SlideShare una empresa de Scribd logo

Building an Identity Management Business Case

Hitachi ID Systems, Inc.
Hitachi ID Systems, Inc.

Developing an IAM Business Case. See more at: http://hitachi-id.com/documents/

Software
1 de 11
Descargar para leer sin conexión
1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda • Business challenges due to managing identities, authentication factors and entitlements. • Identity and access management (IAM) overview. • IAM value proposition. • Supporting metrics. • Effective IAM projects. 3 Business Challenges © 2015 Hitachi ID Systems, Inc. All rights reserved. 1
Slide Presentation 3.1 The User Lifecycle At a high level, the user lifecycle is essentially the same in all organizations and across all platforms. 3.2 IAM in Silos In most organizations, many processes affect many applications. This many-to-many relationship creates complexity: © 2015 Hitachi ID Systems, Inc. All rights reserved. 2
Slide Presentation 3.3 Identity and Access Problems For users For IT support • How to request a change? • Who must approve the change? • When will the change be completed? • Too many passwords. • Too many login prompts. • Onboarding, deactivation across many apps is challenging. • More apps all the time! • What data is trustworthy and what is obsolete? • Not notified of new-hires/terminations on time. • Hard to interpret end user requests. • Who can request, who should authorize changes? • What entitlements are appropriate for each user? • The problems increase as scope grows from internal to external. 3.4 Identity and Access Problems (continued) For Security / risk / audit For Developers • Orphan, dormant accounts. • Too many people with privileged access. • Static admin, service passwords a security risk. • Weak password, password-reset processes. • Inappropriate, outdated entitlements. • Who owns ID X on system Y? • Who approved entitlement W on system Z? • Limited/unreliable audit logs in apps. • Need temporary access (e.g., prod migration). • Half the code in every new app is the same: – Identify. – Authenticate. – Authorize. – Audit. – Manage the above. • Mistakes in this infrastructure create security holes. © 2015 Hitachi ID Systems, Inc. All rights reserved. 3
Slide Presentation 3.5 Business Drivers for IAM Security / controls. • Reliable deactivation. • Strong authentication. • Appropriate security entitlements. Regulatory compliance. • PCI-DSS, SOX, HIPAA, EU Privacy Directive, etc. • Audit user access rights. IT support costs. • Help desk call volume. • Time/effort to manage access rights. Service / SLA. • Faster onboarding. • Simpler request / approvals process. • Reduce burden of too many login prompts and passwords. 3.6 IAM is Linked to Regulations • Many regulations, in many jurisdictions, call for internal controls: – This implies effective AAA: Authentication, Authorization and Audit. • Every system already has AAA. – The weakness is bad user/access data. • The missing link is business process: – Appropriate access rights. – Timely access termination. – Effective authentication. • Identity and access management process and technology are needed to bridge the gap between business requirements and AAA infrastructure. 4 IAM Overview © 2015 Hitachi ID Systems, Inc. All rights reserved. 4
Slide Presentation 4.1 Identity and access management Identity and access management is software to automate processes to securely and efficiently manage identities, entitlements and credentials: Processes: Policies: Connectors: • Data synchronization. • Self-service requests. • Authorization workflows. • Manual and automated fulfillment. • Login ID assignment. • Approvals workflow. • Segregation of duties. • Visibility, privacy. • Applications. • Databases. • Operating systems. • Directories. 4.2 Integrated IAM Processes Business processes Systems and applications with users, passwords, groups, attributes IT processes Identity and Access Management System Hire Retire Resign Finish contract Transfer Fire Start contract New application Retire application Password resetPassword expiry Operating systems Directory Application Database E-mail system ERP Legacy app Mainframe © 2015 Hitachi ID Systems, Inc. All rights reserved. 5
Slide Presentation 4.3 Connecting Users to Applications Identity and access management can be thought of as middleware for pulling security administration out of application silos. Hitachi ID Suite Business processes Synchronization / Propagation Request / Authorization Delegated Administration Consolidated Reporting Target Systems User Objects Attributes Passwords Privileges Related Objects Home Directories Mail Boxes PKI Certs. Employees, contractors, customers, and partners Users 5 IAM Value Proposition 5.1 IAM Benefits Identity and access management systems help organizations lower IT operating cost, improve user productivity and strengthen security: Security / compliance: IT cost: User service: • Reliable, prompt and comprehensive deactivation. • Policy enforcement: segregation of duties, role-based access. • Simplify entitlement audit and cleanup. • Consistently strong authentication. • Reduce help desk, security admin workload and head count. • Simplify, streamline audits. • Simplify change management. • Improve SLA – new hire, new access. • Fewer passwords to remember, enter. © 2015 Hitachi ID Systems, Inc. All rights reserved. 6
Slide Presentation 5.2 Building a Business Case An investment in identity and access management processes and infrastructure is normally supported by cost savings, improved productivity and stronger security: Cost savings Productivity Security Reassign staff out of the help desk or user administration group. Help new users start work sooner and eliminate delays experienced by users who have problems or need changes. Clean up entitlements, enforce security policies and create audit logs. Comply with SOX, GLB, HIPAA, etc. Any business case should be supported by metrics: • Current state. • Desired outcome. 6 Supporting Metrics 6.1 Metrics: Password Management Cost savings Productivity Security • Number of password problem help desk calls per month? • Cost and duration of each call? • Peak staffing to support post-weekend call volumes? • Time spent by users before, during and after a typical password problem? • Value of wasted user time? • How does the help desk authenticate callers? • Current vs. desired password policy on sensitive systems? • Popularity of password "sticky notes?" Example targets: • Reduce password help desk calls by 75%. • Reduce total help desk calls by 25%. • Reduce passwords per user to 2. © 2015 Hitachi ID Systems, Inc. All rights reserved. 7
Slide Presentation 6.2 Metrics: IAM Cost savings Productivity Security • Number of user add / change / deactivate operations per month? • Cost and duration of each operation? • Number of access security admin staff? • Number of different forms used to request new / changed access? • Average time spent by users making requests (find the form, fill it out, send it to the right people, etc.)? • IT SLA to fulfill valid, authorized requests? • SLA to terminate access for ex-employees? Ex-contractors? Example targets: • Reduce onboarding time from 3 days to 3 hours. • Reduce admin FTEs from 6 to 2. • Terminate access within 1 hour of departure. 6.3 Metrics: Access Certification Cost savings Security • Cost of user access audits? • Cost of excess software licenses? • Number of login accounts vs. number of real users? • Security or regulatory exposure due to inappropriate entitlements? • Total number of entitlements on integrated systems. • Average number of entitlements per user. © 2015 Hitachi ID Systems, Inc. All rights reserved. 8
Slide Presentation 6.4 Metrics: Privileged Access Management Cost savings Productivity Security • Person days to change passwords on all privileged accounts. • Annual cost for production migrations because developers cannot be granted temporary access. • Number of admin password changes per month. • Number of emergency admin access events per month. • Number of privileged accounts per platform and total. • Number of systems per shared privileged account. • Time to deactivate terminated system administrators. • Time to determine what systems a departed administrator accessed before leaving. Example targets: • Time to deactivate administrator: 5 minutes. • All admin passwords changed daily. 7 Effective IAM Projects © 2015 Hitachi ID Systems, Inc. All rights reserved. 9
Slide Presentation 7.1 IAM Project Cost License and maintenance for components: • Directory. • Meta-directory. • Identity administration and access governance. • Password management. • Web, enterprise single signon (SSO). Implementation services: • Discovery, design. • Installation, configuration. • Testing, troubleshooting, user acceptance, pilot. • User rollout. • Incentives, user education and awareness. Servers • Hardware. • Operating system license. • Rack space. • Support services. Ongoing costs: • System health monitoring. • Adding features, integrations. • User education, awareness. • Ownership and coordination. 7.2 Minimizing Deployment Cost License model Included tech. Time savers Efficient platform • Simple $/user includes: • All features: – Requests. – Approvals. – Automation. – Certification. – Password/PIN mgmt. – Reports. • All connectors. • Unlimited servers. • Auto-discovery. • DB replication. • Multi-master, active-active. • 110+ connectors. • Manual fulfillment. • Proxy server. • Included web portal, request forms. • Reference implementation. • Policy-driven workflow. • Self-service ID mapping. • Native code (EXE). • Stored procs. • No J2EE or Sharepoint app server. • No separate products for workflow, reports, analytics, governance. • Works with existing directory. © 2015 Hitachi ID Systems, Inc. All rights reserved. 10
Slide Presentation 7.3 Change Management: The Human Factor • Identity and access management can be political: – There are many stake-holders: application owners, security administrators, the help desk, audit, network operations, etc. – It’s hard to get groups of people to agree on anything. – Executive sponsorship is essential to drive consensus. • The user community must be involved: – Needs analysis. – Usability. – User training and awareness. – Incentives and dis-incentives. • This is more about business process than technology: – How does your organization onboard new hires? manage change? terminate? – Business logic must capture authorization, login ID allocation, etc. 7.4 Getting an IAM Project Started • Build a business case. • Get management sponsorship and a budget. • Discovery phase, capture detailed requirements. • Assemble a project team: – security – system administration – user support – etc. • Try before you buy: Demos, POCs, pilots. • Install the software, roll to production. • Enroll users, if/as required. www.Hitachi-ID.com 500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com Date: December 14, 2015 File: PRCS:pres

Recomendados

Lean Fundamentals Course Preview
Lean Fundamentals Course PreviewLean Fundamentals Course Preview
Lean Fundamentals Course Preview
Invensis Learning
 
Business Process Excellence: Building Out Business Process Capabilities
Business Process Excellence: Building Out Business Process CapabilitiesBusiness Process Excellence: Building Out Business Process Capabilities
Business Process Excellence: Building Out Business Process Capabilities
Centric Consulting
 
Yellow belt.pps
Yellow belt.ppsYellow belt.pps
Yellow belt.pps
shalini123xyz
 
Six Sigma Green Belt Course Preview
Six Sigma Green Belt Course PreviewSix Sigma Green Belt Course Preview
Six Sigma Green Belt Course Preview
Invensis Learning
 
Learning Six Sigma
Learning Six SigmaLearning Six Sigma
Learning Six Sigma
Methusael Cebrian
 
Lean Six Sigma Yellow Belt Certification Brochure
Lean Six Sigma Yellow Belt Certification BrochureLean Six Sigma Yellow Belt Certification Brochure
Lean Six Sigma Yellow Belt Certification Brochure
Partner
 
Lean Six Sigma Overview (presentation version)
Lean Six Sigma Overview (presentation version)Lean Six Sigma Overview (presentation version)
Lean Six Sigma Overview (presentation version)
Corey Campbell
 
Presentation for Six Sigma certification
Presentation for Six Sigma certificationPresentation for Six Sigma certification
Presentation for Six Sigma certification
Elena Titova
 

Recomendados

Lean Fundamentals Course Preview
Lean Fundamentals Course PreviewLean Fundamentals Course Preview
Lean Fundamentals Course Preview
Invensis Learning
 
Business Process Excellence: Building Out Business Process Capabilities
Business Process Excellence: Building Out Business Process CapabilitiesBusiness Process Excellence: Building Out Business Process Capabilities
Business Process Excellence: Building Out Business Process Capabilities
Centric Consulting
 
Yellow belt.pps
Yellow belt.ppsYellow belt.pps
Yellow belt.pps
shalini123xyz
 
Six Sigma Green Belt Course Preview
Six Sigma Green Belt Course PreviewSix Sigma Green Belt Course Preview
Six Sigma Green Belt Course Preview
Invensis Learning
 
Learning Six Sigma
Learning Six SigmaLearning Six Sigma
Learning Six Sigma
Methusael Cebrian
 
Lean Six Sigma Yellow Belt Certification Brochure
Lean Six Sigma Yellow Belt Certification BrochureLean Six Sigma Yellow Belt Certification Brochure
Lean Six Sigma Yellow Belt Certification Brochure
Partner
 
Lean Six Sigma Overview (presentation version)
Lean Six Sigma Overview (presentation version)Lean Six Sigma Overview (presentation version)
Lean Six Sigma Overview (presentation version)
Corey Campbell
 
Presentation for Six Sigma certification
Presentation for Six Sigma certificationPresentation for Six Sigma certification
Presentation for Six Sigma certification
Elena Titova
 
Process Measurement - BPM Roundtable QLD
Process Measurement - BPM Roundtable QLDProcess Measurement - BPM Roundtable QLD
Process Measurement - BPM Roundtable QLD
Leonardo Consulting
 
Yellow belt training 68 s
Yellow belt training 68 sYellow belt training 68 s
Yellow belt training 68 s
Rachit Gaur
 
Six Sigma for Beginners- Yellow and Green Belt
Six Sigma for Beginners- Yellow and Green BeltSix Sigma for Beginners- Yellow and Green Belt
Six Sigma for Beginners- Yellow and Green Belt
Rajiv Tiwari
 
Lean Times Require Lean Thinking
Lean Times Require Lean ThinkingLean Times Require Lean Thinking
Lean Times Require Lean Thinking
Thoughtworks
 
Six sigma vs lean
Six sigma vs leanSix sigma vs lean
Six sigma vs lean
kiran
 
Six Sigma Presentation
Six Sigma PresentationSix Sigma Presentation
Six Sigma Presentation
mmaffei61
 
Lean six sigma Yellow Belt Complete training
Lean six sigma Yellow Belt Complete trainingLean six sigma Yellow Belt Complete training
Lean six sigma Yellow Belt Complete training
Ankit Sharma
 
Six Sigma Session For Production And Project Team By Lt Col Vikram Bakshi
Six Sigma Session For Production And Project Team By Lt Col Vikram BakshiSix Sigma Session For Production And Project Team By Lt Col Vikram Bakshi
Six Sigma Session For Production And Project Team By Lt Col Vikram Bakshi
LT COLONEL VIKRAM BAKSHI ( RETD)
 
Lean Six Sigma for companies
Lean Six Sigma for companiesLean Six Sigma for companies
Lean Six Sigma for companies
Imran Abbasi
 
2 Brian Hudson Lean 6 Sigma
2 Brian Hudson Lean 6 Sigma2 Brian Hudson Lean 6 Sigma
2 Brian Hudson Lean 6 Sigma
gueste681ce
 
Applying Six Sigma in Software Companies - siddhesh trivedi
Applying Six Sigma in Software Companies - siddhesh trivediApplying Six Sigma in Software Companies - siddhesh trivedi
Applying Six Sigma in Software Companies - siddhesh trivedi
Siddhesh Trivedi
 
01 overview of lean six sigma
01 overview of lean six sigma01 overview of lean six sigma
01 overview of lean six sigma
viragonline2002
 
Master Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleMaster Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sample
Info-Tech Research Group
 
Six Sigma Presentation
Six Sigma PresentationSix Sigma Presentation
Six Sigma Presentation
CA Aditya Singhal
 
Lean Six Sigma
Lean Six SigmaLean Six Sigma
Lean Six Sigma
Rajan Kanwar, DBL, MBA, LSSBB, Robotics - Engineering
 
Lean vs-six-sigma
Lean vs-six-sigmaLean vs-six-sigma
Lean vs-six-sigma
Rahul Singh
 
Six sigma
Six sigmaSix sigma
Six sigma
Jitesh Gaurav
 
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Alan McSweeney
 
RMS Six Sigma Training 2010 Final
RMS Six Sigma Training 2010 FinalRMS Six Sigma Training 2010 Final
RMS Six Sigma Training 2010 Final
Michael Camp
 
Lean six sigma_webinar_presentation_slides
Lean six sigma_webinar_presentation_slidesLean six sigma_webinar_presentation_slides
Lean six sigma_webinar_presentation_slides
sondhiya
 
Introduction to Identity Management
Introduction to Identity ManagementIntroduction to Identity Management
Introduction to Identity Management
Hitachi ID Systems, Inc.
 
Identity and Access Lifecycle Automation
Identity and Access Lifecycle AutomationIdentity and Access Lifecycle Automation
Identity and Access Lifecycle Automation
Hitachi ID Systems, Inc.
 

Más contenido relacionado

La actualidad más candente

Lean Times Require Lean Thinking
Lean Times Require Lean ThinkingLean Times Require Lean Thinking
Lean Times Require Lean Thinking
Thoughtworks
 
Six Sigma Presentation
Six Sigma PresentationSix Sigma Presentation
Six Sigma Presentation
mmaffei61
 
2 Brian Hudson Lean 6 Sigma
2 Brian Hudson Lean 6 Sigma2 Brian Hudson Lean 6 Sigma
2 Brian Hudson Lean 6 Sigma
gueste681ce
 
Applying Six Sigma in Software Companies - siddhesh trivedi
Applying Six Sigma in Software Companies - siddhesh trivediApplying Six Sigma in Software Companies - siddhesh trivedi
Applying Six Sigma in Software Companies - siddhesh trivedi
Siddhesh Trivedi
 
Master Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleMaster Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sample
Info-Tech Research Group
 
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Alan McSweeney
 
RMS Six Sigma Training 2010 Final
RMS Six Sigma Training 2010 FinalRMS Six Sigma Training 2010 Final
RMS Six Sigma Training 2010 Final
Michael Camp
 
Lean six sigma_webinar_presentation_slides
Lean six sigma_webinar_presentation_slidesLean six sigma_webinar_presentation_slides
Lean six sigma_webinar_presentation_slides
sondhiya
 

La actualidad más candente (20)

Process Measurement - BPM Roundtable QLD
Process Measurement - BPM Roundtable QLDProcess Measurement - BPM Roundtable QLD
Process Measurement - BPM Roundtable QLD
 
Yellow belt training 68 s
Yellow belt training 68 sYellow belt training 68 s
Yellow belt training 68 s
 
Six Sigma for Beginners- Yellow and Green Belt
Six Sigma for Beginners- Yellow and Green BeltSix Sigma for Beginners- Yellow and Green Belt
Six Sigma for Beginners- Yellow and Green Belt
 
Lean Times Require Lean Thinking
Lean Times Require Lean ThinkingLean Times Require Lean Thinking
Lean Times Require Lean Thinking
 
Six sigma vs lean
Six sigma vs leanSix sigma vs lean
Six sigma vs lean
 
Six Sigma Presentation
Six Sigma PresentationSix Sigma Presentation
Six Sigma Presentation
 
Lean six sigma Yellow Belt Complete training
Lean six sigma Yellow Belt Complete trainingLean six sigma Yellow Belt Complete training
Lean six sigma Yellow Belt Complete training
 
Six Sigma Session For Production And Project Team By Lt Col Vikram Bakshi
Six Sigma Session For Production And Project Team By Lt Col Vikram BakshiSix Sigma Session For Production And Project Team By Lt Col Vikram Bakshi
Six Sigma Session For Production And Project Team By Lt Col Vikram Bakshi
 
Lean Six Sigma for companies
Lean Six Sigma for companiesLean Six Sigma for companies
Lean Six Sigma for companies
 
2 Brian Hudson Lean 6 Sigma
2 Brian Hudson Lean 6 Sigma2 Brian Hudson Lean 6 Sigma
2 Brian Hudson Lean 6 Sigma
 
Applying Six Sigma in Software Companies - siddhesh trivedi
Applying Six Sigma in Software Companies - siddhesh trivediApplying Six Sigma in Software Companies - siddhesh trivedi
Applying Six Sigma in Software Companies - siddhesh trivedi
 
01 overview of lean six sigma
01 overview of lean six sigma01 overview of lean six sigma
01 overview of lean six sigma
 
Master Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleMaster Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sample
 
Six Sigma Presentation
Six Sigma PresentationSix Sigma Presentation
Six Sigma Presentation
 
Lean Six Sigma
Lean Six SigmaLean Six Sigma
Lean Six Sigma
 
Lean vs-six-sigma
Lean vs-six-sigmaLean vs-six-sigma
Lean vs-six-sigma
 
Six sigma
Six sigmaSix sigma
Six sigma
 
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
Developing an Acquisition Centre of Excellence for Effective Sourcing and Sup...
 
RMS Six Sigma Training 2010 Final
RMS Six Sigma Training 2010 FinalRMS Six Sigma Training 2010 Final
RMS Six Sigma Training 2010 Final
 
Lean six sigma_webinar_presentation_slides
Lean six sigma_webinar_presentation_slidesLean six sigma_webinar_presentation_slides
Lean six sigma_webinar_presentation_slides
 

Similar a Building an Identity Management Business Case

Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM i
Precisely
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
Precisely
 
Discover365 Integration Presentation
Discover365 Integration PresentationDiscover365 Integration Presentation
Discover365 Integration Presentation
James Garrett
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
Hitachi ID Systems, Inc.
 

Similar a Building an Identity Management Business Case (20)

Introduction to Identity Management
Introduction to Identity ManagementIntroduction to Identity Management
Introduction to Identity Management
 
Identity and Access Lifecycle Automation
Identity and Access Lifecycle AutomationIdentity and Access Lifecycle Automation
Identity and Access Lifecycle Automation
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Maximizing Value
Maximizing ValueMaximizing Value
Maximizing Value
 
Intro to Identity Management
Intro to Identity ManagementIntro to Identity Management
Intro to Identity Management
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
Hitachi ID Access Certifier: Find and remove stale privileges with periodic r...
 
Best Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM iBest Practices for Multi-Factor Authentication on IBM i
Best Practices for Multi-Factor Authentication on IBM i
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Discover365 Integration Presentation
Discover365 Integration PresentationDiscover365 Integration Presentation
Discover365 Integration Presentation
 
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
IBM Solutions Connect 2013 - Increase Efficiency by Automating IT Asset & Ser...
 
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and TechnologyHitachi ID Suite 9.0 Features and Technology
Hitachi ID Suite 9.0 Features and Technology
 
Large Scale User Provisioning with Hitachi ID Identity Manager
Large Scale User Provisioning with Hitachi ID Identity ManagerLarge Scale User Provisioning with Hitachi ID Identity Manager
Large Scale User Provisioning with Hitachi ID Identity Manager
 
Implementing security and controls in people soft best practices - may 2017
Implementing security and controls in people soft best practices - may 2017Implementing security and controls in people soft best practices - may 2017
Implementing security and controls in people soft best practices - may 2017
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 

Más de Hitachi ID Systems, Inc.

How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
Hitachi ID Systems, Inc.
 
Managing Passwords for Mobile Users
Managing Passwords for Mobile UsersManaging Passwords for Mobile Users
Managing Passwords for Mobile Users
Hitachi ID Systems, Inc.
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication Management
Hitachi ID Systems, Inc.
 

Más de Hitachi ID Systems, Inc. (20)

Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Authentication Management
Authentication ManagementAuthentication Management
Authentication Management
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management Suite
 
Privileged Access Management
Privileged Access ManagementPrivileged Access Management
Privileged Access Management
 
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?How Well is Your Organization Protecting its Real Crown Jewels - Identities?
How Well is Your Organization Protecting its Real Crown Jewels - Identities?
 
Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager
Hitachi ID Privileged Access Manager
 
Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
 
Hitachi ID Password Manager
Hitachi ID Password ManagerHitachi ID Password Manager
Hitachi ID Password Manager
 
Hitachi ID Management Suite
Hitachi ID Management SuiteHitachi ID Management Suite
Hitachi ID Management Suite
 
Hitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate EditionHitachi ID Identity Express™ - Corporate Edition
Hitachi ID Identity Express™ - Corporate Edition
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group Manager
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager Brochure
 
Managing Passwords for Mobile Users
Managing Passwords for Mobile UsersManaging Passwords for Mobile Users
Managing Passwords for Mobile Users
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication Management
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioning
 
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
Hitachi ID Privileged Access Manager: Randomize and control disclosure of pri...
 

Último

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Delhi Call girls
 

Último (20)

ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide Deck
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
 
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 

Building an Identity Management Business Case

  • 1. 1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda • Business challenges due to managing identities, authentication factors and entitlements. • Identity and access management (IAM) overview. • IAM value proposition. • Supporting metrics. • Effective IAM projects. 3 Business Challenges © 2015 Hitachi ID Systems, Inc. All rights reserved. 1
  • 2. Slide Presentation 3.1 The User Lifecycle At a high level, the user lifecycle is essentially the same in all organizations and across all platforms. 3.2 IAM in Silos In most organizations, many processes affect many applications. This many-to-many relationship creates complexity: © 2015 Hitachi ID Systems, Inc. All rights reserved. 2
  • 3. Slide Presentation 3.3 Identity and Access Problems For users For IT support • How to request a change? • Who must approve the change? • When will the change be completed? • Too many passwords. • Too many login prompts. • Onboarding, deactivation across many apps is challenging. • More apps all the time! • What data is trustworthy and what is obsolete? • Not notified of new-hires/terminations on time. • Hard to interpret end user requests. • Who can request, who should authorize changes? • What entitlements are appropriate for each user? • The problems increase as scope grows from internal to external. 3.4 Identity and Access Problems (continued) For Security / risk / audit For Developers • Orphan, dormant accounts. • Too many people with privileged access. • Static admin, service passwords a security risk. • Weak password, password-reset processes. • Inappropriate, outdated entitlements. • Who owns ID X on system Y? • Who approved entitlement W on system Z? • Limited/unreliable audit logs in apps. • Need temporary access (e.g., prod migration). • Half the code in every new app is the same: – Identify. – Authenticate. – Authorize. – Audit. – Manage the above. • Mistakes in this infrastructure create security holes. © 2015 Hitachi ID Systems, Inc. All rights reserved. 3
  • 4. Slide Presentation 3.5 Business Drivers for IAM Security / controls. • Reliable deactivation. • Strong authentication. • Appropriate security entitlements. Regulatory compliance. • PCI-DSS, SOX, HIPAA, EU Privacy Directive, etc. • Audit user access rights. IT support costs. • Help desk call volume. • Time/effort to manage access rights. Service / SLA. • Faster onboarding. • Simpler request / approvals process. • Reduce burden of too many login prompts and passwords. 3.6 IAM is Linked to Regulations • Many regulations, in many jurisdictions, call for internal controls: – This implies effective AAA: Authentication, Authorization and Audit. • Every system already has AAA. – The weakness is bad user/access data. • The missing link is business process: – Appropriate access rights. – Timely access termination. – Effective authentication. • Identity and access management process and technology are needed to bridge the gap between business requirements and AAA infrastructure. 4 IAM Overview © 2015 Hitachi ID Systems, Inc. All rights reserved. 4
  • 5. Slide Presentation 4.1 Identity and access management Identity and access management is software to automate processes to securely and efficiently manage identities, entitlements and credentials: Processes: Policies: Connectors: • Data synchronization. • Self-service requests. • Authorization workflows. • Manual and automated fulfillment. • Login ID assignment. • Approvals workflow. • Segregation of duties. • Visibility, privacy. • Applications. • Databases. • Operating systems. • Directories. 4.2 Integrated IAM Processes Business processes Systems and applications with users, passwords, groups, attributes IT processes Identity and Access Management System Hire Retire Resign Finish contract Transfer Fire Start contract New application Retire application Password resetPassword expiry Operating systems Directory Application Database E-mail system ERP Legacy app Mainframe © 2015 Hitachi ID Systems, Inc. All rights reserved. 5
  • 6. Slide Presentation 4.3 Connecting Users to Applications Identity and access management can be thought of as middleware for pulling security administration out of application silos. Hitachi ID Suite Business processes Synchronization / Propagation Request / Authorization Delegated Administration Consolidated Reporting Target Systems User Objects Attributes Passwords Privileges Related Objects Home Directories Mail Boxes PKI Certs. Employees, contractors, customers, and partners Users 5 IAM Value Proposition 5.1 IAM Benefits Identity and access management systems help organizations lower IT operating cost, improve user productivity and strengthen security: Security / compliance: IT cost: User service: • Reliable, prompt and comprehensive deactivation. • Policy enforcement: segregation of duties, role-based access. • Simplify entitlement audit and cleanup. • Consistently strong authentication. • Reduce help desk, security admin workload and head count. • Simplify, streamline audits. • Simplify change management. • Improve SLA – new hire, new access. • Fewer passwords to remember, enter. © 2015 Hitachi ID Systems, Inc. All rights reserved. 6
  • 7. Slide Presentation 5.2 Building a Business Case An investment in identity and access management processes and infrastructure is normally supported by cost savings, improved productivity and stronger security: Cost savings Productivity Security Reassign staff out of the help desk or user administration group. Help new users start work sooner and eliminate delays experienced by users who have problems or need changes. Clean up entitlements, enforce security policies and create audit logs. Comply with SOX, GLB, HIPAA, etc. Any business case should be supported by metrics: • Current state. • Desired outcome. 6 Supporting Metrics 6.1 Metrics: Password Management Cost savings Productivity Security • Number of password problem help desk calls per month? • Cost and duration of each call? • Peak staffing to support post-weekend call volumes? • Time spent by users before, during and after a typical password problem? • Value of wasted user time? • How does the help desk authenticate callers? • Current vs. desired password policy on sensitive systems? • Popularity of password "sticky notes?" Example targets: • Reduce password help desk calls by 75%. • Reduce total help desk calls by 25%. • Reduce passwords per user to 2. © 2015 Hitachi ID Systems, Inc. All rights reserved. 7
  • 8. Slide Presentation 6.2 Metrics: IAM Cost savings Productivity Security • Number of user add / change / deactivate operations per month? • Cost and duration of each operation? • Number of access security admin staff? • Number of different forms used to request new / changed access? • Average time spent by users making requests (find the form, fill it out, send it to the right people, etc.)? • IT SLA to fulfill valid, authorized requests? • SLA to terminate access for ex-employees? Ex-contractors? Example targets: • Reduce onboarding time from 3 days to 3 hours. • Reduce admin FTEs from 6 to 2. • Terminate access within 1 hour of departure. 6.3 Metrics: Access Certification Cost savings Security • Cost of user access audits? • Cost of excess software licenses? • Number of login accounts vs. number of real users? • Security or regulatory exposure due to inappropriate entitlements? • Total number of entitlements on integrated systems. • Average number of entitlements per user. © 2015 Hitachi ID Systems, Inc. All rights reserved. 8
  • 9. Slide Presentation 6.4 Metrics: Privileged Access Management Cost savings Productivity Security • Person days to change passwords on all privileged accounts. • Annual cost for production migrations because developers cannot be granted temporary access. • Number of admin password changes per month. • Number of emergency admin access events per month. • Number of privileged accounts per platform and total. • Number of systems per shared privileged account. • Time to deactivate terminated system administrators. • Time to determine what systems a departed administrator accessed before leaving. Example targets: • Time to deactivate administrator: 5 minutes. • All admin passwords changed daily. 7 Effective IAM Projects © 2015 Hitachi ID Systems, Inc. All rights reserved. 9
  • 10. Slide Presentation 7.1 IAM Project Cost License and maintenance for components: • Directory. • Meta-directory. • Identity administration and access governance. • Password management. • Web, enterprise single signon (SSO). Implementation services: • Discovery, design. • Installation, configuration. • Testing, troubleshooting, user acceptance, pilot. • User rollout. • Incentives, user education and awareness. Servers • Hardware. • Operating system license. • Rack space. • Support services. Ongoing costs: • System health monitoring. • Adding features, integrations. • User education, awareness. • Ownership and coordination. 7.2 Minimizing Deployment Cost License model Included tech. Time savers Efficient platform • Simple $/user includes: • All features: – Requests. – Approvals. – Automation. – Certification. – Password/PIN mgmt. – Reports. • All connectors. • Unlimited servers. • Auto-discovery. • DB replication. • Multi-master, active-active. • 110+ connectors. • Manual fulfillment. • Proxy server. • Included web portal, request forms. • Reference implementation. • Policy-driven workflow. • Self-service ID mapping. • Native code (EXE). • Stored procs. • No J2EE or Sharepoint app server. • No separate products for workflow, reports, analytics, governance. • Works with existing directory. © 2015 Hitachi ID Systems, Inc. All rights reserved. 10
  • 11. Slide Presentation 7.3 Change Management: The Human Factor • Identity and access management can be political: – There are many stake-holders: application owners, security administrators, the help desk, audit, network operations, etc. – It’s hard to get groups of people to agree on anything. – Executive sponsorship is essential to drive consensus. • The user community must be involved: – Needs analysis. – Usability. – User training and awareness. – Incentives and dis-incentives. • This is more about business process than technology: – How does your organization onboard new hires? manage change? terminate? – Business logic must capture authorization, login ID allocation, etc. 7.4 Getting an IAM Project Started • Build a business case. • Get management sponsorship and a budget. • Discovery phase, capture detailed requirements. • Assemble a project team: – security – system administration – user support – etc. • Try before you buy: Demos, POCs, pilots. • Install the software, roll to production. • Enroll users, if/as required. www.Hitachi-ID.com 500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com Date: December 14, 2015 File: PRCS:pres