SlideShare a Scribd company logo

2017 Gartner IAM Summit

Download as PPTX, PDF
Nicki Sonpar
Nicki Sonpar

Overview of how FINRA evaluated several IAM vendors based on key enterprise requirements.

Internet
1 of 21
Nicki Sonpar, Director Managing the Modernization Process
About me …. • 25 years of Product Dev • Special interests in Systems, Embedded & Identity Management • Moved to Maryland in 2005 • Wife, twin teenage daughters, cockatiel and chihuahua • Love music!
FINRA’s Mission Investor protection Market integrity
Volume brokers shares traded in U.S. 12 firms 3,900 641,000 markets/ exchanges 6 billion
Planning a Journey…
The Destination • Strategically: improve Identity Management and raise security profile • Tactically: migrate off current technology by the end of 2018 • Practically: select a vendor, architect and implement the solution
FINRA Identity Platform (FIP) Features A single Identity Management Platform which supports all internal and external users • 24/7/365 Uptime • Multiple usage models: Web Applications and APIs • Flexible authentication: single factor, multi-factor, adaptive • In the cloud
Current State • Multiple Identity Stores, each with its own Authentication stack • One way federation • On-Prem solution In spite of all this complexity, authentication infrastructure is very reliable!
More Enterprise Considerations … • Must control and retain all identities and credentials • Single Sign On (SSO) : once authenticated, user is not challenged again • No Big-bang migration of all 90 applications • No code change to existing applications
The Journey Begins …..
Know What You Want Put all functional requirements into one easy-to-read deck: • Consolidate your thoughts • Get signoff from key stakeholders • Validate the requirements with vendors
Select Possible Vendors Our 3 steps: 1. Review requirements with Gartner and select possible vendors 2. Analyze all vendors and choose three finalists 3. Finalists should confirm they can meet the requirements
Validate Key Features We demonstrated all critical features in our environment. All three vendors would have been able to demo all the functionality in their sandbox. Our complex legacy environment really tested the integration capabilities of the vendors.
Remote Identity Stores are Challenging Out of the 3 selected vendors, one could not access our Identity Stores in an acceptable manner Vendors make assumptions about controlling the identity store, especially in the cloud. As a policy, FINRA will not let 3rd parties control the identity store.
Zero-downtime Deployments • Zero downtime was a key goal • Need to customize ForgeRock’s configuration stores for this goal Zero-downtime is very difficult. Several ways to implement, each with their own trade-offs.
Application Migration • Staged migration requires interoperability between the legacy system and ForgeRock • Build an ”authentication bridge” between both systems Have a well-thought out rollout and focus on the customer experience. This is especially challenging when you need to integrate with legacy systems.
Two Viable Vendors All necessary features were demonstrated by ForgeRock and one other vendor Even though both vendors implemented key requirements, their implementations were quite different. Both solutions had strengths and weaknesses.
Why ForgeRock? These were the key factors for FINRA: 1. Access to source code allows for customization 2. ForgeRock APIs are in-line with FINRA’s micro-service vision 3. Better engagement with Product Management Customizing ForgeRock is not for every organization!
Enterprise Considerations • Keep all key stakeholders looped in • Demo to application teams, INFOSEC and architects • Create internal training around Identity Management • Develop a strong partnership with ForgeRock
My Thoughts on the Future … Onboarding and multi-factor is making Identity Management more challenging. There needs to be a trusted identity broker in the financial space.
Questions?

Recommended

Launch of a white label bitcoin exchange
Launch of a white label bitcoin exchangeLaunch of a white label bitcoin exchange
Launch of a white label bitcoin exchangeKiruthika Mohan
 
SAP Fiori for Fashion - by attune
SAP Fiori for Fashion - by attuneSAP Fiori for Fashion - by attune
SAP Fiori for Fashion - by attuneattune Consulting
 
FICAM Impact On Enterprise Architecture And Applications
FICAM Impact On Enterprise Architecture And ApplicationsFICAM Impact On Enterprise Architecture And Applications
FICAM Impact On Enterprise Architecture And ApplicationsSalvatore D'Agostino
 
SPI Products Innovation
SPI Products InnovationSPI Products Innovation
SPI Products InnovationSPI Conference
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud ServiceForgeRock
 
Excellence of delivery
Excellence of deliveryExcellence of delivery
Excellence of deliveryPaulo Fernandes
 
Monitoring and Management of BizTalk Server - using BizTalk360
Monitoring and Management of BizTalk Server - using BizTalk360Monitoring and Management of BizTalk Server - using BizTalk360
Monitoring and Management of BizTalk Server - using BizTalk360BizTalk360
 

Recommended

Launch of a white label bitcoin exchange
Launch of a white label bitcoin exchangeLaunch of a white label bitcoin exchange
Launch of a white label bitcoin exchangeKiruthika Mohan
 
SAP Fiori for Fashion - by attune
SAP Fiori for Fashion - by attuneSAP Fiori for Fashion - by attune
SAP Fiori for Fashion - by attuneattune Consulting
 
FICAM Impact On Enterprise Architecture And Applications
FICAM Impact On Enterprise Architecture And ApplicationsFICAM Impact On Enterprise Architecture And Applications
FICAM Impact On Enterprise Architecture And ApplicationsSalvatore D'Agostino
 
SPI Products Innovation
SPI Products InnovationSPI Products Innovation
SPI Products InnovationSPI Conference
 
WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2 Enterprise Integrator 101
WSO2 Enterprise Integrator 101WSO2
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud ServiceForgeRock
 
Excellence of delivery
Excellence of deliveryExcellence of delivery
Excellence of deliveryPaulo Fernandes
 
Monitoring and Management of BizTalk Server - using BizTalk360
Monitoring and Management of BizTalk Server - using BizTalk360Monitoring and Management of BizTalk Server - using BizTalk360
Monitoring and Management of BizTalk Server - using BizTalk360BizTalk360
 
Forefront Identity Manager
Forefront Identity ManagerForefront Identity Manager
Forefront Identity ManagerMASIT MACEDONIA
 
WSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2
 
Automation of banquet hall system
Automation of banquet hall systemAutomation of banquet hall system
Automation of banquet hall systemJyotiRaj18
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTGlobal Online Trainings
 
Connecting the Retail Industry
Connecting the Retail IndustryConnecting the Retail Industry
Connecting the Retail IndustryWSO2
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursForgeRock
 
ogil_trader_for_underwriting_factsheet_06-15-web[1]
ogil_trader_for_underwriting_factsheet_06-15-web[1]ogil_trader_for_underwriting_factsheet_06-15-web[1]
ogil_trader_for_underwriting_factsheet_06-15-web[1]JOHN SEXTON
 
Magento Meetup Mancheter with PushON: Elena Leonova
Magento Meetup Mancheter with PushON: Elena Leonova Magento Meetup Mancheter with PushON: Elena Leonova
Magento Meetup Mancheter with PushON: Elena Leonova PushON Ltd
 
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...BizTalk360
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An IntroductionForgeRock
 
Rxt demo-part3
Rxt demo-part3Rxt demo-part3
Rxt demo-part3WSO2
 
FakeProof , the Anti-Counterfeiting and Product Tracking Solution
FakeProof , the Anti-Counterfeiting and Product Tracking SolutionFakeProof , the Anti-Counterfeiting and Product Tracking Solution
FakeProof , the Anti-Counterfeiting and Product Tracking SolutionAmit Sharma
 
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-PremiseOptimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-Premisemycroftinc
 
Crypto Wallet Developer Company1.pptx
Crypto Wallet Developer Company1.pptxCrypto Wallet Developer Company1.pptx
Crypto Wallet Developer Company1.pptxMetaboxfyy
 
Cloud Forge Rock
Cloud Forge RockCloud Forge Rock
Cloud Forge RockAtlas Systems
 
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2DianaGray10
 
Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Andy Milsark
 
Myths of validation
Myths of validationMyths of validation
Myths of validationJeff Thomas
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2
 
Identity Live Sydney 2017 - Ian Sorbello
Identity Live Sydney 2017 - Ian SorbelloIdentity Live Sydney 2017 - Ian Sorbello
Identity Live Sydney 2017 - Ian SorbelloForgeRock
 
API Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAPI Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAkana
 

More Related Content

What's hot

Forefront Identity Manager
Forefront Identity ManagerForefront Identity Manager
Forefront Identity ManagerMASIT MACEDONIA
 
WSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2
 
Automation of banquet hall system
Automation of banquet hall systemAutomation of banquet hall system
Automation of banquet hall systemJyotiRaj18
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTGlobal Online Trainings
 
Connecting the Retail Industry
Connecting the Retail IndustryConnecting the Retail Industry
Connecting the Retail IndustryWSO2
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursForgeRock
 
ogil_trader_for_underwriting_factsheet_06-15-web[1]
ogil_trader_for_underwriting_factsheet_06-15-web[1]ogil_trader_for_underwriting_factsheet_06-15-web[1]
ogil_trader_for_underwriting_factsheet_06-15-web[1]JOHN SEXTON
 
Magento Meetup Mancheter with PushON: Elena Leonova
Magento Meetup Mancheter with PushON: Elena Leonova Magento Meetup Mancheter with PushON: Elena Leonova
Magento Meetup Mancheter with PushON: Elena Leonova PushON Ltd
 
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...BizTalk360
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An IntroductionForgeRock
 
Rxt demo-part3
Rxt demo-part3Rxt demo-part3
Rxt demo-part3WSO2
 

What's hot (11)

Forefront Identity Manager
Forefront Identity ManagerForefront Identity Manager
Forefront Identity Manager
 
WSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and RoadmapWSO2 Cloud Platform: Vision and Roadmap
WSO2 Cloud Platform: Vision and Roadmap
 
Automation of banquet hall system
Automation of banquet hall systemAutomation of banquet hall system
Automation of banquet hall system
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
 
Connecting the Retail Industry
Connecting the Retail IndustryConnecting the Retail Industry
Connecting the Retail Industry
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
 
ogil_trader_for_underwriting_factsheet_06-15-web[1]
ogil_trader_for_underwriting_factsheet_06-15-web[1]ogil_trader_for_underwriting_factsheet_06-15-web[1]
ogil_trader_for_underwriting_factsheet_06-15-web[1]
 
Magento Meetup Mancheter with PushON: Elena Leonova
Magento Meetup Mancheter with PushON: Elena Leonova Magento Meetup Mancheter with PushON: Elena Leonova
Magento Meetup Mancheter with PushON: Elena Leonova
 
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
Sweden BizTalk User Group presentation - Monitoring and Management using BizT...
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An Introduction
 
Rxt demo-part3
Rxt demo-part3Rxt demo-part3
Rxt demo-part3
 

Similar to 2017 Gartner IAM Summit

FakeProof , the Anti-Counterfeiting and Product Tracking Solution
FakeProof , the Anti-Counterfeiting and Product Tracking SolutionFakeProof , the Anti-Counterfeiting and Product Tracking Solution
FakeProof , the Anti-Counterfeiting and Product Tracking SolutionAmit Sharma
 
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-PremiseOptimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-Premisemycroftinc
 
Crypto Wallet Developer Company1.pptx
Crypto Wallet Developer Company1.pptxCrypto Wallet Developer Company1.pptx
Crypto Wallet Developer Company1.pptxMetaboxfyy
 
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2DianaGray10
 
Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Andy Milsark
 
Myths of validation
Myths of validationMyths of validation
Myths of validationJeff Thomas
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2
 
Identity Live Sydney 2017 - Ian Sorbello
Identity Live Sydney 2017 - Ian SorbelloIdentity Live Sydney 2017 - Ian Sorbello
Identity Live Sydney 2017 - Ian SorbelloForgeRock
 
API Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAPI Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAkana
 
Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...
Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...
Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...AgileNetwork
 
Alineación de requerimientos y pruebas de software
Alineación de requerimientos y pruebas de softwareAlineación de requerimientos y pruebas de software
Alineación de requerimientos y pruebas de softwareSoftware Guru
 
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 DusseldorfHSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 DusseldorfForgeRock
 
Blockchain: Beyond the Hype
Blockchain: Beyond the HypeBlockchain: Beyond the Hype
Blockchain: Beyond the HypePerficient, Inc.
 
Leveraging Technology To Become An Omnichannel Champion
Leveraging Technology To Become An Omnichannel ChampionLeveraging Technology To Become An Omnichannel Champion
Leveraging Technology To Become An Omnichannel ChampionG3 Communications
 
Designing Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase SecurityDesigning Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase Securitylawmoore
 

Similar to 2017 Gartner IAM Summit (20)

FakeProof , the Anti-Counterfeiting and Product Tracking Solution
FakeProof , the Anti-Counterfeiting and Product Tracking SolutionFakeProof , the Anti-Counterfeiting and Product Tracking Solution
FakeProof , the Anti-Counterfeiting and Product Tracking Solution
 
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-PremiseOptimizing IAM with Single Sign-On From the Cloud to On-Premise
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
 
Crypto Wallet Developer Company1.pptx
Crypto Wallet Developer Company1.pptxCrypto Wallet Developer Company1.pptx
Crypto Wallet Developer Company1.pptx
 
Cloud Forge Rock
Cloud Forge RockCloud Forge Rock
Cloud Forge Rock
 
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
Efficiencies in RPA with UiPath and CyberArk Technologies - Session 2
 
Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
Identity Live Sydney 2017 - Ian Sorbello
Identity Live Sydney 2017 - Ian SorbelloIdentity Live Sydney 2017 - Ian Sorbello
Identity Live Sydney 2017 - Ian Sorbello
 
API Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of MicroservicesAPI Adoption Patterns in Banking & The Promise of Microservices
API Adoption Patterns in Banking & The Promise of Microservices
 
Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...
Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...
Agile Chennai 2023 | Agile story with new age leadership and empiricism - She...
 
BizProjects
BizProjectsBizProjects
BizProjects
 
BusinessProjects.com Market Segmentation and Entry Project
BusinessProjects.com Market Segmentation and Entry ProjectBusinessProjects.com Market Segmentation and Entry Project
BusinessProjects.com Market Segmentation and Entry Project
 
Alineación de requerimientos y pruebas de software
Alineación de requerimientos y pruebas de softwareAlineación de requerimientos y pruebas de software
Alineación de requerimientos y pruebas de software
 
PPT_Template_4.pptx
PPT_Template_4.pptxPPT_Template_4.pptx
PPT_Template_4.pptx
 
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 DusseldorfHSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
 
Blockchain: Beyond the Hype
Blockchain: Beyond the HypeBlockchain: Beyond the Hype
Blockchain: Beyond the Hype
 
Leveraging Technology To Become An Omnichannel Champion
Leveraging Technology To Become An Omnichannel ChampionLeveraging Technology To Become An Omnichannel Champion
Leveraging Technology To Become An Omnichannel Champion
 
Designing Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase SecurityDesigning Flexibility in Software to Increase Security
Designing Flexibility in Software to Increase Security
 

Recently uploaded

Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsrahman018755
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样ayvbos
 
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowHUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowIdeoholics
 
Abortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
Abortion Pills In Jeddah+966572737505 & Get cytotec JeddahAbortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
Abortion Pills In Jeddah+966572737505 & Get cytotec Jeddahmarufhussain782445
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制pxcywzqs
 
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样Fi
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...APNIC
 
Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...
Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...
Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...mikehavy0
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理F
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书AS
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样ayvbos
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Dewi Agency
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样AS
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理apekaom
 
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样AS
 
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformonhackersuli
 
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证hfkmxufye
 

Recently uploaded (20)

Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirtsDown bad crying at the gym t shirts
Down bad crying at the gym t shirtsDown bad crying at the gym t shirts
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download NowHUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
HUMANIZE YOUR BRAND - FREE E-WORKBOOK Download Now
 
Abortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
Abortion Pills In Jeddah+966572737505 & Get cytotec JeddahAbortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
Abortion Pills In Jeddah+966572737505 & Get cytotec Jeddah
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
一比一原版(UWE毕业证书)西英格兰大学毕业证原件一模一样
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...
Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...
Abortion Clinic in Germiston +27791653574 WhatsApp Abortion Clinic Services i...
 
一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理一比一原版犹他大学毕业证如何办理
一比一原版犹他大学毕业证如何办理
 
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
一比一定制(Waikato毕业证书)新西兰怀卡托大学毕业证学位证书
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303Loker Pemandu Lagu LC Semarang 085746015303
Loker Pemandu Lagu LC Semarang 085746015303
 
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
一比一原版(毕业证书)新西兰怀特克利夫艺术设计学院毕业证原件一模一样
 
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
一比一原版桑佛德大学毕业证成绩单申请学校Offer快速办理
 
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
一比一原版(Wintec毕业证书)新西兰怀卡托理工学院毕业证原件一模一样
 
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
[Hackersuli] Élő szövet a fémvázon: Python és gépi tanulás a Zeek platformon
 
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
如何办理(UCLA毕业证)加州大学洛杉矶分校毕业证成绩单本科硕士学位证留信学历认证
 

2017 Gartner IAM Summit

  • 1. Nicki Sonpar, Director Managing the Modernization Process
  • 2. About me …. • 25 years of Product Dev • Special interests in Systems, Embedded & Identity Management • Moved to Maryland in 2005 • Wife, twin teenage daughters, cockatiel and chihuahua • Love music!
  • 4. Volume brokers shares traded in U.S. 12 firms 3,900 641,000 markets/ exchanges 6 billion
  • 6. The Destination • Strategically: improve Identity Management and raise security profile • Tactically: migrate off current technology by the end of 2018 • Practically: select a vendor, architect and implement the solution
  • 7. FINRA Identity Platform (FIP) Features A single Identity Management Platform which supports all internal and external users • 24/7/365 Uptime • Multiple usage models: Web Applications and APIs • Flexible authentication: single factor, multi-factor, adaptive • In the cloud
  • 8. Current State • Multiple Identity Stores, each with its own Authentication stack • One way federation • On-Prem solution In spite of all this complexity, authentication infrastructure is very reliable!
  • 9. More Enterprise Considerations … • Must control and retain all identities and credentials • Single Sign On (SSO) : once authenticated, user is not challenged again • No Big-bang migration of all 90 applications • No code change to existing applications
  • 11. Know What You Want Put all functional requirements into one easy-to-read deck: • Consolidate your thoughts • Get signoff from key stakeholders • Validate the requirements with vendors
  • 12. Select Possible Vendors Our 3 steps: 1. Review requirements with Gartner and select possible vendors 2. Analyze all vendors and choose three finalists 3. Finalists should confirm they can meet the requirements
  • 13. Validate Key Features We demonstrated all critical features in our environment. All three vendors would have been able to demo all the functionality in their sandbox. Our complex legacy environment really tested the integration capabilities of the vendors.
  • 14. Remote Identity Stores are Challenging Out of the 3 selected vendors, one could not access our Identity Stores in an acceptable manner Vendors make assumptions about controlling the identity store, especially in the cloud. As a policy, FINRA will not let 3rd parties control the identity store.
  • 15. Zero-downtime Deployments • Zero downtime was a key goal • Need to customize ForgeRock’s configuration stores for this goal Zero-downtime is very difficult. Several ways to implement, each with their own trade-offs.
  • 16. Application Migration • Staged migration requires interoperability between the legacy system and ForgeRock • Build an ”authentication bridge” between both systems Have a well-thought out rollout and focus on the customer experience. This is especially challenging when you need to integrate with legacy systems.
  • 17. Two Viable Vendors All necessary features were demonstrated by ForgeRock and one other vendor Even though both vendors implemented key requirements, their implementations were quite different. Both solutions had strengths and weaknesses.
  • 18. Why ForgeRock? These were the key factors for FINRA: 1. Access to source code allows for customization 2. ForgeRock APIs are in-line with FINRA’s micro-service vision 3. Better engagement with Product Management Customizing ForgeRock is not for every organization!
  • 19. Enterprise Considerations • Keep all key stakeholders looped in • Demo to application teams, INFOSEC and architects • Create internal training around Identity Management • Develop a strong partnership with ForgeRock
  • 20. My Thoughts on the Future … Onboarding and multi-factor is making Identity Management more challenging. There needs to be a trusted identity broker in the financial space.