Identity must be the control point for managing user access.
The key to identity-centric security is that it enables you to connect everyone with everything from everywhere, based on centralized security policies that you create, and that are based on identities.
And, identity-centric security provides a point of protection against identity-based attacks, so that you can detect and repel attacks far more easily.
Security can also be relatively transparent, so that it isn’t getting in the way.
Identity Centric Security is also about the end –user controlling what is shared with a company… so I give you my Facebook account attributes–my name, that I’m female, and I work in IT Security… but not include my home address, my DOB or SS#.
It can also provide analytics to protect the consumer from fraud. example: My credit card was used this AM in Boston, so it can’t be used the same day in London or Paris…
One of the biggest changes in the management of user identities is the inclusion of more business users into the core identity processes. Not just user self-service, but also access requests, certifications, and other functions that have historically required the ability to speak “IT language”.
Business users particularly want a user experience that is: Simple Intuitive Business-oriented Supportive of their unique needs (based on their role).
This requires new approaches to managing and delivering the user experience for identity management.
These are the demands that business users make on the identity management system. This puts stresses on IT management because the old model of managing identities cannot usually meet these demands.
The CA Portal is what unifies the user experience across the management and governance functions. And, the user interface is simply, intuitive, and helps improve user productivity.
Business users can now onboard other users into the environment, a task which was very administrative.
With the new portal they can even perform those operation in bulk.
The user experience is similar to daily activities performed (shopping cart experience) which makes for very short user adoption process that requires minimal training.
Users know at any given time the exact status of their request, who approved it already and who it’s pending with. This helps reduce calls from users trying to find the status of their requests.
Managers have all the information in one portal and that includes certification campaigns.
Risk score is calculated dynamically in real-time based on user’s attributes and permissions
Risks can also prevent the user from performing an access request
The App Launchpad enables users to have a single, easy to use, portal where they can access all their applications. It is supported across all devices.
Result: Improved user satisfaction and higher productivity
The Identity Portal mobile application is not a native application. The following modules are available from the mobile application: Approval Tasks (approve/reject requests) Certification Campaigns (approve/reject campaign item) View my submitted requests Launch applications (the application launcher is available from 1.6)
Easy and quick way to brand the portal to look like the customer's portal without any scripting or coding
We can’t forget the core identity management and governance functions. These are what enables IT to grant, and govern access to apps and data to their users.
And, it needs to be efficient. IT needs to get a fast return on the investment, and the total cost of ownership must be controlled.
Summing it all up:
Identity Suite provides these capabilities for both IT and the Business
Which provide these key benefits to both IT and the Business
CA Symposium GIA Québec - CA Identity Suite - Mike Berthold
Mike Berthold – Consultant principal
30 septembre 2015
ISACA – Symposium GIA Québec 2015
CA Identity Suite