Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Force Cyber Criminals to Shop Elsewhere

1,562 views

Published on

Force Cyber Criminals to Shop Elsewhere
Learn the value of having an Identity Management and Governance solution and how retailers today are benefiting by strengthening their defenses and bolstering their Identity Management capabilities.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Force Cyber Criminals to Shop Elsewhere

  1. 1. 1 © Copyright 2015 EMC Corporation. All rights reserved. Force Cyber Criminals to Shop Elsewhere
  2. 2. 2 © Copyright 2015 EMC Corporation. All rights reserved. Introductions - Our Presenters Rob Sadowski Director, Technology Solutions Kimberlee Bachman Senior Product Marketing Manager, IAM Solutions
  3. 3. 3 © Copyright 2015 EMC Corporation. All rights reserved. • Cyber Security Challenges in Retail • Identity Challenges in Retail • Solution Best Practices • RSA Identity Management and Governance • Use Cases • Q&A Agenda
  4. 4. 4 © Copyright 2015 EMC Corporation. All rights reserved. Security Concerns in Retail Need to protect customer data and intellectual property Need to secure critical systems Cyber criminals focusing on retailersRecent wave of retailer breaches
  5. 5. 5 © Copyright 2015 EMC Corporation. All rights reserved. • Payment card data • Emphasis on compliance • High employee turnover Why Are Retailers an Attractive Target?
  6. 6. 6 © Copyright 2015 EMC Corporation. All rights reserved. Payment Card Information Customer Purchase and Loyalty Information Intellectual Property Cyber criminals do not discriminate against data, they’ll take it all Concern: More Than Just Payment Card Data
  7. 7. 7 © Copyright 2015 EMC Corporation. All rights reserved. Retailers’ Identity Specific Concerns Compliance Access to Data Role Management Access Governance Managing Identity Lifecycle
  8. 8. 8 © Copyright 2015 EMC Corporation. All rights reserved. Employee Timeline Highlights Identity Concerns ReviewJoins LeavesRequest Review & Revoke Roles & Suggested Entitlements Roles & Suggested Entitlements Moves
  9. 9. 9 © Copyright 2015 EMC Corporation. All rights reserved. Regular Access Reviews Put process in place to stay audit compliant and know who has access to what Business Driven Access Reviews Fine Grained Entitlement Visibility Remain Audit Compliant Lower Organizational Risk
  10. 10. 10 © Copyright 2015 EMC Corporation. All rights reserved. Governing Access With Policies Policies help automate access governance and improve workforce management Joiner Mover Leaver Time Based Segregation of Duties
  11. 11. 11 © Copyright 2015 EMC Corporation. All rights reserved. Many People in Small Number of Roles Corporate Users Hourly Workers Contractors
  12. 12. 12 © Copyright 2015 EMC Corporation. All rights reserved. Governing Privileged Access (PAM) Know what accounts have extra privilege and make sure that’s appropriate Avoid any one admin or user having too much access to valuable information Manage employees, vendors and contractors Review who has privileged access
  13. 13. 13 © Copyright 2015 EMC Corporation. All rights reserved. Keeping Compliant PCI DSS HIPAA SOX Data Privacy
  14. 14. 14 © Copyright 2015 EMC Corporation. All rights reserved. RSA Identity Management and Governance (IMG)
  15. 15. 15 © Copyright 2015 EMC Corporation. All rights reserved. RSA IAM Enabling trusted interactions between identities and information Applications/Data/Resources Identity Lifecycle Compliance Access Platform Governance Platform Federation/SSO Authentication Employees/Partners/Customers Provisioning Identity Intelligence
  16. 16. 16 © Copyright 2015 EMC Corporation. All rights reserved. Shift Decision Making and Accountability to the Business Centralized Identity & Business Context Business Process-Driven Policy-Based Automation Business-Driven Approach to Governance
  17. 17. 17 © Copyright 2015 EMC Corporation. All rights reserved. A Phased Approach Role & Group Management Access RequestPolicy Management Provisioning Visibility & Certification Account & Entitlement Collection Access Reviews Segregation of Duties Role Discovery & Definition Role Maintenance Group Analysis & Cleanup Access Request Portal Policy-Based Change Management Joiners, Movers, and Leavers Task Notification Service Desk Integration Data Visibility Automated Provisioning Compliance Controls
  18. 18. 18 © Copyright 2015 EMC Corporation. All rights reserved. RSA IMG Retail Use Cases
  19. 19. 19 © Copyright 2015 EMC Corporation. All rights reserved. Point of Sale Monitoring IMG Helps Retail Customers Achieve Success Challenge Solution No way of knowing which Point of Sale kiosk is being used and when Grant entitlements to individual POS kiosks and name them by region
  20. 20. 20 © Copyright 2015 EMC Corporation. All rights reserved. Unowned Accounts IMG Helps Retail Customers Achieve Success Challenge Solution There are many unowned accounts Removed orphaned accounts
  21. 21. 21 © Copyright 2015 EMC Corporation. All rights reserved. Seasonal Workers & Contractors IMG Helps Retail Customers Achieve Success Challenge Solution Concerned with seasonal workers and contractors having access for the right period of time Policies allow access to be granted for a set amount of time to the right applications
  22. 22. 22 © Copyright 2015 EMC Corporation. All rights reserved. Operational Challenges IMG Helps Retail Customers Achieve Success Challenge Solution There is operational inefficiency at the store level Can put workflow in place to manage operations
  23. 23. 23 © Copyright 2015 EMC Corporation. All rights reserved. Q&A
  24. 24. EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.

×