Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
+
Identity Management Landscape
Manjula Sridhar, Founder ArgByte
(with research help Amit, Yash of IIT Kharagpur)
+ Agenda
n  Introduction and Scope
n  Functional Modules .
n  Taxonomy (IAM, IGA, IDaaS).
n  Global Trends for Roadmap...
+ IAM, IGA and IDaaS
IDaaS is all of the above in the cloud or as a Service with reporting thrown in.
User
Administration
...
+ Additional -Software Components
Advanced
Authentication
Two/Multi
factor
Authentication
Hardware,
Software,
Biometric
Au...
+ Landscape: Business v/s Risk
Source : E&Y
+ Global Trends and Scope
Social
Identities
Federation by
Google and FB
Merging of
professional and
personal
Mobile
BYOD
L...
+ Where do you stand ?
n  Maturity Model space is Pretty fuzzy area right now.
n  Many models out there, No standards de...
+ Establishing the Readiness
!
+ Simplified View from Process POV
Source E&Y
+ Needs Assessment
n  Readiness deals with
Organization’s capability to
implement a IAM solution.
n  Translation of the ...
+
Vendor Selection Criteria
•  Features, all of the IGA requirements.Product Architecture
•  Customization support, Servic...
+ Evaluation Checklist
!
+ Magic Quadrant for IDAS
+ Magic Quadrant for IGA
+ Magic Quadrant for Authentication
+ Vendors in PIM
•  Shared account
password management
(SAPM)
•  Privileged session
management (PSM)
•  Super-user privile...
+ CPI Ratings – IGA Vendors
n  Blue Bucket contains companies which has Rating (CPI Rating + Analyst
Rating) > 10
n  Yel...
+
Thanks
Questions ?
Upcoming SlideShare
Loading in …5
×

Workshop on Identity & Access Management.

1,852 views

Published on

Workshop on Identity & Access Management.
(Introduction & Scope,Functional Modules,Taxonomy,Global Trends for Roadmap,Capability Maturity Models,Vendor Selection Criteria, Guide to Vendors in the Landscape, CPI Findings).

Published in: Technology
  • Be the first to comment

Workshop on Identity & Access Management.

  1. 1. + Identity Management Landscape Manjula Sridhar, Founder ArgByte (with research help Amit, Yash of IIT Kharagpur)
  2. 2. + Agenda n  Introduction and Scope n  Functional Modules . n  Taxonomy (IAM, IGA, IDaaS). n  Global Trends for Roadmap. n  Capability Maturity Models. n  Vendors Selection Criteria. n  Guide to Vendors in the landscape. n  CPI (CISO Platform Index) Findings.
  3. 3. + IAM, IGA and IDaaS IDaaS is all of the above in the cloud or as a Service with reporting thrown in. User Administration and Provisioning Identity and Access Governance Identity Governance and Administration (IGA) Identity Life Cycle Access Requests/ Self Service Risk Scoring Policy Enforcem ent Automated Provisioning Role Management Identity Analytics Segregation of Duties Role and Entitlement Mining Reporting
  4. 4. + Additional -Software Components Advanced Authentication Two/Multi factor Authentication Hardware, Software, Biometric Authorization Access Control Rule Based Role based Analytics Repositories Centralized Meta Directory Synchronization Federation/ SSO Access Control to multiple applications Trusted identities outside the domain Privileged Identity Session management Recording Audits Not exhaustive, many newer areas such as threat intelligence, SIEM integration are left out.
  5. 5. + Landscape: Business v/s Risk Source : E&Y
  6. 6. + Global Trends and Scope Social Identities Federation by Google and FB Merging of professional and personal Mobile BYOD Loss of Perimeter Cloud SaaS/IaaS/PaaS Applications in Cloud Varies based on the nature of business (consumer v/s b2b) and verticals.
  7. 7. + Where do you stand ? n  Maturity Model space is Pretty fuzzy area right now. n  Many models out there, No standards defined. (CMM, COBIT..) n  It is possible to define your own, and probably is preferred. But to assess you need the following pre-requisites •  An in-depth knowledge of the state of the technology market segment, which the programs are related to, •  Sufficient information about the maturity status of other organizations, both in the industry sector of the particular organization and in other industry sectors, •  A good understanding of trends that will have an impact on the program and investments and •  A rigorous methodological approach based on reliable information. * Source Dr Horst Walhter of KC
  8. 8. + Establishing the Readiness !
  9. 9. + Simplified View from Process POV Source E&Y
  10. 10. + Needs Assessment n  Readiness deals with Organization’s capability to implement a IAM solution. n  Translation of the CMM models into implementation. WorksheetWorksheet (CPI Reference Questionnaire)
  11. 11. + Vendor Selection Criteria •  Features, all of the IGA requirements.Product Architecture •  Customization support, Services, Languages Deployment and Managed Services Support •  Specific usecase flows. Single sign on support, Vertical domain support if any. Use Case or Vertical Support •  Application Servers, Directories, Mobile Platforms and Cloud applications, IAM standards Interoperability •  Security Models (Role based, Rule based) AuditsProduct Security •  License model, Number of users, Number of Servers Pricing Models
  12. 12. + Evaluation Checklist !
  13. 13. + Magic Quadrant for IDAS
  14. 14. + Magic Quadrant for IGA
  15. 15. + Magic Quadrant for Authentication
  16. 16. + Vendors in PIM •  Shared account password management (SAPM) •  Privileged session management (PSM) •  Super-user privilege management (SUPM) •  Application-to- application password management (AAPM) •  Active Directory (AD) bridging tools
  17. 17. + CPI Ratings – IGA Vendors n  Blue Bucket contains companies which has Rating (CPI Rating + Analyst Rating) > 10 n  Yellow Bucket contains companies which has Rating (CPI Rating + Analyst Rating) < 10 and and rating (CPI Rating + Analyst Rating) > average ratings of reaming companies after excluding Blue Bucket companies . n  Grey – Remaining. !
  18. 18. + Thanks Questions ?

×