Docstoc

Identity and Access Management Presentation

Document Sample
Identity and Access Management Presentation Powered By Docstoc
					Identity and Access Management —
       at the Core of Business

Andrew A. Afifi, M.Sc. Network Security, CISSP
           Technology Strategist
Security Management - Challenges

  Do you:
   – Control who has
     access to which
     resources
   – Know what is
     happening in your
     environment
   – Know what to do
     about it
   – Have the tools
     necessary to take
     action
Information Technology Evolution




                                                                                On-Demand
Flexibility




                                                                                Computing
                                                                   Web           and Web
                                                                                 Services


                                            Client/Server


                                            Complexity
              Centralized Infrastructure


                  1960        1970          1980            1990         2000

                                           Time
 Evolution of Information Security

                                        Security Today
Management




                                                                         4th Generation
                                                                         Proactive Security
                                                                         and Accountability
                                                       3rd Generation
                                                        Security as an
                                                          Enabler

                                   2nd Generation
                                   Reactive Security

              1st Generation
             Gates, Guns, Guards


                                                        Time
Business Challenges

  Optimize business
    – Eliminate inefficiencies
    – Reduce menial tasks
  Reduce costs
    – Allow companies to do more with less
    – Enable on-demand capabilities
  Mitigate risks
    – Manage identities — active and inactive
  Enable compliance with industry regulations
    – Health Insurance Portability and Accountability Act (HIPAA),
      Sarbanes-Oxley Act, Gramm-Leach-Bliley Act and others
Identity is at the Core of Business

  Identities must be
   managed
    – Manage who is in your
      environment
    – Control what they can
      access and do
    – Know what users have
      done
  Identity and access
   management is critical to
   total security management
IAM Defined - Gartner
Analysts Input ...

                     What Analyst are Saying
                      Complex
      Customers
                      Integration is key
                      Trend towards suites



       Partners




      Employees
Research Results

                   Business Challenges
                    Costly to manage users and
     Customers       access to assets
                    Difficult to know who has access
                     to what
                    Helpdesk costs continue to grow
                    Difficult to manage users across
      Partners
                     different systems and
                     applications
                    Compliance for various
                     regulations – Basel II, EU
                     Directive, GLB, HIPAA, Sarbanes
                     Oxley
     Employees
Research Results

                   Costs
                    Investing in point products to
     Customers       create a total solution is
                     expensive
                    Complexity of:
                      – Technology
                      – Organization structure
                      – Consolidation of identity stores
      Partners      The cost of doing nothing is
                     not recognized




     Employees
Research Results

                   Technology Needs
                      Better Integration
                      Common UI
     Customers
                      More automation
                      Standards


                   Mainframe
                    Becoming more critical for web
      Partners
                     services
                    New uses – expanded role




     Employees
Success Factors

  Understand and quantify the cost of doing
   nothing
  Implement as you go — start small, then scale
  Support a heterogeneous environment
   – Help ensure broad platform and target system support
  Protect your investments
  Accommodate and correlate multiple data
   repositories
  Help ensure you’re ready on-demand
Success Factors (cont’d)

  Must contain end-to-end audit of all components
  Couple provisioning, enforcement and audit
  Proactive — discovery
  Unified GUI — one touch provision/de-provision
  Completeness — enterprise, customer and
   partners
  Flexible platform or suite — best of both worlds
IAM Strategy




     Integrated Provisioning, Enforcement and Audit
     Across Enterprise and Federated Environments
Identity and Access Management



      “By 2005, the complexity of integrating the
       components of IAM solutions will cause 60
    percent of enterprises to choose product suites
     that are owned or licensed by, and supported
         through, one vendor (0.7 probability).”
   Source: Gartner Group — The Identity & Access Market Landscape , November 2003
Cost of Doing Nothing

  RON  TM



   – Return on Negligence
   – What is the true cost of status quo?
  Calculating costs (define simple formula)
                 Annual turnover X cost of users management
                                      plus
               Annual reorganization X cost of users management
   – Sum of                           plus
              Percentage of access growth (customers, partners) X
                          costs of access management
                                      plus
              Cost of help desk support for password management
                                      plus
                    Users lost productivity X annual turnover

   – What is your cost?
Turning RON Into ROI

  Identify costs leveraging RON calculator
             <Customer Name>



             eTrust Return On Negligence (RoN) Calculator
             It's easy for businesses to quantify mistakes. But the bigger financial risk is the hidden cost of doing nothing.

             Annual Potential for Cost Avoidance Related to eTrust Solutions
                 Potential IT Cost Avoidance Related to User Provisioning                                        $290,649
                 Potential Lost Productivity Costs Avoidance Related to User Provisioning                        $220,027
             Total Potential for Cost Avoidance Related to eTrust Admin                                          $510,676


                 Potential Lost Productivity (Due to Multiple Login Sessions) Costs Avoidance Related to SSO     $673,828
                 Potential Lost Productivity (Due to Trial & Error) Costs Avoidance Related to SSO               $485,156
                 Potential Help Desk Costs Avoidance Related to SSO                                               $156,148
             Total Potential for Cost Avoidance Related to eTrust SSO                                           $1,315,133


                 Potential Application Development Costs Avoidance Related to Web Access Control                 $135,000
                 Potential Security Audits Costs Avoidance Related to Web Access Control                          $20,000
                 Potential Extranets Help Desk Costs Avoidance Related to Web Access Control                     $195,186
                 Potential Downtime Costs Avoidance Related to Web Access Control                                 $30,000
             Total Potential for Cost Avoidance Related to eTrust Web Access Control                             $380,186


             Total Cost of Negligence per Year                                                                 $2,205,995
             Total Cost of Negligence for 3 Years                                                              $6,617,984




  Provision users, resources and privileges
    – Reduce costs — eliminate inefficiencies
    – Enable compliance — adhere to regulatory
      requirements
    – Increase productivity — do more with less
Identity and Access Management



 “There can be a great temptation to do nothing and
   put off the deployment of an Identity and Access
    Management solution, however, this approach
         can store up problems for the future.”

              Source: Butler Group — Identity and Access Management, September 2003
IAM Goals


               Control and manage all
              enterprise and federated
               identities with a single,
             modular, integrated solution

               Complete integration
              Breadth and depth of the
                       solution
               Investment protection
             Total security management
On-Demand Provisioning

  Provisions users, enforcement rights and
   resources
  Provides user access — when new services
   become available — such as servers,
   applications and systems
  Enables users to be automatically created while
   the correct access is granted to the right
   resources
The Foundation for Total Identity and Access Management
Identity across the enterprise, partner and customer
environments




                                                  Complete Identity
                                                    Visualization
User Management
Role Management
Policy-based Management
Self-Service Password Management
Workflow-based Approvals
Business Benefits

  Business optimization
   – Eliminate inefficiencies
   – Reduce menial tasks
  Cost reduction
   – Allow companies to do more with less
   – Enable on-demand capabilities
  Risk mitigation
   – Manage identities — active and inactive
  Regulatory compliance
   – HIPAA, Sarbanes-Oxley Act and others
How CA Uses IAM

  16,000+ employees worldwide
  On the first day of employment:
   – Users have access to applications and systems
       No delay in productivity
   – Users who change roles at CA automatically get new
     access rights
       Role-based management
   – Upon departure, users are immediately removed
       Reduces risks
  Customer and partners access to service
   – Provisioning of users, access and privileges
       Streamlines business processes
Case Study




                              Robert Stone    Mary Rivers      Bill Waltham
                              EVP, Sales      Sr.VP, Product   Strategic Consultant
                              New Division    New Division     “Hired Gun”
                                                               eNEX Consulting, Inc.
  Marge Greene
  Director, Human Resources




                         Plus 24 Other New Hires — Globally — This Week
Case Study – Cont.
                                                               Access &
                                                               Accounts
                                     HR                         Created
                                             Admin
                                     Data
                                             Maps
                                    Passed
                                             Job to
                                      to                                             Legacy eTrust™
                                             Roles
                                    Admin                                           CA-ACF2® Security
                     HR                               eTrust
                                                      Admin         Audit
                    System
                                                                                                          Oracle
Marge Greene                                                    Access Control
Director, Human Resources
                                                                                          SAP


                       WORK FLOW PROCESS                                                                    NT


                                                                                     MS Exchange
                            Procurement

                                                                                                        Sun Solaris


                                                                                     eTrust™ Web
                                                                                    Access Control
                                                                Department
                            Facilities                           Manager
 New Hire                                                       Gives - OK       Enterprise Critical
Robert Stone                                                                     Reliability Unlimited
EVP, Sales
New Division                                                                     Scalability and more
Questions?




             Q&A

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:14
posted:9/1/2012
language:Unknown
pages:32