Transcript of a BriefingsDirect podcast on SailPoint Technologies' basic tenets of identity and access management in a rapidly changing and growing IT world.
Laser Focus for Success in Managed Services and Cloud ServicesJason Caras
Go vertical or stay horizontal? There has been a lot of talk in the managed services community about that decision. One option is to take a more blended approach — diversifying your customer focus, but specializing around one particular technology solution, such as security or managed services. That focused competency approach has led to extreme success for Tampa, FL, MSP IT Authorities. Co-CEO Jason Caras has watched his 7-year-old managed services business post at least double-digit growth from the start. Like those numbers? Read on to find out how Caras and his cofounder and Co-CEO Jason Pollner profited by building their IT company as a pure managed services practice.
The document summarizes a discussion between three data center executives - Graham Williams of Cologix, Jason Harris of CeraNet, and Phil Smith of Racksquared. They discuss trends in the data center industry including a growing preference among businesses for hybrid cloud/colocation solutions. They also note increasing interest in managed services and outsourcing of IT infrastructure. When asked about considerations for companies seeking data center services, the executives emphasize assessing a provider's infrastructure, security capabilities, and ability to support future growth needs.
How More Industries Can Cultivate A Culture of Operational ResilienceDana Gardner
A transcript of a discussion on the many ways that businesses can reach a high level of assured business availability despite varied and persistent threats.
How Unisys and Microsoft Team Up To Ease Complex Cloud Adoption For Governmen...Dana Gardner
A discussion how public and private sector IT organizations can ease cloud adoption using cloud-native apps, services modernization, automation, and embedded best practices.
The document discusses improving customer experience through interactions. It states that 86% of customers quit doing business with a brand due to a bad customer experience. The document then lists 5 pain points companies commonly face regarding customer interactions: 1) providing personalized customer service is expensive and difficult, 2) concerns about data loss in a digital world, 3) customers dislike lengthy signup forms, 4) increasing risks to customer data as a company grows, and 5) difficulty servicing customers quickly through social media. It provides solutions to each pain point, such as using CRMs to access customer data and automating processes to improve the customer experience. Overall, the document stresses that customer interactions can define a company and securing data while streamlining processes is important to
Flexible Working enables both the employee and the business’ needs to be met through agility and adjustments to when, where and how both choose to work.
This is mutually beneficial to both the employer and employee and result in outcomes the reap success.
This document discusses challenges with managing customer identities and compares different approaches companies take to address these challenges. It outlines the issues with building a custom solution ("homegrown" approach) or stitching together existing systems ("Frankenstein" approach) and argues that a specialized cloud-based customer identity and access management (CIAM) platform ("buy it, don't build it" approach) provides the best value through lower total cost of ownership and improved customer experiences. An example compares the costs of a custom solution versus a CIAM platform for a company with 1 million customers and 5 application integrations.
The document discusses the differences between ITIL v2 and v3, but argues that the question of which version to adopt is not important. It states that both versions cover the same fundamental processes for improving IT service management. The key is for organizations to focus on mastering the core aspects of incident management, problem management, change management and service level agreements, rather than debating v2 vs v3. Once the basics are stabilized, an organization can consider refinements in v3, but the most important thing is taking action to improve, not getting distracted by questions over framework versions.
Laser Focus for Success in Managed Services and Cloud ServicesJason Caras
Go vertical or stay horizontal? There has been a lot of talk in the managed services community about that decision. One option is to take a more blended approach — diversifying your customer focus, but specializing around one particular technology solution, such as security or managed services. That focused competency approach has led to extreme success for Tampa, FL, MSP IT Authorities. Co-CEO Jason Caras has watched his 7-year-old managed services business post at least double-digit growth from the start. Like those numbers? Read on to find out how Caras and his cofounder and Co-CEO Jason Pollner profited by building their IT company as a pure managed services practice.
The document summarizes a discussion between three data center executives - Graham Williams of Cologix, Jason Harris of CeraNet, and Phil Smith of Racksquared. They discuss trends in the data center industry including a growing preference among businesses for hybrid cloud/colocation solutions. They also note increasing interest in managed services and outsourcing of IT infrastructure. When asked about considerations for companies seeking data center services, the executives emphasize assessing a provider's infrastructure, security capabilities, and ability to support future growth needs.
How More Industries Can Cultivate A Culture of Operational ResilienceDana Gardner
A transcript of a discussion on the many ways that businesses can reach a high level of assured business availability despite varied and persistent threats.
How Unisys and Microsoft Team Up To Ease Complex Cloud Adoption For Governmen...Dana Gardner
A discussion how public and private sector IT organizations can ease cloud adoption using cloud-native apps, services modernization, automation, and embedded best practices.
The document discusses improving customer experience through interactions. It states that 86% of customers quit doing business with a brand due to a bad customer experience. The document then lists 5 pain points companies commonly face regarding customer interactions: 1) providing personalized customer service is expensive and difficult, 2) concerns about data loss in a digital world, 3) customers dislike lengthy signup forms, 4) increasing risks to customer data as a company grows, and 5) difficulty servicing customers quickly through social media. It provides solutions to each pain point, such as using CRMs to access customer data and automating processes to improve the customer experience. Overall, the document stresses that customer interactions can define a company and securing data while streamlining processes is important to
Flexible Working enables both the employee and the business’ needs to be met through agility and adjustments to when, where and how both choose to work.
This is mutually beneficial to both the employer and employee and result in outcomes the reap success.
This document discusses challenges with managing customer identities and compares different approaches companies take to address these challenges. It outlines the issues with building a custom solution ("homegrown" approach) or stitching together existing systems ("Frankenstein" approach) and argues that a specialized cloud-based customer identity and access management (CIAM) platform ("buy it, don't build it" approach) provides the best value through lower total cost of ownership and improved customer experiences. An example compares the costs of a custom solution versus a CIAM platform for a company with 1 million customers and 5 application integrations.
The document discusses the differences between ITIL v2 and v3, but argues that the question of which version to adopt is not important. It states that both versions cover the same fundamental processes for improving IT service management. The key is for organizations to focus on mastering the core aspects of incident management, problem management, change management and service level agreements, rather than debating v2 vs v3. Once the basics are stabilized, an organization can consider refinements in v3, but the most important thing is taking action to improve, not getting distracted by questions over framework versions.
CeBIT Keynote: Rethinking Work. The Next Chapter in Social CollaborationSameer Patel
1) Enterprise social software has seen significant growth but adoption by employees has been low, with most employees never using their company's social platform.
2) Social collaboration in businesses currently happens in isolation from actual business processes and applications.
3) The transformational opportunity for social collaboration comes from closing this gap by surfacing social features and collaboration at the point where business decisions are made, actions are taken, and processes are executed. This would allow social collaboration to directly drive key business metrics like revenue, costs, risks, and more.
The digital revolution changed the way we work forever. Is your organisation keeping up? Here’s a quick guide to the four
most popular digital workers, and how IT support can help your company make the most of the tech boom.
The Future of SharePoint (FOSP) - SharePoint Saturday Redmond - Sept 22 2012Jeff Shuey
The Future of SharePoint (FOSP) is going to be all about data and access to data. Data is being created everywhere today – from traditional corporate processes to social media and mobile computing efforts. Capturing, Managing and Governing this data will be critical to every business. SharePoint is at the early stages of reaching its full potential and to being THE PLACE where data is surfaced from disparate repositories.
Corporate Information Management: Core Concepts & Best PracticesSIMAdmin
This document discusses corporate information management concepts and best practices. It defines information management as capturing, organizing, disseminating, preserving, and discarding organizational information. An effective IM strategy ensures the right information is available to the right people, enhances performance, drives innovation, supports decision making, and ensures legal compliance. The document outlines key IM areas like corporate information, information systems, records management, information risk management, data governance, and legal compliance. It provides examples of structured and unstructured information and IM competency domains.
As if IT security didn’t have enough issues to contend with, it now has another. And,it’s a troublesome one...mitigating the risk of repelling customers because security defenses make your company unattractive or too hard to do business with. In this age of the customer – who wants everything available on every device from everywhere all the time – IT security is at risk of hurting the very business it is charged with protecting.
This document discusses how large organizations can balance flexibility and oversight when adopting cloud technologies. While cloud offers benefits like on-demand resources and pay-as-you-go models, it can undermine IT's control if not properly governed. Effective cloud initiatives must be integrated into existing service delivery models and governance mechanisms are needed to ensure alignment with business needs over time. Key areas for governance include demand management, capacity planning, service level management, and invoice/chargeback management. Governance helps organizations maximize cloud benefits while mitigating risks.
1. The document discusses risks associated with cloud computing, including potential security breaches that could compromise sensitive customer data and lead to costly litigation and reputational damage.
2. It provides examples of large-scale breaches involving cloud services firms, where hackers accessed millions of customer account files and email addresses.
3. Businesses considering cloud computing need to carefully evaluate what types of sensitive data they will entrust to the cloud, and conduct thorough due diligence on cloud providers' security practices and controls. Developing a clear data-security strategy is important for protecting information.
The document discusses a study that aimed to evaluate the transparency of cloud providers' security, privacy, auditability, and service level agreements. It developed a Cloud Provider Transparency Scorecard to assess information from cloud providers' websites. It conducted a preassessment of six cloud providers to evaluate available information and then performed a detailed assessment using the scorecard. The assessment focused on policies, procedures, certifications, audits and service level agreements published on providers' websites.
Strong Authentication: Securing Identities and Enabling BusinessSafeNet
In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. Consumer demands and compliance pressures bring organizations and institutions to search for new ways to strengthen their internal controls, authentication methods, and identity management practices. The message is clear – action is needed to stay ahead in the fast changing, security-conscious market.
Why Businesses Need Data To Make Better DecisionsBernard Marr
Data has become one of today's most valuable business assets. A key reason for this is that it massively improves decision-making. In this article, we look at the importance of data to drive evidence-based decisions.
This document summarizes a presentation on the convergence of IT and operational technology (OT) in cybersecurity. It discusses how cybersecurity has become integral to business activities as the world has become more interconnected. It describes how cybersecurity has evolved from preventative, network-focused security to a more dynamic approach using predictive analytics. The presentation emphasizes the need for cross-functional collaboration between IT, OT, and other departments given today's interconnected reality. It stresses that cybersecurity is no longer just a technical function and must be aligned with business needs and priorities.
This document discusses aligning internal and external brands. It argues that internal branding, or ensuring employees understand and embody the brand, is crucial for delivering on brand promises to customers. Up to 40% of marketing spending can be lost if employees do not represent the brand correctly. The document provides four themes for aligning internal and external brands: 1) Get top management buy-in and commitment to modeling the brand. 2) Audit existing brand perceptions among management, employees, and customers. 3) Translate brand values into specific behaviors to empower employees. 4) Assemble the right team who embody the brand naturally. Internal branding is seen as vital for building brand equity and a competitive advantage through motivated employee brand ambassadors.
Jennifer Baez
Email: jbaez@estey-hoover.com
Phone: Office: +1 (310) 652-3030
Director of Marketing, Estey & Hoover International
Marketing, PR and Business Development for Foreign Companies in the US
Web: www.estey-hoover.com
Michael Metzger – Director
Email: mmetzger@metzgerlaw.com
Phone: Office: +1 (310) 550-5700
Attorney, Metzger Law Group
Specializing in International Business Transactions and Litigation
Web: www.metzgerlaw.com
Torsten Thomas – Secretary & Founding Member
Email:
Enterprise IT is REALLY complex. This presentation introduces a reference framework to deal with such complexity, find patterns and better solutions for your current problems.
Cloud-based MDM solutions provide several potential rewards over on-premise solutions, including reduced costs, faster deployment, and increased scalability. However, companies must also consider risks like privacy, security, and loss of control. It is important for companies to understand how the cloud vendor will store and manage their data before deciding if a cloud-based MDM is appropriate for their needs and risk tolerance.
what virtual cube look like, what pentaho virtual cube best are for, how to develop pentaho virtual cube, why virtual cube better that data blend, table-join based report, and also traditional pivot.
The document summarizes the key findings of Accenture's Technology Vision for 2016. It discusses how digital technologies are now dominant in every sector of the economy, accounting for 22% of the global economy in 2015. It highlights how companies must transform their corporate culture to keep up with the pace of technological change, which 86% of executives surveyed said would increase rapidly or at an unprecedented rate. It identifies four pillars that companies need to build their digital culture around: being built for change, being data-driven, embracing disruption, and being digitally risk-aware.
Security from the cloud is challenging traditional approaches. As organizations transition from perimeter-based security towards user-centric approaches, Security and Risk professionals are transitioning to cloud IAM services or IDaaS (Identity as a Service) to manage identities across cloud environments. By overcoming the limitations of legacy on-premises IAM solutions, organizations are accelerating SaaS adoption, increasing user productivity and recognizing greater returns on their cloud investments.
View our slides for IAM overview and learn about:
• Trends in cloud, and the standards to support them
• State of Identity, Digital Trust, Authentication and Access
• Directory Services and Federation
• SSO (Desktop SSO, Web SSO, and Mobile SSO)
• Automating Onboarding Practices, Provisioning and Deprovisioning
Watch the on-demand webinar here: https://www.brighttalk.com/channel/12923/onelogin?utm_source=brighttalk
Identity and Access Management (IAM) is a crucial part of living in a connected world. It involves managing multiple identities of an individual or entity, distributed across disparate portals. In an enterprise, IAM solutions serve as a mean to secure access, control user activities and manage authentication for an App or a group of software (infrastructure).
This detailed PowerPoint brings you the most fundamental concepts and ideas related to identity and access management. Plus, we have debunked some popular IAM myths, so do checkout!
CeBIT Keynote: Rethinking Work. The Next Chapter in Social CollaborationSameer Patel
1) Enterprise social software has seen significant growth but adoption by employees has been low, with most employees never using their company's social platform.
2) Social collaboration in businesses currently happens in isolation from actual business processes and applications.
3) The transformational opportunity for social collaboration comes from closing this gap by surfacing social features and collaboration at the point where business decisions are made, actions are taken, and processes are executed. This would allow social collaboration to directly drive key business metrics like revenue, costs, risks, and more.
The digital revolution changed the way we work forever. Is your organisation keeping up? Here’s a quick guide to the four
most popular digital workers, and how IT support can help your company make the most of the tech boom.
The Future of SharePoint (FOSP) - SharePoint Saturday Redmond - Sept 22 2012Jeff Shuey
The Future of SharePoint (FOSP) is going to be all about data and access to data. Data is being created everywhere today – from traditional corporate processes to social media and mobile computing efforts. Capturing, Managing and Governing this data will be critical to every business. SharePoint is at the early stages of reaching its full potential and to being THE PLACE where data is surfaced from disparate repositories.
Corporate Information Management: Core Concepts & Best PracticesSIMAdmin
This document discusses corporate information management concepts and best practices. It defines information management as capturing, organizing, disseminating, preserving, and discarding organizational information. An effective IM strategy ensures the right information is available to the right people, enhances performance, drives innovation, supports decision making, and ensures legal compliance. The document outlines key IM areas like corporate information, information systems, records management, information risk management, data governance, and legal compliance. It provides examples of structured and unstructured information and IM competency domains.
As if IT security didn’t have enough issues to contend with, it now has another. And,it’s a troublesome one...mitigating the risk of repelling customers because security defenses make your company unattractive or too hard to do business with. In this age of the customer – who wants everything available on every device from everywhere all the time – IT security is at risk of hurting the very business it is charged with protecting.
This document discusses how large organizations can balance flexibility and oversight when adopting cloud technologies. While cloud offers benefits like on-demand resources and pay-as-you-go models, it can undermine IT's control if not properly governed. Effective cloud initiatives must be integrated into existing service delivery models and governance mechanisms are needed to ensure alignment with business needs over time. Key areas for governance include demand management, capacity planning, service level management, and invoice/chargeback management. Governance helps organizations maximize cloud benefits while mitigating risks.
1. The document discusses risks associated with cloud computing, including potential security breaches that could compromise sensitive customer data and lead to costly litigation and reputational damage.
2. It provides examples of large-scale breaches involving cloud services firms, where hackers accessed millions of customer account files and email addresses.
3. Businesses considering cloud computing need to carefully evaluate what types of sensitive data they will entrust to the cloud, and conduct thorough due diligence on cloud providers' security practices and controls. Developing a clear data-security strategy is important for protecting information.
The document discusses a study that aimed to evaluate the transparency of cloud providers' security, privacy, auditability, and service level agreements. It developed a Cloud Provider Transparency Scorecard to assess information from cloud providers' websites. It conducted a preassessment of six cloud providers to evaluate available information and then performed a detailed assessment using the scorecard. The assessment focused on policies, procedures, certifications, audits and service level agreements published on providers' websites.
Strong Authentication: Securing Identities and Enabling BusinessSafeNet
In today’s environment, the need for organizations to enable secure remote access to corporate networks, enhance their online services, and open new opportunities for e-commerce is bringing ever-growing attention to the importance of securing user access and validating identities. In addition, the recent barrage of identity theft and corporate fraud cases has brought corporate responsibility and the protection of sensitive data to the spotlight. Consumer demands and compliance pressures bring organizations and institutions to search for new ways to strengthen their internal controls, authentication methods, and identity management practices. The message is clear – action is needed to stay ahead in the fast changing, security-conscious market.
Why Businesses Need Data To Make Better DecisionsBernard Marr
Data has become one of today's most valuable business assets. A key reason for this is that it massively improves decision-making. In this article, we look at the importance of data to drive evidence-based decisions.
This document summarizes a presentation on the convergence of IT and operational technology (OT) in cybersecurity. It discusses how cybersecurity has become integral to business activities as the world has become more interconnected. It describes how cybersecurity has evolved from preventative, network-focused security to a more dynamic approach using predictive analytics. The presentation emphasizes the need for cross-functional collaboration between IT, OT, and other departments given today's interconnected reality. It stresses that cybersecurity is no longer just a technical function and must be aligned with business needs and priorities.
This document discusses aligning internal and external brands. It argues that internal branding, or ensuring employees understand and embody the brand, is crucial for delivering on brand promises to customers. Up to 40% of marketing spending can be lost if employees do not represent the brand correctly. The document provides four themes for aligning internal and external brands: 1) Get top management buy-in and commitment to modeling the brand. 2) Audit existing brand perceptions among management, employees, and customers. 3) Translate brand values into specific behaviors to empower employees. 4) Assemble the right team who embody the brand naturally. Internal branding is seen as vital for building brand equity and a competitive advantage through motivated employee brand ambassadors.
Jennifer Baez
Email: jbaez@estey-hoover.com
Phone: Office: +1 (310) 652-3030
Director of Marketing, Estey & Hoover International
Marketing, PR and Business Development for Foreign Companies in the US
Web: www.estey-hoover.com
Michael Metzger – Director
Email: mmetzger@metzgerlaw.com
Phone: Office: +1 (310) 550-5700
Attorney, Metzger Law Group
Specializing in International Business Transactions and Litigation
Web: www.metzgerlaw.com
Torsten Thomas – Secretary & Founding Member
Email:
Enterprise IT is REALLY complex. This presentation introduces a reference framework to deal with such complexity, find patterns and better solutions for your current problems.
Cloud-based MDM solutions provide several potential rewards over on-premise solutions, including reduced costs, faster deployment, and increased scalability. However, companies must also consider risks like privacy, security, and loss of control. It is important for companies to understand how the cloud vendor will store and manage their data before deciding if a cloud-based MDM is appropriate for their needs and risk tolerance.
what virtual cube look like, what pentaho virtual cube best are for, how to develop pentaho virtual cube, why virtual cube better that data blend, table-join based report, and also traditional pivot.
The document summarizes the key findings of Accenture's Technology Vision for 2016. It discusses how digital technologies are now dominant in every sector of the economy, accounting for 22% of the global economy in 2015. It highlights how companies must transform their corporate culture to keep up with the pace of technological change, which 86% of executives surveyed said would increase rapidly or at an unprecedented rate. It identifies four pillars that companies need to build their digital culture around: being built for change, being data-driven, embracing disruption, and being digitally risk-aware.
Security from the cloud is challenging traditional approaches. As organizations transition from perimeter-based security towards user-centric approaches, Security and Risk professionals are transitioning to cloud IAM services or IDaaS (Identity as a Service) to manage identities across cloud environments. By overcoming the limitations of legacy on-premises IAM solutions, organizations are accelerating SaaS adoption, increasing user productivity and recognizing greater returns on their cloud investments.
View our slides for IAM overview and learn about:
• Trends in cloud, and the standards to support them
• State of Identity, Digital Trust, Authentication and Access
• Directory Services and Federation
• SSO (Desktop SSO, Web SSO, and Mobile SSO)
• Automating Onboarding Practices, Provisioning and Deprovisioning
Watch the on-demand webinar here: https://www.brighttalk.com/channel/12923/onelogin?utm_source=brighttalk
Identity and Access Management (IAM) is a crucial part of living in a connected world. It involves managing multiple identities of an individual or entity, distributed across disparate portals. In an enterprise, IAM solutions serve as a mean to secure access, control user activities and manage authentication for an App or a group of software (infrastructure).
This detailed PowerPoint brings you the most fundamental concepts and ideas related to identity and access management. Plus, we have debunked some popular IAM myths, so do checkout!
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIBM Sverige
Deloitte gave their view on an approach for successful identity and access management governance projects togehter with IBM Security Systems and CrossIdeas, an IBM company.
The document describes the Gartner Identity and Access Management (IAM) Program Maturity Model which outlines 5 levels of maturity for an organization's IAM program:
1. Initial - Ad hoc processes with little awareness or value.
2. Defined - Certain business drivers identified and tactical priorities set with informal roles and processes.
3. Managed - IAM vision and strategy defined and aligned with business, formal processes and governance established.
4. Operational Excellence - IAM architecture refined, processes integrated and contribution to business imperatives is high.
5. Transformational - IAM vision, strategy, processes, architecture and governance optimized for maximum business value.
Is Identity & Access Management slightly unclear to you? Have a look at these slides! What are pros and cons of IDM solutions from different companies? We'll lead you to a comparison. What the market looked like and how it really is? Find out with us
Blockchain: How the bitcoin technology can change the public sectorCapgemini
What is blockchain and how can blockchain be used for the public sector in Germany? These are the main questions which will be answered by this presentation and via a use case which the authors implemented prototypically.
By Christof Tinnes, Carmen Eisenacher and Phillip Pham, Capgemini Germany
A Tale of Two IT Departments, or How Governance is Essential in the Hybrid Cl...Dana Gardner
Transcript of a Briefings Direct discussion on how two organizations have been improving their application’s performance via total performance monitoring and metrics.
The Long Road of IT Systems Management Enters the Domain of AIOps-Fueled Auto...Dana Gardner
This document provides a summary of a podcast discussion between Dana Gardner and Doug de Werd about the evolution of IT management. Some key points:
- IT management has evolved over 30 years from managing heterogeneity to now managing complexity across hybrid cloud, multicloud, and SaaS environments.
- Automation is getting a boost from new ML and AI capabilities like AIOps, just as multicloud deployments increase demands.
- HPE OneView provides a core infrastructure management solution that is extending its capabilities through partnerships to integrate with DevOps tools and cloud platforms.
- Intelligence from tools like HPE InfoSight is providing more insights and enabling more autonomous computing models that can self-optimize
Fast-Changing Demands on Data Centers Drives the Need for Automated Data Cent...Dana Gardner
Transcript of a BriefingsDirect podcast on how organization need to deal with the impact that IT and big data is having on data centers and how DCIM can help.
Cloud Security Crosses the Chasm, How IT Now Goes to the Cloud for Better Sec...Dana Gardner
Transcript of a discussion on how cloud security is rapidly advancing and how enterprises can begin to innovate to prevail over digital disruption by increasingly using cloud-defined security.
Why Today’s Hybrid IT Complexity Makes 'as a Service' Security EssentialDana Gardner
Transcript of a discussion on why more automation, integration, and acquiring security services “as a service” are in hot demand amid rapidly growing IT security costs and the added complexity of protecting distributed workforces.
Exploring the Business Decision to Use Cloud ComputingDana Gardner
The document summarizes a panel discussion on turning cloud computing into business value. The panel explores practical cloud implementations and moving beyond hype to realize business benefits. Issues discussed include inhibitors to cloud adoption, examples of safe cloud use, and how cloud can improve business processes. A representative from Harvard Medical School provides an example of successful cloud adoption, noting how an iterative approach built trust with researchers and addressed their bursty computing needs.
Explore the Roles and Myths of Automation and Virtualization in Data Center T...Dana Gardner
The document is a transcript of a podcast discussion about virtualization and automation in data centers. It discusses how automation can help companies achieve higher levels of virtualization adoption, beyond the 30% level many are stuck at. Automation allows virtualization to extend to more applications, including tier 1 apps, and provides benefits like improved compliance, repeatability, and agility. It argues companies need to take a strategic view of virtualization through a full lifecycle lens to realize its full potential for transformation.
Why Enterprises Should Approach Procurement of Hybrid IT In Entirely New WaysDana Gardner
Transcript of a discussion on why changes in cloud deployment models are forcing a rethinking of IT economics, and maybe even the very nature of acquiring and cost optimizing digital services.
SAP Ariba Chief Strategy Officer on The Digitization of Business and the Futu...Dana Gardner
Transcript of a sponsored discussion on how advancements in business applications and the modern infrastructure that supports them portends new and higher degrees of business innovation.
Dark Side of Cloud Adoption: People and Organizations Unable to Adapt and Imp...Dana Gardner
Transcript of a discussion on how cloud adoption is not reaching its potential due to outdated behaviors and persistent dissonance between what businesses can do and will do with cloud model strengths.
Digital Asset Management What to know before you go.pdfHeyEmbedMe
The document provides guidance on key considerations for organizations implementing a Digital Asset Management (DAM) system. It discusses understanding user needs and current digital assets, developing a metadata model and taxonomy, determining workflow processes, selecting a DAM vendor, and establishing long-term governance and management of the system. The goal of a DAM system should be centrally managing and enabling reuse of digital assets to increase organizational efficiency and profits.
7.5 steps to overlaying BYoD & IoT on Existing InvestmentsCaston Thomas
This document summarizes a presentation about managing risks and enabling opportunities related to bring your own device (BYOD), the cloud, mobile technologies, and the Internet of Things. The presenter discusses viewing these trends through three lenses: personal vs corporate data, who pays, and shifts in culture and relationships. A variety of security control options are presented, including mobile device management, virtual desktop infrastructure, application wrappers, and network access control. The presenter advocates for a comprehensive, multilayered approach combining several controls to balance security and business needs like access agility.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframePrecisely
Inconsistent user experience and siloed data, high costs, and changing customer expectations – Citizens Bank was experiencing these challenges while it was attempting to deliver a superior digital banking experience for its clients. Its core banking applications run on the mainframe and Citizens was using legacy utilities to get the critical mainframe data to feed customer-facing channels, like call centers, web, and mobile. Ultimately, this led to higher operating costs (MIPS), delayed response times, and longer time to market.
Ever-changing customer expectations demand more modern digital experiences, and the bank needed to find a solution that could provide real-time data to its customer channels with low latency and operating costs. Join this session to learn how Citizens is leveraging Precisely to replicate mainframe data to its customer channels and deliver on their “modern digital bank” experiences.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Five Ways to Make Identity Management Work Best Across Hybrid Computing Environments
1. Five Ways to Make Identity Management Work Best Across
Hybrid Computing Environments
Transcript of a BriefingsDirect podcast on SailPoint Technologies' basic tenets of identity and
access management in a rapidly changing and growing IT world.
Listen to the podcast. Find it on iTunes. Sponsor: SailPoint Technologies
Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions and you're
listening to BriefingsDirect. Today, we present a sponsored podcast discussion on learning new
best practices for managing the rapidly changing needs around identity and
access management (IAM).
Any modern business has been dealing with IAM from day one, but today,
more critical elements of doing extended business activities because of cloud,
mobile, bring your own device (BYOD), and hybrid computing means ever
greater complexity and greater complexity is the chief deterrent to secure
governed and responsive management of who and what can access your data
and services and under what circumstances.
Gardner
So while cloud gets a lot of attention, those of us working with enterprises daily know that the
vast majority of businesses are, and will remain, IT hybrids, a changing mixture of software as a
service (SaaS), cloud, mobile, managed hosting models, and of course, on-premises IT systems.
We're here now with a Chief Technology Officer for a top IAM technology provider to gain a
deeper understanding of the various ways to best deploy and control access management in this
ongoing age of hybrid business.
Here to explore five critical tenets of best managing the rapidly changing needs around identity
and access management is our guest, Darran Rolls, the Chief
Technology Officer at SailPoint Technologies in Austin, Texas.
Welcome, Darran.
Darran Rolls: Thank you.
Gardner: Darran, it seems that the changes in IT are forcing a rethinking of deployment models
in user behaviors, and therefore the governance of these critical business processes needs to
adjust. But let’s just focus on what doesn’t change, despite this hybrid environment we now find
ourselves in, despite all these moving parts and change. There must be some basic, bedrock
principles that we can look to that will guide us as we're trying to better manage access and
identity.
2. Rolls: Absolutely there are, and I think that will be a consistent topic of our conversation today.
It's something that we like to think of as the core tenets of IAM. As you very eloquently pointed
out in your introduction, this isn't anything new. We've been struggling with
managing identity and security for some time. The changing IT environment is
introducing new challenges, but the underlying principles of what we're trying to
achieve have remained the same. So yes, that’s a pretty good summary.
The idea of holistic management for identity is key. There's no question about
that, and something that we'll come back to is this idea of the weakest link -- a
very commonly understood security principle. As our environment expands with
cloud, mobile, on-prem, and managed hosted, the idea of a weak point in any
Rolls
part of that environment is obviously a strategic flaw.
As we like to say at SailPoint, it’s an anywhere identify principle. That means all people,
employees, contractors, partners, customers, basically from any device, whether you’re on a
desktop, cloud, or mobile to anywhere. That’s on-prem enterprise apps, SaaS apps, and mobile.
It’s certainly our belief that for any IAM technology to be truly effective, it has to span all for all
-- all access, all accounts, and all users, wherever they live in that hybrid runtime.
Gardner: So we're in an environment now where we have to maintain those bedrock principles
for true enterprise-caliber governance, security, and control, but we have a lot more moving parts
and we have a cavalcade of additional things you need to support, which to me, almost begs for
those weak links to crop up.
So how do you combine the two? How do you justify and reconcile these two realities?
Addressing the challenge
Rolls: One way comes from how you address the problem and the challenge in the first place.
Quite often, I'm asked if there's a compromise here. If I move my IAM to the cloud, will I still be
able to sustain my controls and management and do risk mitigation, which is what we were
trying to get to?
My advice is if you're looking at an identity-as-a-service (IDaaS) solution that doesn’t think in
terms of sustainable controls and risk mitigation, then stop, because controls and risk mitigation
really are the core tenets of identity management as we understand them. It’s really important to
start a conversation around IDaaS by quite clearly understanding what identity governance really
is.
This isn’t an occasional, office-use application that we're looking at here. This is critical security
infrastructure. We very much have to remember that identity sits at the center of that security-management
lifecycle and at the center of the users’experience. So it’s super important that we
get it right.
3. So in this respect, I like to think that IDaaS is more of a deployment option than any form of a
compromise. There are a minimum set of table stakes that have to be in place. And, whether
you're choosing to deploy an IDaaS solution or an on-prem offering, there should be no
compromise in it.
We have to respect the principles of global visibility and control, of consistency, and of user
experience. Those things remain true for cloud and on-prem, so the song remains the same so to
speak. The IT environment has changed, and the IAM solutions are changing, but the principles
remain the same.
Gardner: I was speaking with some folks leading up to the recent Cloud Identity Summit and
Conference, and more and more, people seem to be thinking that the IAM is the true
management. It's more than just the identity in access, but across services so that it is essential
for extended enterprise processes, as you say, to get this right.
Also, to your point, being more inclusive means that you need to have the best of all worlds. You
need to be able to be doing well on-premises as well as in the cloud, and not either/or.
Rolls: Most of the organizations that I speak to these days are trying to manage a balance
between being enterprise ready -- so supporting controls and automation and access management
for all applications, with being very forward looking, so deploying that solution from the cloud
for cost and agility reasons.
For these organizations, choosing IDaaS solution is not a compromise in risk mitigation, it’s a
conscious direction towards a more off-the-shelf approach to managing identity. Look, everyone
has to address security and user access controls, and making a choice to do that as a service can’t
compromise your position on controls and risk mitigation.
Gardner: I suppose the risk is that if you have somewhat of a distributed approach to your IAM
capabilities, you'll lose that all essential single view or single place to manage. I'd like to hear
more, as we get into these tenets, of how you can maintain that singleness, that control, without
loose ends and without weak links, but still take advantage of the modern architecture.
You put in some nice thought in making a logical set of five tenets that help people understand
and deal with these changeable markets. So let’s start going through those. Tell me about the first
tenet, and then we can dive in and maybe even hear an example of where someone has done this
right?
Focusing on identity
Rolls: Obviously it would be easy to draw 10 or 20, but we like to try and compress it. So
there's probably always the potential for more here. I wouldn’t necessarily say these are in any
specific order, but the first one is the idea of focusing on the identity and not the account.
4. This one is pretty simple. Identities are people, not accounts in an on-line system. And something
we learned early in the evolution of IAM was that in order to gain control, you have to
understand the relationships between people -- identities, and their accounts, and between those
accounts and the entitlements and data they give access too.
So this tenet really sits at the heart of the IAM value proposition -- its all about understanding
who has access to what, and what it really means to have that acces. By focusing on the identity,
and capturing all of the relationships it has to accounts, to systems, and to data, helps map out the
user security landscape and get a complete picture of how things are configured.
Gardner: If I understand this correctly, all of us now have multiple accounts. Some of them
overlap. Some of them are private. Some of them are more business. I suppose as we get into the
Internet of Things, we're going to have even another tier associated with a user or an identity and
that might be sensors or machines. So it’s important to maintain the identity focus, rather than the
account focus. Did I get that right?
Rolls: We see this today in classic on-prem infrastructure with system shared and privileged
accounts. They are accounts that are operated by the system and not necessarily by an individual.
What we advocate here and what leads into the second tenet as well is this idea of visibility. You
have to have ownership and responsibility. You assign and align the system and functional
accounts with people that can have responsibility.
In the Internet of Things, I would by no means say that it's nothing new, because if nothing else,
it's potentially a new order of scale, but it's functionally the same thing, understanding the
relationships.
For example, I want to tie my Nest account back to myself or to some other individual and I want
to understand what it means to have that ownership. It really is just more of the same, and those
principles that we have learned in enterprise IAM are going to play out big time when everything
has an identity in the internet of things.
Gardner: Of course. Any quick examples of tenet one, where we can identify that we're having
that focus on the user, rather than the account, and it benefited them?
Rolls: For sure. The consequences of not understanding and accurately managing those identity
and account relationships can be pretty significant. Unused and untracked accounts, something
that we commonly refer to in the industry as "orphan accounts," often lead to security breaches.
That’s why, if you look at the average identity audit practice, it’s very focused on controls for
those orphan accounts.
We also know for a fact, based on network forensic analysis that happens post-breach, that in
many of the high profile, large-scale security breaches that we've seen over the last two to five
years, the back door is left open by an account that nobody owns or manages. It’s just there. And
if you go over to the dark side and look at how the bad guys construct vulnerabilities, first things
they look for are these unmanaged accounts.
5. So it’s low hanging fruit for IAM to manage these accounts because the consequences can be
fairly significant.
Tenet two
Gardner: Okay, tenet two. What’s next on your priority list?
Rolls: The next is two-fold. Visibility is king, and silos are bad. This is really two thoughts that
are closely related.
The first part is the idea that visibility is king, and this comes from the realization that you have
to be able to capture, model, and visualize identity data before you have any chance of managing
it. It’s like the old saying that you can’t manage what you can’t measure.
It’s same thing for identity. You can’t manage the access and security you don’t see, and what
you don’t see is often what bites you. So this tenet is the idea that your IAM system absolutely
must support this idea of rapid, read-only aggregation of account and entitlement information as
a first step, so you can understanding the landscape.
The second part is around the idea that silos of identity management can be really, really bad. A
silo here is a standalone IAM application or what one might think of as a domain-specific IAM
solution. These are things like an IDaaS offering that only does cloud apps or an Active
Directory-only management solution, basically any IAM tool that creates a silo of process and
data. This isolation goes against the idea of visibility and control that we just covered in the first
tenant.
You can’t see the data if its hidden in a siloed system. It’s isolated and doesn't give you the global
view you need to manage all identity for all users. As a vendor, we see some real-world examples
of this. SailPoint just replaced a legacy-provisioning solution at a large US based bank, because
the old system was only touching 12 of their core systems.
The legacy IAM system the bank had was a silo managing just the Unix farm. It wasn't
integrated and its data and use case wasn’t shared. The customer needed a single place for their
users to go to get access, and a single point of password control for their on-prem Unix farm and
their cloud based front-end application. So today SailPoint’s IdentityNow provides that single
view for them and things are working much better.
Gardner: Yes. It also reminds me that we always need to be conscious of supporting the legacy
in the older systems, recognizing that they weren't designed necessarily for the reality we're in
now, but we also need to be flexible in the sense of future proof. So it's having visibility across
your models that are shifting in terms of hybrid and cloud, but also visibility across the other
application sets and platforms that were never created with this mixture of models that we are
now supporting.
6. Rolls: Exactly right. In education, we say "no child left behind." In identity, we say “no account
left behind, and no system left behind.” We also shouldn’t forget there is a cost associated with
maintaining those siloed IAM tools too. If the system only supports cloud, or only supports on-prem,
or managing identity for mobile, SaaS, or just one area of the enterprise, there’s cost.
There's a real dollar cost for buying and maintaining the software, and probably more
importantly, a soft cost in the end user experience for the people that have to manage across
those silos. So these IAM silos are not only preventing visibility and controls, but there is cost
here, a real dollar cost to the business as well.
Gardner: This also gets closer to this idea of this common comprehensive view of all the data
and all the different elements of what we are trying to manage. I think that's also important.
Okay, number three. What are we looking at for your next issue, and what are the ways that we
can prevent any of that downside from it?
Complete lifecycle
Rolls: This tenet comes from the school of identity hard knocks, and is something I’ve learned
from being in the IAM space for the past 20 or so years -- you have to manage the complete
lifecycle for both the identity, and every account that the identity has access to.
Our job in identity management, our “place” if you will in the security ecosystem, is to provide
cradle-to-grave management for corporate account assets. Its our job to manage and govern the
full lifecycle of the identity -- a lifecycle that you’ll often hear referred to as JML, meaning
Joiners, Movers and Leavers.
As you might expect, when gaps appear in that JML lifecycle, really bad things start to happen.
Users don’t get the system access they need to get their jobs done, the wrong people get access to
the wrong data and critical things get left behind when people leave. I have seen the joy in their
faces.
Maybe the wrong people get access to the wrong data. They're in the Move phase. Then things
get left behind when people leave. You have to track the account through that JML lifecycle. I
avoid using the term "cradle to grave," but that’s really what it means.
That’s a very big issue for most companies that we talked to. It’s captured in that lifecycle.
Gardner: So it’s not just orphan accounts, but it’s inaccurate or outdated accounts that don’t
have the right and up-to-date information. Those can become back doors. Those can become
weak links.
7. It appears to me, Darran, that there's another element here in how our workplace is changing.
We're seeing more and more of what they call "contingent workforces," where people will come
in as contractors or third-party suppliers for a brief period of time, do a job, and get out.
It’s this lean, agile approach to business. This also requires a greater degree of granularity and
fine control. Do you have any thoughts about how this new dynamic workforce is impacting this
particular tenet?
Rolls: It’s certainly increasing the pressure on IT to understand and manage all of its population
of users, whether they're short term contractors or long-term employees. If they have access to an
asset that the business owns, it’s the business's fiduciary duty to manage the lifecycle for that
worker.
In general, worker populations are becoming more transient and work groups more dynamic.
Even if it’s not a new person joining the organization, we’re creating and using more dynamic
groups of people that need more dynamic systems access.
It’s becoming increasingly important for businesses today to be able to put together the access
that people need quickly when a new project starts and then accurately take it away when the
project finishes. And if we manage that dynamic access without a high degree of assured
governance, the wrong people get the wrong stuff, and value things get left behind.
Old account
Quite often, people ask me if it would really matter when the odd account gets left behind, and
my answer usually is it certainly can. A textbook example of this when a sales guy leaves his old
company, goes to join a competitor, and no one takes away his salesforce.com account. He's then
spends the next six months dipping into his old company’s contacts and leads because he still has
access to the application in the cloud.
This kind of stuff happens all the time. In fact, we recently replaced another IDaaS provider at a
client on the west coast, specifically because “the other vendor” -- who shall remain nameless --
only did just-in-time SAML provisioning, with no leaver-based deprovisioning. So customers
really do understand this stuff and recognize the value. You have to support the full lifecycle for
identity or bad things happen for the customer and the vendor.
Gardner: All right. We were working our way through our tenets. We're now on number four. Is
there a logical segue between three and four? How does four fit in?
Rolls: Number four, for me, is all about consistency. It talks to the fact that we have to think of
identity management in terms of consistency for all users, as we just said, from all devices and
accessing all of our applications.
8. Practically speaking, this means that whether you sit with your Windows desktop in the office or
you are working from an Android tablet back at the house or maybe on your smartphone in a
Starbucks drive-through, you can always access the applications that you need, and you can
consistently and securely do something like a password reset or maybe complete a quarterly user
access certification task before hitting the road back to the office.
Consistency here means that you get the same basic user experience, and I use the term user
experience here very deliberately, and the same level of identity service, wherever you are. It has
become very, very important, particularly as we have introduced a variety of incoming devices,
that we keep our IAM services consistent.
Gardner: It strikes me that this consistency has to be implemented and enforced from the
backend infrastructure, rather than the device, because the devices are so changeable. We're even
thinking about a whole new generation of devices soon, and perhaps even more biometrics,
where the device becomes an entry point to services.
Tell me a bit about the means by which consistency can take place. This isn't something you
build into the device necessarily. It has to be in the backend or central mode or managed across
these scenarios.
Rolls: Yes, that consistency has to be implemented in the underlying service, as you’ve
highlighted. It’s very easy to think of consistency as just being in the IAM UI or just in the
device display, but it really extends to the identity API as well. A very good example to explore
this concept of coinsistency of the API, is to think like a corporate application developer and
consider how they look at consistency for IAM too
Assume our corporate application developer is developing an app that needs to carry out a
password reset, or maybe it needs to do something with an identity profile. Does that developer
write a provisioning connector themselves? Or should they implement a password reset in their
own custom code?
The answer is no, they don’t roll their own. Instead they should make use of the consistent API-level
services that the IAM platform provides -- they make calls to the IDaaS service, and the
IDaaS service is then responsible for doing the actual password reset using consistent policies,
consistent controls, and a consistent level of business service. So, as I say, its about consistency
for all use cases, from all devices, accessing all applications.
Thinking about consistency
Gardner: And even as we think about the backend services support, that itself also needs to
extend to on-prem legacy, and also to cloud and SaaS. So we're really thinking about consistency
deep and wide.
9. Rolls: Precisely, and if we don’t think about consistency for identity as a services, we're never
going to have control, and importantly, we're never going to reduce the cost of managing all this
stuff, and we're never going to lower the true risk profile for the business..
Gardner: All right, pretty good. We're coming up or our last tenet, number five. It seems to me
that we haven't talked too much about the behavior, the buy-in. You can lead a horse to water, but
you can't make him drink. This, of course, has an impact on how we enforce consistency across
all these devices as well as the service model. So what do we need to do to get user buy-in? How
does number five affect that?
Rolls: Number five, for me, is the idea that the end user experience for identity is everything.
Once upon a time, the only user for identity management was IT itself and identity was an IT
tool for IT practitioners. It was mainly used by the helpdesk and by IT pros to automate identity
and access controls. Fortunately, things have changes a lot since then, both in the identity
infrastructure and, very importantly, in the end users’ expectations.
Today, IAM really sits front and center for the business users IT experience. When we think of
something like single sign-on (SSO), it literally is the front door to the applications and the
services that the business is running. When a line-of-business person sits down at an application,
they're just expecting seamless access via secured single sing-on. The expectation is that they can
just quickly and easily get access to the things they need to get their job done.
They also expect identity-management services, like password management, access request, and
provisioning to be integrated, intuitive, and easy to use. So the way these identity services are
delivered in the user experience is very important.
Pretty much everything is self service these days. The expectation is to move the business user to
self service for pretty much everything, and that very much includes Identity Management as a
Service as well. So the UI just has to be done right and the overall users’ experience has to be
consistent, seamless, intuitive, and just easy to deal with. That’s how we get buy-in for identity
today, by making the identity management services themselves easy to use, intuitive, and
accessible to all.
Gardner: And isn’t this the same as saying making the governance infrastructure invisible to the
end user? In order to do that, you need to extend across all the devices, all the deployment
models, and the APIs, as well as the legacy systems. Do you agree that we're talking about
making it invisible, but we can’t do that unless you're following the previous four tenets.
Rolls: Exactly. There's been a lot of industry conversation around this idea of identity being part
of the application and the users’ flow, and that’s very true. Some large enterprises do have their
own user-access portals, specific places that you go to carry out identity related activities, so we
need integration there. On the other hand, if I'm sitting here talking to you and I want to reset my
Active Directory password, I just want to pick up my iPhone and do it right there, and that means
secure identity API’s.
10. We talked a good amount about the business user experience. It is very important to realize that
it’s not just about the end user and the UI. It also affects how the IDaaS service itself is
configured, deployed, and managed over time. This means the user experience for the system
owner, be that someone in IT or in the line of business -- it doesn’t really matter who -- has to be
consistent and easy to use and has to lead to easier configuration, faster deployment, and faster
time to value. We do that by making sure that the administration interface and the API’s that
support it are consistent and generally well thought out too.
Intersect between tenets
Gardner: I can tell, Darran, that you've put an awful lot of thought into these tenets. You've
created them with some order, even though they're equally important. This must be also part of
how you set about your requirements for your own products at SailPoint.
Tell me about the intersect between these tenets, the marketplace, and what SailPoint is bringing
in order to ameliorate the issues that the problem side of these tenets identify, but also the
solution side, in terms of how to do things well.
Rolls: You would expect every business to say these words, but they have great meaning for us.
We're very, very customer focused at SailPoint. We're very engaged with our customers and our
prospects. We're continually listening to the market and to what the buying customer wants.
That’s the outside-in part of the of the product requirements story, basically building solutions to
real customer problems.
Internally, we have a long history in identity management at SailPoint. That shows itself in how
we construct the products and how we think about the architecture and the integration between
pieces of the product. That’s the inside-out part of the product requirements process, building
innovative products that solutions that work well over time.
So I guess that all really comes down to good internal product management practices. Our
product team has worked together for a considerable time across several companies. So that’s to
be expected. It's fair to say that SailPoint is considered by many in the industry as the thought
leader on identity governance and administration. We now work with some of the largest and
most trusted brand names in the world, helping them provide the right IAM infrastructure. So I
think we’re getting it right.
As SailPoint has strategically moved into the IDaaS space, we’ve brought with us a level of trust,
a breadth of experience, and a depth of IAM knowledge that shows itself in how we use and
apply these tenets of identity in the products and the solutions that we put together for our
customers.
Gardner: Now, we talked about the importance of being legacy sensitive, focusing on what the
enterprise is and has been and not just what it might be, but I'd like to think a little bit about the
future-proofing aspects of what we have been discussing today.
11. Things are still changing and, as we said, there are new generations of mobile devices, more
biometrics perhaps doing away with passwords and identifying ourselves through the device that
then needs to filter back throughout the entire lifecycle of IAM implications and end points.
So when you do this well, if you follow the five tenets, if you think about them and employ the
right infrastructure to support governance in IAM for both the old and the new, how does that set
you up to take advantage of some of the newer things? Maybe it’s big data, maybe it’s hybrid
cloud, or maybe it's agile business.
It seems to me that there are not necessarily unintended consequences, but there's a virtuous
adoption benefit that when you do IAM well, you put yourself in a pretty good position to take
advantage of some of these newer benefits. Help me understand where the enticement for being
on top of this now, rather than later, comes in?
Changes in technologies
Rolls: As you've highlighted, there are lots of new technologies out there that are effecting
change in corporate infrastructure. In itself, that change isn’t new. I came into IT with the advent
of distributed systems. We were going to replace every mainframe. Mainframes were supposed
to be dead, and it's kind of interesting that they're still here.
So infrastructure change is most definitely accelerating, and the options available for the average
IT business these days -- cloud, SaaS and on-prem -- are all blending together. That said, when
you look below the applications, and look at the identity infrastructure, many things remain the
same. Consider a SaaS app like salesforce.com. Yes, it’s a 100 percent SaaS cloud application,
but it still has an account for every user.
I can provide you with SSO to your account using SAML, but your account still has fine-grained
entitlements that need to be provisioned and governed. That hasn’t changed. All of the new
generation of cloud and SaaS applications require IAM. Identity is at the center of the application
and it has to be managed. If you adopt a mature and holistic approach to that management you
are in good stead.
Another great example are the mobile device management (MDM) platforms out there -- a new
piece of management infrastructure that has come about to manage mobile endpoints. The MDM
platforms themselves have identity control interfaces. Its our job in IAM to connect with these
platforms and provide control over what’s happening to identity on the endpoint device too.
Our job in identity is to manage identity lifecycles where ever they sit in the infrastructure. If
you're not on board, you'd better get on board, because the challenges for identity are certainly
not going away.
12. Interestingly, I'm sometimes challenged when I make a statement like that. I’ll often get the reply
that "with SAML single sign-on, the the passwords go away so the account management problem
goes away, right?” The answer is that no, they don’t. They're still accounts in the application
infrastructure. So good best practice identity and access management will remain key as we keep
moving forward.
Gardner: And of course as you pointed out earlier, we can expect the scale of what's going to be
involved here to only get much greater, perhaps rapidly much greater.
Rolls: Yes, 100 percent. Scale is key to architectural thinking when you build a solution today,
and we're really only just starting to touch where scale is going to go.
It’s very important to us at SailPoint, when we build our solutions, that the product we deliver
understands the scale of business today and the scale that is to come. That affects how we design
and integrate the solutions, it affects how they are configured and how they are deployed. It’s
imperative to think scale -- that’s certainly something we do.
Gardner: Very good. I'm afraid we will have to leave it there. You've been listening to a
sponsored BriefingsDirect podcast discussion on new best practices for managing the rapidly
changing needs around identity and access management.
We’ve seen how greater complexity is the chief detriment to secured, governed, and responsive
ID management. We've also seen how the tried-and-true principles of ID are still there and need
to be maintained, even as we face greater scale and greater complexity across more devices, tiers,
and across the extended enterprise landscape.
So I want to thank our guest. We've been here with Darran Rolls, the Chief Technology Officer at
SailPoint Technologies in Austin, Texas. Thank you so much, Darran.
Rolls: Thank you, Dana, good speaking to you.
Gardner: Likewise. This is Dana Gardner, Principal Analyst at Interarbor Solutions. Thanks also
to our audience for joining, and don’t forget to come back to the next BriefingsDirect discussion.
Listen to the podcast. Find it on iTunes. Sponsor: SailPoint Technologies
Transcript of a BriefingsDirect podcast on SailPoint Technologies' basic tenets of identity and
access management in a rapidly changing and growing IT world. Copyright Interarbor
Solutions, LLC, 2005-2014. All rights reserved.
You may also be interested in:
•
Identity and Access Management as a Service Gets Bost with SailPoint's IdentityNow
Cloud Service
13. •
Defining the New State for Comprehensive Enterprise Security Using CSC Services and
HP Security Technology
•
Identity Governence Becomes Must-Do Item on Personnel Management and Security
Checklist
•
HP Creates Security Reference Model to Better Manage Enterprise Information Risk
•
The Open Group and MIT Experts Detail New Advances in Identity Management to Help
Reduce Cyber Risk
•
Virtualized Desktops Spur Use of 'Bring Your Own Device' in Schools, Allowing
Always-On Access to Education Resources