cost possible IDENTITY HAS ENTERED CYBERSECURITY FOCUS OF IGA MARKET Optimize costs, improve efficiency Multi-year, multi-million projects 90% of the companies out there are not able to regularly review user access
  • 10. ELIMITY Helping companies take control over who can access what without hassle. NO-NONSENSE APPROACH Think big, take small steps. NO-NONSENSE PLATFORM End-to-end governance cockpit. NO-NONSENSE SECURITY & IDENTITY EXPERTS Don't reinvent the wheel.
  • 11. THE ESSENTIALS OF USER ACCESS GOVERNANCE To get in control fast, focus on: 1. Creating visibility: build a central view of users and permissions from any application or data source. 2. Reviewing access: involve IT and business to remove unneeded accounts and accesses 3. Monitoring over time to stay on top of the situation at all time. 0 Collect data 1 3 Continuously in control Review Understand Monitor 2 4 Act
  • 12. | Take control Consolidate control Identify access risks Clean up & monitor Set up identity governance Increase operational efficiency Optimize control Design a role model Design SOD policies Introduce governance processes (requests, reviews, JML) Automate provisioning Improve decision making Improve data quality Review Address violations Get notified of new violations Fundamentally improved cyber security Structural control SECURITY-FIRST IGA IS A NEW JOURNEY Everything we do focuses on cyber security and efficiency: no multi-year IAM roll-outs, but quickly identifying access risk, cleaning up and introducing governance where needed. Go for security improvements in a matter of days, not months or years,
  • 13. | 8 CATEGORIES OF KEY RISK INDICATORS KEY RISK INDICATORS Orphaned accounts 1 Privileged accounts 2 Access accumulation 3 Identity hygiene 4 Role hygiene 5 Data quality 6 Segregation of duties 7 Business-specific indicators 8 Read the guide: elimity.com/kri-guide Want to know more?
  • 14. API ... ELIMITY PLATFORM 4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts ALERTS Elimity Insights elimity.com/start-now CHANGE REQUESTS MONITOR UNDERSTAND REVIEW On-premise agent ... Db CSV LDIF 2. File upload connectors 3. Push agents
  • 15. 4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
  • 16. 4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
  • 17. 4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
  • 18. 4 ESSENTIAL BUILDING BLOCKS 1. Easily gather & correlate data from your sources 2. Easily analyse and identify risks 3. Easily review access and initiate changes 4. Monitor over time and send out alerts Elimity Insights elimity.com/start-now
  • 19. Start now ✓ ✓ Free Standard Enterprise ITSM integration Library of connectors ✓ ✓ ✓ Task reminders ✓ ✓ ✓ ✓ Single Sign-On Access profiles Monitoring & alerts ✓ ✓ ✓ ✓ Usage logs Virtual private cloud ✓ ✓ Enterprise support Library of security controls ✓ ✓ ✓ Insights & analytics ✓ ✓ ✓ “ Elimity offers unparalleled cost efficiency within identity management. They provide a combination of smart people and smart technology. ─ Stéphan Hellmann, Chief Security Officer, Byblos Bank Europe elimity.com/start-now
  • 20. | SaaS platform for security-first IGA ABOUT ELIMITY Maarten Decat Co-founder & CEO maarten@elimity.com For more guides, visit: www.elimity.com/guides User Access Screening Solution brief How to prove that you are in control Guide For more customer cases, visit: www.elimity.com/cases MORE RESOURCES Access Certifications as a Service Solution brief Enterprise-wide visibility of users and their accesses Customer case elimity.com/start-now