4. 4IRM Summit 2014
Consumerization
■ Over the last 10 years, the number of apps /
accounts / access rights has exploded
■ New ways to access or share IT resources: Cloud,
Mobile…
■ This drives for the need for more flexible ways to
manage permissions in the extended enterprise
– RBAC, Hierarchies, Fixed approval frameworks…
5. 5IRM Summit 2014
Consumerization
■ Old New strategies are coming up:
– Open Bar
– Copy/Paste
– Dynamic suggestions (à la Amazon)
■ Business Enabler: having the right level of
safeguards (eg: on-the-fly) and controls (a
posteriori)
6. 6IRM Summit 2014
WWW Governance
■ In order to efficiently govern your identities you
need to answer the three W:
■ Who: need to build a business-oriented system of
records for Identities
■ What: need to encompass both the breadth of IT
resources and the depth of granular access rights
■ When: need to correlate entitlement and activity
(access logs) in order to assess the risks
7. 7IRM Summit 2014
Identity beyond IT
■ Identity Analytics and Governance features enable
new business Use Cases
– Cost Optimizations: software licenses, mobile subcriptions, office
floor…
– Merger&Acquisition: skills mapping based on entitlements;
identify key people…
– Identity Context: risk-based authorizations, identity-aware
SIEM…
9. 9IRM Summit 2014
Provide answers to
9
Who can access:
NASsecretverysecretdocument.xls?
Are there users who can remotely issue bank
transfers?
Who left the accounting department over the last 6
months and is still accessing the Finance Back
Office?
10. 10IRM Summit 2014
Bottom-Up Approach
■ Holistic Mapping of organizations, resources, people
and their access rights
■ Advanced navigation and search capabilities,
including time navigation (entitlement history)
■ Advanced audit and analysis automated capabilities
■ Multi-format Reporting, versatile notification
■ Actionable & scalable processes
– Review / Recertification / Remediation / Access Requests…
10
11. 11IRM Summit 2014
Comprehensive Feature Set
Data model with full history trail
Collect engine
Data discovery
Rules engine
Controls
Reporting
Web portal
Exports to pdf, xls,…BPMN2 Workflow
engine
Integrated
ticketing
system
Push mail
IAM and ticketing
systems connectors
Accounts
reconciliation engine
Web Services