Nell’iperspazio con Rocket: il Framework Web di Rust!
A smarter way to manage identities
1. A Smarter Way to Manage Identity
Challenges and opportunities in Identity
and Access Management
Overview
The financial risk you cannot afford
Unauthorized access to your information assets can
put you at huge risk. Hackers and rogue employees
can penetrate your network, destroy data or use the
proprietary information they've found for their own
financial gain. They can even make the entire network
unusable, resulting in expensive downtime and lost
productivity. These repercussions have been so significant
in recent years that the government has instituted new
compliance mandates and policies to help promote the
safety of sensitive information. Today, you simply cannot
afford to operate business as usual without effective,
business-aligned identity and access management (IAM) in
place.
The problem
Rein in untethered user identities
Industries that transfer highly private information, such
as patient data, credit card numbers or banking records,
are governed by an ever-evolving set of regulations,
including those established by the Securities and Exchange
Commission (SEC), Sarbanes-Oxley (SOX), the Federal
Financial Institutions Examination Council (FIEC), Health
Information Technology for Economic and Clinical Health
(HITECH), Health Insurance Portability and Accountability
ACT (HIPAA) and the Payment Card Industry (PCI). The list
of regulations continues to grow and demands strong
system controls and improved audit performance.
To add to the complexity, as more and more employees
use social networks and bring their own laptops, tablets
and smartphones to work, there are more users to manage
and a blend of personal and professional identities to
administer. Provisioning each device can become an
unmanageable support issue — especially when you are
scaling to thousands of users with dozens of operating
system (OS) platforms and hundreds of applications. While
enabling new information channels creates opportunities,
proactively managing access requests for various devices
that may access your network in an ad-hoc manner — and
applying a security policy to govern the flow of data from
one endpoint to another — is a daunting challenge. But,
to protect your assets and maximize opportunities, it is
essential. Deloitte and SailPoint can help.
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please
see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its
subsidiaries. Certain services may not be available to attest clients under the rules and regulations of
public accounting.
2. 2
A fresh approach
Together, we're stronger
Deloitte and SailPoint join forces to help companies
mitigate the risks associated with securing information and
data. This alliance offers end-to-end support from strategy
and design to implementation. We work as a team with
our clients to enable them to identify their vulnerabilities,
pinpoint their risks, evaluate business processes, prioritize
controls, and select and implement enabling technologies
that make it easier to automatically comply with
industry mandates and governance requirements. Our
collective goal is to protect your information assets from
unauthorized access and use — and also position you to
meet future challenges and embrace the opportunities of
next-generation technologies.
The framework to which you aspire. The
technology to get you there.
Deloitte's IAM framework is composed of nine primary
IAM components (as represented in Figure 1) that can
be applied individually or in combination to meet the
requirements of an organization and its diverse user base,
including employees, customers, contractors and business
partners. Both organizational and technical elements are
considered in this framework, which helps drive adoption
and effective integration of an IAM solution. These
elements include:
• Oversight considerations: governance, organizational
operating model, key performance indicators (KPI), and
management dashboard reporting
• IAM inputs: business process integration and
interaction, user interaction and experience,
regulatory impact and compliance requirements, and
standardization and simplification technologies
• Technical integration: business applications,
infrastructure components, other security and reporting
solutions, and emerging technologies
• Ongoing support: internal runtime operational
structure or utilization of an external application
management service
Deloitte takes a broad,business focused approach to
addressing the IAM lifecycle — from hiring to termination.
The first step in our methodology is to understand where
your digital identities live — in enterprise, cloud, or siloed
services, what they can access, and to which job functions
and processes they correspond. Then, using our role
management for enterprises (RM4E) methodology, we
help organizations build IAM solutions that interface with
business processes to make access to specific functions
more intuitive and streamlined. Our client services
surrounding RM4E include:
• Developing a role-based access controls (RBAC) strategy
and roadmap
• Defining rationalized and sustainable enterprise role life
cycle management processes
• Role engineering — creating 'enterprise roles' that
focus on a business view of user access
• Deployment of SailPoint IdentityIQ leveraging the role
model we design to automate critical IAM processes
from identity governance and user provisioning to
access management
3. 3
“Deloitte continues to be a leader
with exceptional client feedback”
in Information Security
Consulting Services.
Forrester Research Inc., Forrester WaveTM
: Information Security Consulting Services Q1 2013, Ed
Ferrara and Andrew Rose, February 1, 2013
With Deloitte's services and SailPoint's solutions, our clients
can gain the peace of mind that comes from knowing their
security and privacy challenges are being addressed from
an industry, process, people, and technology perspective.
Deloitte and SailPoint work together to assist you in
managing identities and access across the enterprise —
from the data center to the cloud — with services and
solutions focused on:
• Identity Governance — Information Technology (IT)
managers can take a risk-based approach to IAM by
establishing corporate policies based on user roles,
entitlements or activity. Users can have the ability
to effectively and efficiently drive compliance by
automating access certifications, proactively detecting
policy violations, and managing on-going audit needs.
Deloitte and SailPoint solutions can help you comply
with growing regulatory mandates in a cost efficient
and more effective way.
• User Provisioning — With an easy-to-use, governance-
based platform, business users and IT teams can
manage who has access to what across all enterprise
systems — from the data center to the cloud. Controls
are put in place to centrally automate management of
user access by leveraging business policy, roles, and risk
factors.
• Access Management — Users are empowered with
convenient single sign-on (SSO) access to cloud, web,
and mobile applications — from any device, anywhere
in the world. At the same time, it helps IT to effectively
apply security policies, detect violations, and establish
regulatory compliance.
The combined Deloitte and SailPoint approach can help
you boost user productivity while maintaining a tight
governance structure over user access to important
enterprise systems and applications. Once deployed,
Deloitte oversees a transition of the IAM solution,
providing the knowledge transfer and documentation
needed to support IAM operations going forward. What's
more, Deloitte can provide ongoing support of the
deployed solution for those clients looking to outsource
the capability.
The Deloitte difference
With nearly 15 years of IAM experience, Deloitte is a
recognized leader in developing and implementing IAM
solutions across industries. Deloitte has one of the largest
teams of professionals focused on IAM, with a footprint of
more than 500 professionals anchored in North America
and India. We help both large and small enterprises with:
• Customized IAM solutions designed to meet our clients'
unique environments.
• Subject matter experience in project planning, technical
deployment, customization, architecture development,
project oversight and vendor alliance relationships.
• A scalable, integrated service model that offers onshore
and offshore delivery options.
• A global perspective on the IAM marketplace.
• Industry knowledge and experience delivering
IAM solutions across financial services, healthcare,
commercial, manufacturing, utility, and state and local
government markets.