The document presents the Hitachi ID Group Manager, a tool for managing user lifecycle and security group memberships in both on-premises and cloud applications. It highlights the challenges posed by numerous security groups in medium to large AD environments and demonstrates how the tool facilitates self-service management for users, easing the administrative burden on IT. The solution aims to streamline access to network resources while allowing group owners to authorize member requests, enhancing overall security and efficiency.

1. 1 Hitachi ID Group Manager
Managing the User Lifecycle
Across On-Premises and
Cloud-Hosted Applications
Self service management of security group membership.
2 Agenda
• Introductions.
• Hitachi ID corporate overview.
• Hitachi ID Suite overview.
• Managing membership in large numbers of AD groups.
• The Hitachi ID Group Manager solution.
• Animated demonstration.
© 2017 Hitachi ID Systems, Inc. All rights reserved. 1

2. Slide Presentation
3 Hitachi ID corporate overview
Hitachi ID delivers access governance
and identity administration solutions
to organizations globally.
Hitachi ID IAM solutions are used by Fortune
500
companies to secure access to systems
in the enterprise and in the cloud.
• Founded as M-Tech in 1992.
• A division of Hitachi, Ltd. since 2008.
• Over 1200 customers.
• More than 14M+ licensed users.
• Offices in North America, Europe and
APAC.
• Global partner network.
© 2017 Hitachi ID Systems, Inc. All rights reserved. 2

3. Slide Presentation
4 Representative customers
5 Hitachi ID Suite
© 2017 Hitachi ID Systems, Inc. All rights reserved. 3

4. Slide Presentation
6 Problem: Too many security groups
Medium to large AD environments have
thousands of security groups:
It is challenging to manage group
membership on this scale:
• Control access to printers, shares and
folders.
• Membership in mail distribution lists.
• User needs constantly change.
• Users do not understand groups or ACLs.
• Users don’t know which groups they need.
• Who authorizes membership in each
group?
7 HiGM: Self service management of security group membership
• Hitachi ID Group Manager enables users to request access to network resources such as
applications or file folders using an intuitive Web-based interface.
• Behind the scenes, HiGM creates requests for security group membership and automatically tracks
authorization by the appropriate stake-holders.
• HiGM makes administration of security entitlements simple and efficient and so fosters collaboration
and reduces security administration workload.
© 2017 Hitachi ID Systems, Inc. All rights reserved. 4

5. Slide Presentation
8 HiGM features
Hitachi ID Group Manager enables self-service administration of user access to network resources –
shares, folders, etc.:
• Intercept:
– The Windows "Access Denied" error dialog and send users to the appropriate workflow /
group membership request screen.
• Browse:
– Users find the resources they want using HiGM.
• Request:
– Users ask for access to a resource (no knowledge of groups required).
• Map:
– HiGM maps user requests to group membership.
• Route:
– A workflow request is created dynamically and sent to the group’s owner plus anyone else
specified by policy.
• Provision:
– Upon approval, the user is added to the appropriate group.
• Notify:
– Users and authorizers are sent thank-you notes.
© 2017 Hitachi ID Systems, Inc. All rights reserved. 5

6. Slide Presentation
9 Multi-master architecture
“Cloud”
Reverse
web
proxy
VPN server
IVR server
Load
balancers
E-mail
system
Ticketing
system
HR
Hitachi ID
servers
Hitachi ID
servers
Firewalls
Proxy server
(if needed)
Mobile
proxy
SaaS apps
Managed
endpoints
Managed endpoints
with remote agent:
AD, SQL, SAP, Notes, etc
z/OS - local agent
MS SQL databases
Password synch
trigger systems
Native password
change
Manage
Mobile UI
AD, Unix, z/OS,
LDAP, iSeries
Validate pw
Replication
System of
record
Tickets
Notifications
and invitations
Data center A
Data center B
Remote data center
TCP/IP + AES
Various protocols
Secure native protocol
HTTPS
10 Intercept Access Denied Dialogs
Animation: ../../pics/camtasia/v10/higm-A-request-folder.mp4
11 Authorization of a request for security group membership
Animation: ../../pics/camtasia/v10/higm-B-request-approve.mp4
© 2017 Hitachi ID Systems, Inc. All rights reserved. 6

7. Slide Presentation
12 Request approved, user can access the folder
Animation: ../../pics/camtasia/v10/higm-C-approved-open-file-nb.mp4
13 Hitachi ID Suite Overview
• Hitachi ID Group Manager is a component of Hitachi ID Suite.
• Hitachi ID Suite is designed to streamline management of users and passwords for enterprise users.
• Three integrated IAM products, used by over 14M users, that can:
– Discover and connect identities across systems and applications.
– Securely and efficiently manage entitlements and credentials.
– Secure and monitor access to privileged accounts.
14 Summary
Hitachi ID Group Manager helps organizations to more quickly, efficiently and intuitively manage
membership in large numbers of Active Directory groups:
• Users focus on network resources, not groups.
• Group owners, not IT, authorize requests for resource access.
• IT security administrators manage the process, not individual requests.
• Auditors can monitor current group membership and how users came to have the rights they do.
Learn more at Hitachi-ID.com/Group-Manager.
... or ... E-mail sales@Hitachi-ID.com
www.Hitachi-ID.com
500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com
Date: 2017-03-15 | 2017-03-15 File: PRCS:pres