SlideShare a Scribd company logo

Developing an IAM Roadmap that Fits Your Business

Download as PPTX, PDF
ForgeRock
ForgeRock

Presented by Jim McDonald, Engagement Manager, Identropy at ForgeRock Open Identity Stack Summit, June 2013 Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

TechnologyBusiness
1 of 18
Our Experience Plan Build Run Identropy’s professional services practice is designed around Plan, Build and Run. Our plan offering called “IAM Kickstart” has been delivering IAM Roadmaps for organizations since 2006.  Exclusive Focus on Identity & Access Management (IAM)  Our roadmaps are focused on GSD (get stuff done)  We leverage a tested methodology that creates custom strategies for each organization We’ve decided to make our methodology available as part of a “Do it Yourself Kit” at http://www.identropy.com
Kickstart Program – 7 Step Approach 7 Present Findings 1 P.U.T. Chart 2 Onsite Interviews 3 IAM Capability Assessment 4 Research and Follow-up 5 Architecture and Recommendations 6 Roadmap and Budget Estimates DELIVERABLES  IAM Capability Benchmark  High-Level Architecture  Initiative Roadmap  Editable Project Plan  Executive Presentation
PUT Chart & Pre-work •PUT Chart •Schedule Interviews / Develop Agenda •Gather collateral • Recent Audit findings • Governance Structures • Org or IT strategies • Documented IAM Policies and Procedures •Hold Interviews • Sample questions • Take Notes (look for quotes)
The PUT Chart
Findings: Assess the Current State •Define Program drivers (enablement, risk mitigation, compliance?) •Group Capabilities (see next slide) •Rate current maturity and desired/goal state •CMMI or benchmark – you decide •Rubrics (they’re not just for cubes anymore) •Other useful slides: “What is IAM?” Scope of Assessment Scope of IAM Program SWOT Quotes Helpful Hint: follow the K.I.S.S. principle
Capability Maturity Assessment Sample
IAM Capability Assessment Rubric Capability Scoring Rubric IAM Governance & Organization • 5=Formal IAM Governance is serving the needs for visibility for all stakeholders • 4=IAM Governance part of a larger IT Governance Framework and manages with Metrics and SLAs • 3=IAM Governance part of a larger IT Governance Framework and includes formal subcommittees • 2=IAM Governance is formal but is not part of a larger IT Governance Framework • 1=IAM Governance is informal Identity Data Management • 5=All accounts, roles centrally provisioned, reconciled • 4=All accounts, roles centrally provisioned • 3=Internal accounts provisioned, roles local in applications • 2=Single registry exists, some provisioning is automated • 1=No single registry of users User Lifecycle Management • 5=User lifecycle is managed centrally, request and approval processes are segregated and captured • 4=Most lifecycle processes are centralized, approvals are generally captured • 3=Most lifecycle processes are centralized, approvals are generally out-of band • 2=Identity is created centrally, but remaining lifecycle processes decentralized • 1=Identity Management processes are tribal knowledge Authentication, Access Control & Federation • 5=Federated Single Sign On • 4=Single Sign On with strong authentication • 3=Single Sign On, static password • 2=LDAP directory authentication, static password • 1=Local username, local static password Authorization & Role Management • 5=Business Roles are defined and leveraged for (de)provisioning and transfers • 4=Business Roles are defined and leveraged for (de)provisioning • 3=Central group management processes and are widely leveraged • 2=Central group management processes exist but are not widely leveraged • 1=Authorization processes are decentralized and not coordinated Audit, Reporting, & Event Monitoring • 5=Risk-based recertification cycles exist with quality control measures in place • 4=A risk assessment framework is used to establish appropriate recertification cycles • 3=High risk access is periodically recertified in an automated system • 2=Access recertification tools exists but are lightly used. • 1=Access is not routinely audited or recertified
Summarize Recommendations and Align to Findings •Executive Summary • Align it to IAM Program drivers •Architecture Diagram • Show current and future state •Make sure to design for the future • SaaS • Cloud • Mobile •Select or short-list products • Use analyst reports from Gartner or KC • Talk to peers or consultants
1 0 Enable the Business Employ an IAM Center of Excellence and Deploy Enabling Technologies Deploy an inclusive IAM Governance framework Drive greater adoption Balance security with usability Establish Risk Assessment Framework and Levels of Assurance Sample: Executive Recommendation Summary
Sample Recommendations – What to do Pull together enterprise identity data into a central identity repository Deploy a tool to provide delegated group management Replace Custom IAM with packaged software Implement coarse- grained policy enforcement with OpenAM Bolster application and cloud provisioning tools Offer BYOId for loose affiliations and low risk access Require strong second factor for certain high-risk access Employ an IAM Center of Excellence and Deploy Enabling Technologies Establish Risk Assessment Framework and Levels of Assurance Deploy an inclusive IAM Governance framework Inventory Risk at the Application and Group level Adopt existing LOA framework, such as the InCommon Assurance Program Apply security controls based on risk Increase stakeholder involvement through Technical and Business Advisory Groups Define Structure and Process for improved decision making and mission alignment
Sample Reference Architecture Diagram
Develop a Roadmap (timeline) •Do Now, Do Next, Do Later… & Down the Road •Develop a resource plan (using internal resources, consultants, or mix) •Estimate costs • Understand your fiscal calendar • Break-out Capital vs. Expense • This often favors SaaS or Open Source • If you need estimates – lean on vendors (consulting and product) • This is all relevant even if you must do an RFP
IAM Initiative Roadmap Enable the Business Drive Greater Adoption Balance Security with Usability
Develop a Deep-dive in the Appendices What is a key opportunity or pain point? • Governance • Role Management • Integration Decision Framework • Project Execution Tip: dedicate 4-6 slides on a key focus area to drive a particular point home
Perform the Read-out •Review Detailed deck for IAM Program and closest stakeholders •Perform executive readout (get to the point in 1 hour) •Now socialize with the people within your organization who’s support is needed
Thanks and Good Luck!
Developing an IAM Roadmap that Fits Your Business

Recommended

Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016
Aujas
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
Jerod Brennen
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices 
Veritis Group, Inc
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101
OneLogin
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IBM Sverige
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101
Jerod Brennen
 

Recommended

Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016
Aujas
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
Jerod Brennen
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
NetIQ
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices 
Veritis Group, Inc
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101
OneLogin
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IBM Sverige
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101
Jerod Brennen
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
Sarah Moore
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
IBM Security
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
Vandana Verma
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access Management
Sam Bowne
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
Intel IT Center
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
Hitachi ID Systems, Inc.
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
 
OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAM
Adrian Dumitrescu
 
Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)
Prof. Jacques Folon (Ph.D)
 
Iam presentation
Iam presentationIam presentation
Iam presentation
AWS UG PK
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
E-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachE-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture Approach
Femi Ashaye
 
Building a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionBuilding a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) Solution
WSO2
 
Identity Management
Identity ManagementIdentity Management
Identity Management
Venkatesh Jambulingam
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
Maganathin Veeraragaloo
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationDelivery Centric
 

More Related Content

What's hot

The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
Sarah Moore
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
IBM Security
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
Vandana Verma
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access Management
Sam Bowne
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
Intel IT Center
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
Hitachi ID Systems, Inc.
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
Identacor
 
OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAM
Adrian Dumitrescu
 
Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)
Prof. Jacques Folon (Ph.D)
 
Iam presentation
Iam presentationIam presentation
Iam presentation
AWS UG PK
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
E-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachE-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture Approach
Femi Ashaye
 
Building a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionBuilding a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) Solution
WSO2
 
Identity Management
Identity ManagementIdentity Management
Identity Management
Venkatesh Jambulingam
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
Maganathin Veeraragaloo
 

What's hot (20)

Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century EnterpriseIdentity & Access Management - Securing Your Data in the 21st Century Enterprise
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access Management
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
OneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAMOneIdentity - A Future-Ready Approach to IAM
OneIdentity - A Future-Ready Approach to IAM
 
Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)
 
Iam presentation
Iam presentationIam presentation
Iam presentation
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
E-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture ApproachE-RBAC Development - A Risk Based Security Architecture Approach
E-RBAC Development - A Risk Based Security Architecture Approach
 
Building a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionBuilding a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) Solution
 
Identity Management
Identity ManagementIdentity Management
Identity Management
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 

Viewers also liked

Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationDelivery Centric
 
SANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerSANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerOracleIDM
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
DLT Solutions
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
Aidy Tificate
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalOracleIDM
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
OracleIDM
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld
 
Docker presentation
Docker presentationDocker presentation
Docker presentationmhprogramr
 
Ymens - Cloud Identity Crisis - Dev Talks 2015
Ymens - Cloud Identity Crisis - Dev Talks 2015Ymens - Cloud Identity Crisis - Dev Talks 2015
Ymens - Cloud Identity Crisis - Dev Talks 2015
Vlad Mihnea
 
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
Kelly Grizzle
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM
Patrick Harding
 
Tuebora Self Driven IAM
Tuebora Self Driven IAMTuebora Self Driven IAM
Tuebora Self Driven IAM
Iranna Hurakadli
 
Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM
Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORMIdentity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM
Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM
ForgeRock
 

Viewers also liked (15)

Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer Presentation
 
SANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerSANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity Manager
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-final
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
 
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
VMworld 2013: Moving Enterprise Application Dev/Test to VMware’s Internal Pri...
 
Docker presentation
Docker presentationDocker presentation
Docker presentation
 
Ymens - Cloud Identity Crisis - Dev Talks 2015
Ymens - Cloud Identity Crisis - Dev Talks 2015Ymens - Cloud Identity Crisis - Dev Talks 2015
Ymens - Cloud Identity Crisis - Dev Talks 2015
 
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
 
The Case For Next Generation IAM
The Case For Next Generation IAM The Case For Next Generation IAM
The Case For Next Generation IAM
 
Tuebora Self Driven IAM
Tuebora Self Driven IAMTuebora Self Driven IAM
Tuebora Self Driven IAM
 
Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM
Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORMIdentity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM
Identity Summit 2015: CONTINUOUS IDENTITY PROTECTION FOR THE IDENTITY PLATFORM
 

Similar to Developing an IAM Roadmap that Fits Your Business

Best practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementationBest practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementation
Feras Ahmad
 
20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation
mohamed refaei
 
Best practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementationBest practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementation
mohamed refaei
 
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceJohn Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
itSMF UK
 
Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...
Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...
Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...
European SharePoint Conference
 
Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2
Smart ERP Solutions, Inc.
 
Automation Culture: Essential to Agile Success
Automation Culture: Essential to Agile SuccessAutomation Culture: Essential to Agile Success
Automation Culture: Essential to Agile Success
TechWell
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
FixNix Inc.,
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls Monitoring
Emma Kelly
 
Using an Engineering Maturity Model to drive Self-Improvement
Using an Engineering Maturity Model to drive Self-ImprovementUsing an Engineering Maturity Model to drive Self-Improvement
Using an Engineering Maturity Model to drive Self-Improvement
Michael King
 
Enterprise Risk Management Solutions
Enterprise Risk Management SolutionsEnterprise Risk Management Solutions
Enterprise Risk Management Solutions
LexComply
 
PMI - ACP (Agile Certified Practitionar) Certification Exam Prep
PMI - ACP (Agile Certified Practitionar) Certification Exam PrepPMI - ACP (Agile Certified Practitionar) Certification Exam Prep
PMI - ACP (Agile Certified Practitionar) Certification Exam Prep
PrudentialSolutions
 
ING webcast platform
ING webcast platformING webcast platform
ING webcast platform
OracleIDM
 
Automation Hub Best practices - Getting Started.pdf
Automation Hub Best practices - Getting Started.pdfAutomation Hub Best practices - Getting Started.pdf
Automation Hub Best practices - Getting Started.pdf
Cristina Vidu
 
GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]
GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]
GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]Barun Kumar
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Global Online Trinings
 
Agile at scale
Agile at scaleAgile at scale
Agile at scale
Eric Cattoir
 
Agile organization transformation in big enterprise
Agile organization transformation in big enterpriseAgile organization transformation in big enterprise
Agile organization transformation in big enterprise
Nicola Sfondrini
 
CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016
Hafiz Sheikh Adnan Ahmed
 

Similar to Developing an IAM Roadmap that Fits Your Business (20)

Best practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementationBest practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementation
 
20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation
 
Best practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementationBest practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementation
 
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceJohn Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practice
 
Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...
Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...
Why Are We Still Talking About SharePoint Governance? presented by Anders Skj...
 
Hcm file-wp
Hcm file-wpHcm file-wp
Hcm file-wp
 
Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2Navigating HCM Compliance Through Managed Services Part 2
Navigating HCM Compliance Through Managed Services Part 2
 
Automation Culture: Essential to Agile Success
Automation Culture: Essential to Agile SuccessAutomation Culture: Essential to Agile Success
Automation Culture: Essential to Agile Success
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls Monitoring
 
Using an Engineering Maturity Model to drive Self-Improvement
Using an Engineering Maturity Model to drive Self-ImprovementUsing an Engineering Maturity Model to drive Self-Improvement
Using an Engineering Maturity Model to drive Self-Improvement
 
Enterprise Risk Management Solutions
Enterprise Risk Management SolutionsEnterprise Risk Management Solutions
Enterprise Risk Management Solutions
 
PMI - ACP (Agile Certified Practitionar) Certification Exam Prep
PMI - ACP (Agile Certified Practitionar) Certification Exam PrepPMI - ACP (Agile Certified Practitionar) Certification Exam Prep
PMI - ACP (Agile Certified Practitionar) Certification Exam Prep
 
ING webcast platform
ING webcast platformING webcast platform
ING webcast platform
 
Automation Hub Best practices - Getting Started.pdf
Automation Hub Best practices - Getting Started.pdfAutomation Hub Best practices - Getting Started.pdf
Automation Hub Best practices - Getting Started.pdf
 
GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]
GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]
GRCSG2014_Kumar_Lessons for ensuring_F2E [Compatibility Mode]
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
 
Agile at scale
Agile at scaleAgile at scale
Agile at scale
 
Agile organization transformation in big enterprise
Agile organization transformation in big enterpriseAgile organization transformation in big enterprise
Agile organization transformation in big enterprise
 
CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016
 

More from ForgeRock

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
ForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
ForgeRock
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
ForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
ForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
ForgeRock
 

More from ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Recently uploaded

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 

Recently uploaded (20)

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 

Developing an IAM Roadmap that Fits Your Business

  • 1.
  • 2. Our Experience Plan Build Run Identropy’s professional services practice is designed around Plan, Build and Run. Our plan offering called “IAM Kickstart” has been delivering IAM Roadmaps for organizations since 2006.  Exclusive Focus on Identity & Access Management (IAM)  Our roadmaps are focused on GSD (get stuff done)  We leverage a tested methodology that creates custom strategies for each organization We’ve decided to make our methodology available as part of a “Do it Yourself Kit” at http://www.identropy.com
  • 3. Kickstart Program – 7 Step Approach 7 Present Findings 1 P.U.T. Chart 2 Onsite Interviews 3 IAM Capability Assessment 4 Research and Follow-up 5 Architecture and Recommendations 6 Roadmap and Budget Estimates DELIVERABLES  IAM Capability Benchmark  High-Level Architecture  Initiative Roadmap  Editable Project Plan  Executive Presentation
  • 4. PUT Chart & Pre-work •PUT Chart •Schedule Interviews / Develop Agenda •Gather collateral • Recent Audit findings • Governance Structures • Org or IT strategies • Documented IAM Policies and Procedures •Hold Interviews • Sample questions • Take Notes (look for quotes)
  • 6. Findings: Assess the Current State •Define Program drivers (enablement, risk mitigation, compliance?) •Group Capabilities (see next slide) •Rate current maturity and desired/goal state •CMMI or benchmark – you decide •Rubrics (they’re not just for cubes anymore) •Other useful slides: “What is IAM?” Scope of Assessment Scope of IAM Program SWOT Quotes Helpful Hint: follow the K.I.S.S. principle
  • 8. IAM Capability Assessment Rubric Capability Scoring Rubric IAM Governance & Organization • 5=Formal IAM Governance is serving the needs for visibility for all stakeholders • 4=IAM Governance part of a larger IT Governance Framework and manages with Metrics and SLAs • 3=IAM Governance part of a larger IT Governance Framework and includes formal subcommittees • 2=IAM Governance is formal but is not part of a larger IT Governance Framework • 1=IAM Governance is informal Identity Data Management • 5=All accounts, roles centrally provisioned, reconciled • 4=All accounts, roles centrally provisioned • 3=Internal accounts provisioned, roles local in applications • 2=Single registry exists, some provisioning is automated • 1=No single registry of users User Lifecycle Management • 5=User lifecycle is managed centrally, request and approval processes are segregated and captured • 4=Most lifecycle processes are centralized, approvals are generally captured • 3=Most lifecycle processes are centralized, approvals are generally out-of band • 2=Identity is created centrally, but remaining lifecycle processes decentralized • 1=Identity Management processes are tribal knowledge Authentication, Access Control & Federation • 5=Federated Single Sign On • 4=Single Sign On with strong authentication • 3=Single Sign On, static password • 2=LDAP directory authentication, static password • 1=Local username, local static password Authorization & Role Management • 5=Business Roles are defined and leveraged for (de)provisioning and transfers • 4=Business Roles are defined and leveraged for (de)provisioning • 3=Central group management processes and are widely leveraged • 2=Central group management processes exist but are not widely leveraged • 1=Authorization processes are decentralized and not coordinated Audit, Reporting, & Event Monitoring • 5=Risk-based recertification cycles exist with quality control measures in place • 4=A risk assessment framework is used to establish appropriate recertification cycles • 3=High risk access is periodically recertified in an automated system • 2=Access recertification tools exists but are lightly used. • 1=Access is not routinely audited or recertified
  • 9. Summarize Recommendations and Align to Findings •Executive Summary • Align it to IAM Program drivers •Architecture Diagram • Show current and future state •Make sure to design for the future • SaaS • Cloud • Mobile •Select or short-list products • Use analyst reports from Gartner or KC • Talk to peers or consultants
  • 10. 1 0 Enable the Business Employ an IAM Center of Excellence and Deploy Enabling Technologies Deploy an inclusive IAM Governance framework Drive greater adoption Balance security with usability Establish Risk Assessment Framework and Levels of Assurance Sample: Executive Recommendation Summary
  • 11. Sample Recommendations – What to do Pull together enterprise identity data into a central identity repository Deploy a tool to provide delegated group management Replace Custom IAM with packaged software Implement coarse- grained policy enforcement with OpenAM Bolster application and cloud provisioning tools Offer BYOId for loose affiliations and low risk access Require strong second factor for certain high-risk access Employ an IAM Center of Excellence and Deploy Enabling Technologies Establish Risk Assessment Framework and Levels of Assurance Deploy an inclusive IAM Governance framework Inventory Risk at the Application and Group level Adopt existing LOA framework, such as the InCommon Assurance Program Apply security controls based on risk Increase stakeholder involvement through Technical and Business Advisory Groups Define Structure and Process for improved decision making and mission alignment
  • 13. Develop a Roadmap (timeline) •Do Now, Do Next, Do Later… & Down the Road •Develop a resource plan (using internal resources, consultants, or mix) •Estimate costs • Understand your fiscal calendar • Break-out Capital vs. Expense • This often favors SaaS or Open Source • If you need estimates – lean on vendors (consulting and product) • This is all relevant even if you must do an RFP
  • 14. IAM Initiative Roadmap Enable the Business Drive Greater Adoption Balance Security with Usability
  • 15. Develop a Deep-dive in the Appendices What is a key opportunity or pain point? • Governance • Role Management • Integration Decision Framework • Project Execution Tip: dedicate 4-6 slides on a key focus area to drive a particular point home
  • 16. Perform the Read-out •Review Detailed deck for IAM Program and closest stakeholders •Perform executive readout (get to the point in 1 hour) •Now socialize with the people within your organization who’s support is needed

Editor's Notes

  1. Do now – foundational itemsDo next – heavier lifting that is highest priorityDo later – more heavy lifting