CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers
-
Upload
cloudidsummit -
Category
Technology
-
view
262 -
download
3
Transcript of CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers
![Page 1: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/1.jpg)
Lessons Learned in the First Year of an IAM Program 6.8.15 Matt Chambers Principal, Identity and Access Management
Asurion_Confidential
![Page 2: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/2.jpg)
2 Asurion_Confidential
• Identity • Authentication • Directory • PKI
• 23,500 employees and contractors around the globe
– Turnover: 18,000 employees and contractors a year
IAM at Asurion
![Page 3: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/3.jpg)
3 Asurion_Confidential
• No identity or access management program
• 20 active directory domains some with no trusts
• 3 separate and different user provisioning processes
• Internal applications coded differently for authentication
• A complete mess of an OU structure
• Manual user rights reviews
Where We Where
![Page 4: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/4.jpg)
4 Asurion_Confidential
• IAM program officially kicked off in February 2014
• IAM team formed in April 2014 • Simple automated provisioning for
all users in the enterprise • Automated attestation reviews for
key applications • Collapse of active directory
domains • Self-service password and account
management
IAM Program Goals for 2014
![Page 5: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/5.jpg)
5 Asurion_Confidential
• Include HR • C level support is important • Accurate data is key • Process, process, process • Make sure you know all HR data sources • You will take steps backwards • Dedicated team • It will take time, do not take on to much at once • Do not deploy IAM platform and new HR
system on same weekend
Lessons Learned
![Page 6: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/6.jpg)
6 Asurion_Confidential
• Build on deployed IAM platform • Make IAM platform center of onboard/offboard
process • Continue deployment of attestation reviews for
additional applications • Service account management • Virtual Directory Server • Re-evaluation of authentication platform
Where IAM Goes Next
![Page 7: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/7.jpg)
Asurion_Confidential
THANK YOU Asurion IAM Team Matt Chambers – [email protected] Cory Plastek – [email protected] Whitney Thompson – [email protected]
![Page 8: CIS 2015-Lessons Learned in the First Year of an IAM Program- Matt Chambers](https://reader034.fdocuments.us/reader034/viewer/2022042716/55b85b89bb61eb63378b45d4/html5/thumbnails/8.jpg)
8 Asurion_Confidential
Where we want to be…