This document discusses leveraging identity to manage change and complexity in computing environments. It notes that computing goals in the 21st century include controlling risks across multiple environments, giving users appropriate access to needed services, and ensuring security, compliance and portability. The document states that change and complexity place pressure on identity and access management (IAM). It outlines an identity-infused enterprise approach and argues that next-generation IAM solutions should provide an integrated platform for identity, access governance, management and security.

1. Leveraging Identity to Manage
Change and Complexity
Jim Taylor
Vice President of Product Management
Identity & Security

2. Goals of 21st Century Computing
1 Control the Risks and Challenges of computing
across multiple environments.
Users should have the appropriate access at the
2 right time to the computing services they need
to do their jobs.
Computing should be secure, compliant and
3 portable
2 © 2012 NetIQ Corporation. All rights reserved.

3. Change & Complexity = Pressure on IAM
3 © 2012 NetIQ Corporation. All rights reserved.

4. Change & Complexity = Pressure on IAM
4 © 2012 NetIQ Corporation. All rights reserved.

5. The Big Picture
Identity-Infused Enterprise
IT Conflicting Responsibilities
Support compliance
Multiple Business User Requirements
activities
Access Request
Multiple User Environments
Maintain levels of Automation
security Multiple Required Technologies
MS Windows
Access Certification administration
Support strategic Multiple Delivery
objectives Identity Management Demands
Delegated Administration Financial and Business
applications
Respond to changing Access Management Standalone Solution
environments Activity Monitoring and
Reporting Business, End-
User, Partner and Access Governance Integrated Platform
Customer access
Windows Management Virtual Appliance
SaaS Management
Security Management As a Service
5 © 2012 NetIQ Corporation. All rights reserved.

6. It’s All About Identity and Access
What should it do for you ?
What is an Identity? Membership and Access
- Who/What are you? based on Identity
- Name, location, etc. - Applications
- Roles - Systems
- Title, Manager, etc. - Data
- Relationships - Groups
- Employee, Contractor, etc. - Physical Facilities
- Resources
6 © 2012 NetIQ Corporation. All rights reserved.

7. Access – The Big Picture
What does it mean across your entire enterprise?
Who has the Access?
– What level & type of Access?
– Who provided the Access?
– Was it reviewed and is the Access appropriate for each identity?
Is the Access Secure?
– Can I monitor what is being done with the Access?
– What is the risk of giving Access?
Flexible Fulfillment of the Access?
– Can I provision Access across physical, virtual & cloud?
– Privileged and delegated access too?
How do I gain Access?
– Sign-on from any device, from anywhere, for everyone?
– Can the Access be Federated?
7 © 2012 NetIQ Corporation. All rights reserved.

8. The business needs to know?
• Who has Access to what ?
• Is it appropriate Access, has it been checked ?
• Are we compliant ? And can we stay compliant ?
• Do we know our risk ? And can we mitigate it ?
8 © 2012 NetIQ Corporation. All rights reserved.

9. Why Should You Care?

10. Right People, Appropriate Access,
Right Resources, Right Time
10 © 2012 NetIQ Corporation. All rights reserved.

11. Regulatory Pressures
Internal Audit
Board of Directors – Oversight Groups
11 © 2012 NetIQ Corporation. All rights reserved.

12. Mitigate Risk – Stay Out of the Press
~ $2 Billion Loss
~ $7 Billion Loss
12 © 2012 NetIQ Corporation. All rights reserved.

13. What Can You Do About It?

14. Identity, Access and Security
• Software vendors developed Identity, Access and
Security solutions to provide the answer
– Unfortunately these were driven by separate market
requirements and integration was an after thought
– Even though many vendors have improved the integration
between User Provisioning, Access Management and Security
solutions, a different approach is needed
• Next generation Identity solutions need to leverage
common intelligence
– Conclusion is supported by convergence in key markets – for
example – User Provisioning and Access Governance
14 © 2012 NetIQ Corporation. All rights reserved.

15. Identity Management Market
IT and Business focused solutions led to two market
segments within Identity Management
Driven by IT User Provisioning
Driven by the
business Access Governance
15 © 2012 NetIQ Corporation. All rights reserved.

16. Strategy driven by expected market
convergence
User Provisioning and Access Governance markets are
converging
Driven by IT User Provisioning (IDM 4)
Demanding
business-centric
user interfaces
Next Generation Identity and Access
Governance “Business Interface – Trusted
Fulfillment”
Demanding
better
Provisioning
Driven by the
business Access Governance (AGS)
16 © 2012 NetIQ Corporation. All rights reserved.

17. Next Generation IAG
• Characteristics of next generation Identity and Access
Governance
– Provides an common platform that supports a variety of
integrated services.
– Enables vendors, partners and customers to select solution
specific configurations – simplifying deployment and
management.
– Enables services to be dynamically added or removed to respond
to changing business requirements.
– Intelligently reacts to changing service level requirements.
– Seamlessly provides identity services that can be leveraged by
Access Management, Cloud and mobile technologies (Identity
Hub).
– Is platform-independent (broad platform support), high
performance and scalable.
17 © 2012 NetIQ Corporation. All rights reserved.

18. Access Governance
Manage & Certify Access to Achieve Compliance
Identity & Access Governance
Compliance Roles
Re-Certification
Entitlement
Access Request
Creep
18 © 2012 NetIQ Corporation. All rights reserved.

19. Identity & Access Management
Flexible Access Fulfillment Across Physical, Virtual & Cloud
Identity & Access Governance
Roles
Compliance
Management
Re-Certification
Entitlement
Access Request
Management
Identity & Access Management
Federation or
Simplified
Provisioning Trusted
Secure Sign-on
Authentication
Active Directory Privileged
SaaS & Mobility
Administration Administration
19 © 2012 NetIQ Corporation. All rights reserved.

20. Security Management
Understand What Users Are Doing With Their Access
Identity & Access Governance Security Management
Roles Configuration
Compliance Management
Management
Re-Certification
Entitlement Log
Access Request Management
Management
Correlation
Identity & Access Management
Federation or Event
Simplified
Provisioning Trusted Management
Secure Sign-on
Authentication
Active Directory Privileged Remediation
SaaS & Mobility
Administration Administration
20 © 2012 NetIQ Corporation. All rights reserved.

21. NetIQ Governance, Identity & Security
A Full Set of Solutions to Solve Your IT/Business Challenges
Identity & Access Governance Security Management
Roles Configuration
Compliance Management
Management
Access Governance Suite
Re-Certification
Entitlement Log
Sentinel
Access Request Management
Management
Change Guardian
Secure
Correlation
Configuration
Identity & Access Management Manager
Federation or Sentinel Log
Event
Identity Manager Simplified
Provisioning Trusted Manager
Management
Access Manager Secure Sign-on
Authentication
Secure Login
Directory Resource Administrator
Privileged User Manager
Active Directory Privileged
SaaS & MobilityAccess Gateway for Cloud Remediation
Administration Administration
Built on a Foundation of Identity
21 © 2012 NetIQ Corporation. All rights reserved.

22. NetIQ – Positioned to Succeed
Scale to deliver,
with a culture to care.
Application
Management
Systems
Management
Security
Management
Large
$350 Customer Strong Technical
Focused
ISV Million Service Vision Expertise
COMMITTED TO OUR CUSTOMERS’ SUCCESS
22 © 2012 NetIQ Corporation. All rights reserved.

24. This document could include technical inaccuracies or typographical errors. Changes are
periodically made to the information herein. These changes may be incorporated in new
editions of this document. NetIQ Corporation may make improvements in or changes to the
software described in this document at any time.
Copyright © 2011 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the
cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration
Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy
Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit,
PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite,
Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ
Corporation or its subsidiaries in the United States and other countries.