Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Cybersecurity Anforderungen in IT Sourcing
Projekten meistern – Ein Leitfaden am
Beispiel Identity & Access Management
Mär...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
Access Management
Connect to 193.99.144.85: done
Last login: Ma...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
Warum Identity und Access Management?
4Copyright © 2017 Capgemini and Sogeti. All Rights Reserved
Identität – Authentifizierung – Authorisierung
by _dChris
5Copyright © 2017 Capgemini and Sogeti. All Rights Reserved
Identität – Authentifizierung – Authorisierung
by Wacko_Photog...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
Accounts vor und nach IAM Assessment
51%
33%
16%
Aktiv Inaktiv ...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
Herausforderung: Prozess vor Tool
Wie oft haben Sie ein Customi...
8
Presentation Title | Date
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
Die Realität: Ausdrucken, markieren...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
data feeds
👦🔑👦
Das Ziel: Ein smarter und schlanker Prozess
Acce...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
by Maximilian Dörrbecker
Herausforderung: Identität = Name
olym...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
 Man benötigt eine eindeutige Identifizierung von
Identitäten!...
Copyright © 2015 Capgemini and Sogeti. All Rights Reserved
Let‘s talk!
by außerirdische sind gesund
Benjamin Bachmann
Head...
The information contained in this presentation is proprietary. Copyright © 2017 Capgemini and Sogeti. All rights reserved....
Upcoming SlideShare
Loading in …5
×

Cybersecurity-Anforderungen in IT-Sourcing-Projekten meistern – Ein Leitfaden am Beispiel Identity & Access Management

1,949 views

Published on

Managing Cybersecurity demands in IT sourcing projects: A guideline using the example of Identity & Access Management. This presentation outlines the topic of Identity & Access Management in complex IT landscapes and IT services supply chains by the help of practical examples and by comparing reality and cyberspace. It also makes recommendations for the access management for organizational IT systems.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Cybersecurity-Anforderungen in IT-Sourcing-Projekten meistern – Ein Leitfaden am Beispiel Identity & Access Management

  1. 1. Cybersecurity Anforderungen in IT Sourcing Projekten meistern – Ein Leitfaden am Beispiel Identity & Access Management März 2017
  2. 2. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved Access Management Connect to 193.99.144.85: done Last login: May 11 19:28:36 2016 DO NOT ENTER NO PUBLIC ACCESS BEYOND THIS POINT root@server ~ $
  3. 3. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved Warum Identity und Access Management?
  4. 4. 4Copyright © 2017 Capgemini and Sogeti. All Rights Reserved Identität – Authentifizierung – Authorisierung by _dChris
  5. 5. 5Copyright © 2017 Capgemini and Sogeti. All Rights Reserved Identität – Authentifizierung – Authorisierung by Wacko_Photographer
  6. 6. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved Accounts vor und nach IAM Assessment 51% 33% 16% Aktiv Inaktiv Verwaist 91% 6% 3% Aktiv Inaktiv Verwaist Eine Studie von Capgemini zeigt, dass mit einem Assessment und der Umsetzung von gezielten Maßnahmen der Anteil an verwaisten und ungültigen Accounts um 80 % reduziert werden kann. AccountszuminitialenAssessment AccountsnachErgreifenvonMaßnahmen
  7. 7. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved Herausforderung: Prozess vor Tool Wie oft haben Sie ein Customizing über den Support des Herstellers hinaus gesehen oder “…, aber wir sind anders” gehört? Der bessere Weg  Anforderungen bestimmen  Die Geschäftsprozesse verstehen  Ausbessern der unzureichenden Prozesse  Sich so nah wie möglich an einer best-practice Lösung orientieren (80/20) Beobachtungen  Die Detaillanforderungen sind höchstwahrscheinlich in verschiedenen Organisationen und Industrien sehr ähnlich z.b.: (De-) Provisionierung, SSO, Gesetzesanforderungen
  8. 8. 8 Presentation Title | Date Copyright © 2015 Capgemini and Sogeti. All Rights Reserved Die Realität: Ausdrucken, markieren, unter- schreiben, einscannen, und wieder von vorne… source by nerdcoregirl
  9. 9. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved data feeds 👦🔑👦 Das Ziel: Ein smarter und schlanker Prozess Access review 👩 Admin or Interface Send out access removal requests 👨 Reviewer Aggregator App.-A App.-B App.-X Access Mgr. 👦 🔐 👦read Jane.Doe@corp.com read John.Doe@corp.comviewAll Review Campaign 2016 No.1 - … remove remove Application-A keep keep Robert.Ross@corp.comadmin removekeep AnothApp 🔍 HR/ID system Appl. repos. view user info view privilege info view audit trail re-assign to line manager Jane.Doe@corp.com read John.Doe@corp.com viewAll Application-A Administ… remove remove Administration form🔨 Robert.Ross@corp.com admin remove re-assign to line manager remove keep remove
  10. 10. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved by Maximilian Dörrbecker Herausforderung: Identität = Name olympic-champions.ru/…Владимир Павлович Муравьёв Wladimir Pawlowitsch Murawjow  Wladimir Pawlowitsch Muravyov  Wladimir Pawlowitsch Myravyev  Wladimir Pawlowitsch Muraviev  Wladimir Pawlowitsch Muraviov  Wladimir Pawlowitsch Murav'ev  Wladimir Pawlowitsch Muravev  Wladimir Pawlowitsch Murav'yev  Wladimir Pawlowitsch Murav'ov  Wladimir Pawlowitsch Muravjov  Wladimir Pawlowitsch Muravjev  Wladimir Pawlowitsch Mouravieff  Wladimir Pawlowitsch Muravieff  Wladimir Pawlowitsch Mouravief  Wladimir Pawlowitsch Muravief  Wladimir Pawlowitsch Muraviof  Wladimir Pawlowitsch Muravioff
  11. 11. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved  Man benötigt eine eindeutige Identifizierung von Identitäten! Lösung: Eindeutige Identifizierung Identitätseigenschaften * Privatsphäre vorausgesetzt Möglicher Datensatz je Identität Vorname Startdatum Nachname Ausscheidedatum Status Geburtsdatum Eindeutige Identi- fizierungsnummer Nationalität Personalnummer (HR) ID Vorgesetzter Account Kostenstelle E-mail Addresse Abteilung Titel / Rolle Standort
  12. 12. Copyright © 2015 Capgemini and Sogeti. All Rights Reserved Let‘s talk! by außerirdische sind gesund Benjamin Bachmann Head of Cyber Security DACH benjamin.bachmann@capgemini.com +49 151 113 742 02 Capgemini Office Offenbach Berliner Strasse 76 63065 Offenbach Germany
  13. 13. The information contained in this presentation is proprietary. Copyright © 2017 Capgemini and Sogeti. All rights reserved. Rightshore® is a trademark belonging to Capgemini. www.sogeti.com/cybersecurity www.capgemini.com/cybersecurity About Capgemini and Sogeti With 180,000 people in over 40 countries, Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. The Group reported 2015 global revenues of EUR 11.9 billion. Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business Experience™, and draws on Rightshore®, its worldwide delivery model. Sogeti is a leading provider of technology and software testing, specializing in Application, Infrastructure and Engineering Services. Sogeti offers cutting-edge solutions around Testing, Business Intelligence & Analytics, Mobile, Cloud and Cyber Security. Sogeti brings together more than 20,000 professionals in 15 countries and has a strong local presence in over 100 locations in Europe, USA and India. Sogeti is a wholly-owned subsidiary of Cap Gemini S.A., listed on the Paris Stock Exchange. Capgemini and Sogeti are experts in IT infrastructure and application integration. Together, we offer a complete range of cybersecurity services to guide and secure the digital transformation of companies and administrations. Our 2,500 professional employees support you in defining and implementing your cybersecurity strategies. We protect your IT, industrial systems, and the Internet of Things (IoT) products & systems. We have the resources to strengthen your defenses, optimize your investments and control your risks. They include our security experts (Infrastructures, Applications, Endpoints, Identity and Access Management), and our R&D team that specializes in malware analysis and forensics. We have ethical hackers, eight security operations centers (SOC) around the world, a Information Technology Security Evaluation Facility, and we are a global leader in the field of testing.

×