INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that...
-
Upload
lambert-warren -
Category
Documents
-
view
216 -
download
0
Transcript of INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that...
![Page 1: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/1.jpg)
INNOVATIONleave it to us.Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology is at its best.
ATP – Dublin, OHAugust 14, 2013
![Page 2: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/2.jpg)
Operational Since 2004
Privately Owned
D&B Rating of 95%
65+ Consultants
Proven methodology & approach, 95% of employees are US Citizens, 100% are W2, 25% have US Government security clearances, each consultant has an average of +5 years experience in Identity and Access Management, & our consultants are located throughout North America
Vendor Partnerships with: Aveksa, Axiomatics, Avatier, CA, Courion, CyberArk, FoxT, Hitachi, IBM, Microsoft, NetIQ (Novell ), Oracle (includes Sun & Passlogix), PingIdentity, Quest (Dell), RSA & SailPoint
Oracle Platinum Partner
NetIQ Elite Partner
CA Elite Partner
Hundreds of Successful Engagement with Clients Across Multiple Sectors
WHO IS IDMWORKS
Identity & Access Management | Managed Services | Custom Application Development | Data Center Solutions
For more information please visit our website:www.idmworks.com
2 of 29
www.idmworks.com
![Page 3: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/3.jpg)
IDENTITY &ACCESSMANAGEMENT
What is
![Page 4: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/4.jpg)
4 of
IDMWORKS is one of the top ten Identity and Access Management IAM consultancies in the US with extensive experience helping clients solve challenges across all IAM disciplines and vendor technologies according to Gartner 2012.
Identity & Access
management
Custom development
Data center migration
Managed services
29
![Page 5: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/5.jpg)
Gartner Definitionsof the iam spaceASSESSMENT & ROADMAP Review and Planning
User ProvisioningAutomation of user management and access to systems within an organization
Change ManagementAutomation and support for development, rollout and maintenance of system components from current state to future state
Role LifeCycle ManagementModeling and implementation of Roles within an organization
Access ManagementReal-time enforcement of application security using identity-based controls and provisioned access rights
GovernanceImplementation of a controls based framework and a robust governance program
Audit & ComplianceSupport for laws, regulation and policies defined within an organization for Business and IT Development Program, Military Health Systems (MHS), US Army, US Air Force, US Navy
6 of
www.idmworks.com
29
![Page 6: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/6.jpg)
Success Approach
7 of
www.idmworks.com
Validate your current state
Highlight your constraints
Identify your crucial success factors
Define your desired state & first win
Develop your blueprint
Deliver a step by step roadmap:
CostsTimelinesMilestonesBusiness Justification
29
![Page 7: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/7.jpg)
Product Areas in IAM
www.idmworks.com
Provisioning & Password
Management
Access Control
Access Governance
Single Sign-on & Federation
Privileged User Management
8 of 29
![Page 8: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/8.jpg)
9 of
Provisioning & Password Mgt
www.idmworks.com
Trouble Ticket System
Spreadsheet
Emails
EmployeeAdds
MovesDeletes
Human Resources
Active Directory
Applications
Applications
Applications
29
![Page 9: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/9.jpg)
10 of
Provisioning & Password Mgt
www.idmworks.com
Trouble Ticket System
Spreadsheet
Emails
EmployeeAdds
MovesDeletes
Human Resources
Active Directory
Applications
Applications
Applications
Reports/Audits
Reports/Audits
Reports/Audits
Manual System Requires Multi-Steps
Takes Weeks or Months
No Audit Trail
29
![Page 10: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/10.jpg)
11 of 29
Provisioning & Password Mgt
www.idmworks.com
Provisioning & Password Management
Identity Management
SystemEmployee
AddsMovesDeletes
Human Resources
Active Directory
Applications
Applications
Applications
Reports/Audits
Automated/self-service system
Real time
Includes audit Trail
ORACLE | NETIQ | CA | QUEST | COURION | MICROSOFT | IBM |SAILPOINT | AVEKSA
![Page 11: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/11.jpg)
VOICE OF EXPERIENCE
12 of
www.idmworks.com
Assess environment and interview stakeholders to find gaps in “as-is” and “should-be” statesForm a team of Business Owners, IT Sec, Audit and Compliance Focus on workflow and narrow the initial goal:
Human or non-human Address mobile environment (BYOD) Areas that can be improved quickly
Gain Executive buy-in for funding by focusing on gains: Automate the account process: new, change, & remove for efficiency Improved speed to onboard Improve security on entitlement creep Improved audit on off-boarding Speed to deliver audit data
29
![Page 12: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/12.jpg)
13 of
Validating accessentitlements
www.idmworks.com
Trouble Ticket System
Spreadsheet
Emails
EmployeeAdds
MovesDeletes
Human Resources
Active Directory
Applications
Applications
Applications
Reports/Audits
Reports/Audits
Reports/Audits
RBAC: Create RoleABAC: Define AttributesPBAC: Create PoliciesAutomate AccessSingle Sign-OnAccess
Control
29
![Page 13: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/13.jpg)
14 of
Validating accessentitlements
www.idmworks.com
Trouble Ticket System
Spreadsheet
Emails
EmployeeAdds
MovesDeletes
Human Resources
Active Directory
Applications
Applications
Applications
Reports/Audits
Reports/Audits
Reports/Audits
Automated Validation of EntitlementsAttestationAutomated AuditAccess
Control
Access Governance
29
![Page 14: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/14.jpg)
15 of 29
Validating accessentitlements
www.idmworks.com
Automated Changes Real-Time1) Policy Enforcement2) Management Approvals3) Audit Trail
AttestationAccess
Control & Governance
AGS System
Provisioning & Password
Management
Identity Managemen
t System
Reports/Audits
Reports/Audits
Human Resources
Active Directory
Applications
Applications
Applications
ORACLENETIQCADELL/QUESTCOURIONIBMAVATIERSAILPOINTAVEKSAAXIOMATICS
![Page 15: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/15.jpg)
VOICE OF EXPERIENCE
16 of 29
www.idmworks.com
Assess environment and interview stakeholders to find key applications that require automation for improved compliance Form another team of Business Owners & IT Sec to define the ideal user experience (Employee and Manager)Review organizational goals around user accounts:
RBACABACPBAC
Automate the process, then look for the orphans and exceptions Focus on:
Speed to respond and remediate audit findingsAutomation of manual audit response process Address mobile environment (BYOD)
![Page 16: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/16.jpg)
17 of 20
Access to external apps
www.idmworks.com
Every Application Requires Integration to Every External Application for Access
Manual Process Requires App DevelopmentTakes Weeks or MonthsNo Common ControlNo Audit
EmployeeAdds
MovesDeletes
SystemAdds
MovesDeletes
Applications
Applications
Applications
Trouble Ticket
SystemSpreadsheet Emails
![Page 17: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/17.jpg)
18 of 29
Access to external apps
www.idmworks.com
Centralized SecurityPolicy EnforcementComplete Audit Trail
EmployeeAdds
MovesDeletes
SystemAdds
MovesDeletes
Applications
Applications
Applications
Trouble Ticket
SystemSpreadsheet Emails
ORACLE NETIQ CA DELL/QUESTMicrosoftPingIdentityIBM
Single Sign On and Federation
![Page 18: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/18.jpg)
VOICE OF EXPERIENCE
19 of 29
www.idmworks.com
Focus on the client Employee satisfaction around SSOCustomer / Partner integration (ease of doing business)
Assess the number of SAS connections and pick two for early federation to use as a use case for standard approach Consider human and non-human systems integration Tie project with cloud initiatives
HR CRMSupply chain
![Page 19: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/19.jpg)
Root Access
Root Access
Root Access
Root Access
Root Access
In addition to System Admins, Dbase Admins, Server Admins & Infra Admins… Every Non Human Applications Have Access to Systems Which Requires Manual Development & Audit
System Admins
ITAdmins
Developers
Applications
Applications
Applications
PRIVILEGEDUSER ACCESS
Everyone has same accessNo audit
20 of 29
![Page 20: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/20.jpg)
System Admins
ITAdmins
Developers
Applications
Applications
Applications
PRIVILEGEDUSER ACCESS
Can filter accessLog usage and record suspicious activity Audit
Privileged User Management
Password VaultSession Record
Request
One-time use
21 of 29
![Page 21: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/21.jpg)
VOICE OF EXPERIENCE
22 of 29
www.idmworks.com
Form a team of IT Sec, Development, Audit and Compliance to define the approach to control “superuser” access
Assess your current state and define gaps to desired state Implement a Privileged User/Account/Access Management
solution Automate the process, then look for orphans and exceptions
![Page 22: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/22.jpg)
ORACLENETIQCADELL/QUESTCOURIONMICROSOFTAVATIERSAILPOINTAVEKSA
ORACLENETIQCADELL/QUESTCOURIONIBMAVATIERSAILPOINTAVEKSAAXIOMATICS
ORACLENETIQCA, IBMDELL/QUESTMICROSOFTPINGIDENTITY
VENDORS www.idmworks.com
Provisioning & Password
Management
Access Control
Access Governance
Single Sign-on & Federation
Privileged User Management
ORACLEDELL/QUESTCYBERARK
23 of 29
![Page 23: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/23.jpg)
IDMWORKS FOOTPRINT
3 of
www.idmworks.com
HIGHER EDUCATION West Virginia U, Ithaca College, City University of New York, U of Massachusetts, Embry-Riddle Aeronautical University, Widener College, Coppin State College, Syracuse U, Ohio State U, Northland College
FINANCIAL Alliance Data, TD Bank N.A., Freddie Mac, Woodforest National Bank, Northern Trust Bank, ITT, Capital One, M&T Bank, MBNA, Great American Financial, JPMC
COMMERCIAL General Motors, Lowes, Holland America Line, Carmax, Subaru of America, AAA, Freightliner, Condé Nast, Gartner, Paychex, Tyco Electronics, Toyota Motor Sales, Dell, AON, Towers Perrin, Rohn & Haas, Rockwell Automation, McDonalds Corp, Oppenheimer Funds, Nike
HEALTH CARE Dignity Health, Health First, Catholic Healthcare West, Children’s Hospital ofPhiladelphia (CHOP), Priority Health, Excellus BCBS, Wellmark BCBS, Kaiser Permanente, Horizon BCBS, BCBS Michigan, Carefirst BCBS, Cincinnati Children’s, Unitrin, Guardian, Select Medical, Center for Medicare & Medicade, United Health Group, GlaxoSmithKline, Baylor Health Group, Lawrence Livermore National Laboratory
UTILITIES ERCOT, Pennsylvania Power & Light, We Energies, Midwest ISO, Uti
GOVERNMENT Department of Defense (DOD), Joint Chiefs of Staff, Defense Information System Agency (DISA), United Nations Development Program, Military Health Systems (MHS), US Army, US Air Force, US Navywww.idmworks.com
STATE & LOCAL NYDOH, Hennepin County 29
![Page 24: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/24.jpg)
CLIENT CASE STUDY
24 of 29
www.idmworks.com
60,000 employee Healthcare Provider Operating forty facilities throughout CA, NV & AZ6000 employee changes per month (was manual & batch processing)Legacy IdM environment migrated to new provisioning platformCentralized authentication & authorization
Identified most critical applicationsAutomated access to top 25 application with plan for +400 other applicationsImproved audit compliance requirements
PROVISIONING
![Page 25: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/25.jpg)
CLIENT CASE STUDY
25 of 29
www.idmworks.com
8700 employees operating in 70 countries with numerous remote usersLargest independent provider of insurance claims management solutions for risk and insurance industry Access Governance project
Initial quick start didn’t produce fully functional system Tied role management to provisioning Access rights can be de-provisioned real-timeAutomated logging & reporting for compliance
ACCESS GOVERNANCE
![Page 26: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/26.jpg)
CLIENT CASE STUDY
26 of 29
www.idmworks.com
44000 employee apparel manufacturer & retailer operating worldwide Huge supply chain network with numerous SAS connections Trusted partners in the US and overseasFederated identity and Federated single sign-on needs addressedAutomated logging and reporting for compliance
SINGLE SIGN-ON & FEDERATION
![Page 27: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/27.jpg)
Key Questions
27 of 29
CONTACT USLorem ipsum dolor, 03663, State, CountryP. 123 456 7890 / [email protected]
www.idmworks.com
Who are the key stakeholders in your IAM project(s)?How are you communicating cost benefits of your identity and access management system(s)?Have you assessed the following:
Automated ProvisioningPassword ManagementAccess Governance Single Sign-On & FederationPrivileged User Access Management
How are you maintaining and improving IAM systems?How are you working with audit and compliance ?
![Page 28: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/28.jpg)
ASSESSMENT APPROACH
28 of 29
www.idmworks.com
Validate your current stateHighlight your constraintsIdentify your crucial success factorsDefine your desired state & first winDevelop your blueprintDeliver a step by step roadmap:
CostsTimelinesMilestonesBusiness Justification
![Page 29: INNOVATION leave it to us. Business leadership demands best-of-breed technology. We believe that every business can be at its best, if their technology.](https://reader038.fdocuments.us/reader038/viewer/2022110103/56649d8b5503460f94a716a7/html5/thumbnails/29.jpg)
THANK YOU