CA Identity Suite

CA Identity Suite

Santiago CavannaSecurity Solution Account DirectorArgentina, Chile, Bolivia, Uruguay y Paraguay.

Twitter https://twitter.com/scavannaOffice: +54-11-43-17-15-95 | Mobile: +54-911-41-65-15-47 | [email protected]

2 © 2015 CA. ALL RIGHTS RESERVED.

The World of Identity Management & Governance


Identity Management shifts from being IT-centric…

IT-aware users

to Business-centric…

Business users & Customers(Often mobile)


Demands of the Business User

Support my device

Businessfriendly

Decision support tools

Unified interface

Productivity

Customized experience

4


CA Changes the Game



Convenient, intuitive, business-oriented user experience

A One-Stop Shop for business user access to all identity services

User experience that is specifically designed for business. Uses terms that business users understand.

– Business-oriented proactive analytical & advisory tools

– Personalized dashboards

– Business-oriented resource names


Automated Provisioning

Wizard-based on-boarding of new users (including self-registration), such as employees, business partners and contractors.

Manages identities, roles, and policies across on-prem & cloud applications

Customizable workflows support the unique way each organization approves, and schedules these activities.

Broad set of connectors to target systems


Access Requests

Easy-to-use access request process through an intuitive 'Shopping Cart‘ experience.

Conveniently request roles and entitlements from a Business Entitlements Catalog, view current access privileges, track the status of previous requests, copy users permissions, compare users and select from saved favorites.

All requests can be checked for segregation of duties compliance.


Internet

Access

SAP CRM

HR Portal

Online

Payroll

Business Entitlement CatalogMoving from IT terms…..

HR_SEC_SYSJA01_RPTABIZOBJ_AUDIT_J100I

AD_WEBSEC_INNET

SAP_Role_Mng_Cust

VPN_TANT01_GROUP23

SAP_View_Rep_BZ50

AD_GROUP_ACCESS_W50

AD_GROUP_002_All

SAP_Portal_M45

FIN_AA23

IM_PRVN_Portal_002

DIC

TIO

NA

RY

SVRFin33_Access

….to Business terms


Expedite, track, manage and control your requests through an intuitive ‘social network’ like experience.

Improves manager productivity and provides audit reporting of approvals

Request Tracking


Certification Campaigns

Simplifies and centralizes all necessary compliance activities in one place.

Business entitlements catalogue simplifies certifications

Risk analysis highlights risky access to:

– enable real-time remediation– improve policy enforcement– Simplify regulatory compliance.

CRM Customer

view

Update HR reports

View Billing

Reports


Risk Analyzer & Simulator

RISK ANALYZER is based on an advanced, robust rules engine that calculates user risk score in real time:

– Calculates and displays users' risk scores and alerts whenever it detects a risky user.

– Updates risk scores continually based on changes to user privileges, user attributes and other contextual factors.

– Simulates in real time the user's risk score changes in the context of access requests.


Prevent Violations

Provides three levels of preventive controls, based on risk and violation types and severity levels, when high-risk users or violating transactions are detected:– Displays an informative alert, or– Requires justification in order to

proceed with the action, or– Rejects the action.


Launchpad gives the user quick links to other web applications, internal or external

• The links can be CA Identity Portal configured links• Clicking on a link will redirect the user to the

application in another tab/window

CA Identity Portal offers authorization level to expose Launchpad applications to specific users based on their permissions

• Users can request for access to web applications and then get a quick link to open the application

Applications Launchpad


Identity on-the-go

Managers can manage identities and entitlements on-the-go.

Allows the organization to support BYOD policy, and to improve efficiency, responsiveness, and user satisfaction while reducing security risks.


Brand your Identity

Provides role and branding customization of the user interface. Administrators can control the look and feel of:– Logo– Color scheme– Font size– Background image


But, the IT user has needs too!

Policy enforcement

Low TCO

Application connectivity

Fast provisioning

Fast ROI

Compliance reporting & auditing

17


Business-Oriented User Experience

CA Identity Management & Governance Capabilities

IDENTITY MANAGEMENT & GOVERNANCE

LIFECYCLE

CAPABILITIES Automated provisioning User self-service Supports on-premise & cloud apps Deployment tools

BUSINESS VALUE Increased efficiencies Reduced Help Desk costs Flexibility for your cloud adoption Customization without coding

CAPABILITIES Role mining & analytics Privilege clean-up Automated access certifications Access policy enforcement

BUSINESS VALUE Simplify user management Highlights improper entitlements Simplified compliance Prevents policy violations

Management Governance


Reducing your TCO

Px

Cx

Cfx

PolicyXpressCustomization Without Coding

ConnectorXpressCreate Connectors To Databases And LDAP

ConfigXpressEnvironment Management


Connector XpressSimplifying connectivity to apps and data

High cost and TTV to develop customer connectors

High maintenance costs

Difficult and costly customization

THE CHALLENGE

Wizard-based tool to easily create connectors

Provision to relational database tables and LDAP directory servers

Customization without coding

CAPABILITIES:

Customers

Partners

Employees

Directories

Databases

Reduced deployment time for environments with custom apps

Reduces ongoing development & maintenance costs

BENEFITS:

Custom Apps

Generated Connectors

Cx


Policy XpressImplementing business policy without coding

Implementing business policy requires coding –> high development costs

Ongoing maintenance costs for code

Difficult to audit and validate policy enforcement

Wizard-based tool to implement policy in applications

Pre-defined actions at specific times during a user transaction

Customization without coding

Users

Customization takes minutes, not days or weeks!

Eliminates code maintenance costs

No need for special coding skills

Reduces errors in policy enforcement due to coding mistakes

DefinePolicy

Admins

Business Policies

Px

Px

THE CHALLENGE CAPABILITIES: BENEFITS:


Config XpressSimplifying configuration management

Migration between environments is time-consuming and error-prone

Lack of documentation of status of each component

Environment import from live systems or through exported files

Change-analysis reports highlight differences between environments

“Push-button” configuration documentation

Reduced time to migrate environments

Improved visibility into config status

Reduced TCO

Development Test Production

Business Logic

Identity Manager

Identity Manager

Identity Manager

Business Logic Business Logic

Cfx



Config XpressSimplifying configuration management

Development Test Production

Business Logic

Identity Manager

Identity Manager

Identity Manager

Business Logic Business Logic

Migration between environments is time-consuming and error-prone

Lack of documentation of status of each component

Environment import from live systems or through exported files

Change-analysis reports highlight differences between environments

“Push-button” configuration documentation

Reduced time to migrate environments

Improved visibility into config status

Reduced TCO


–Customer comments on the Config Xpress tool

“Thank you…..Thank you!!!!”

“Incredibly valuable tool!”

Cfx


CA Identity SuiteDesigned with your IT & Business needs in mind

Deep Provisioning

Access Requests

Certifications

Role Analytics

Self-Service

Access Governance

Privilege Cleanup

Risk Analysis

Policy Enforcement

Deployment Tools

Capabilities

BusinessIT


CA Identity SuiteDesigned with your IT & Business needs in mind

Great User Experience

Improved Productivity

Customized Experience

Mobile Access

Easy access to all my apps

Identity automation

Reduced entitlement risk

Reduced TCO

Reduced Help Desk costs

Simplified Compliance

Benefits

BusinessIT


Why CA Identity Suite?

Business-oriented user experienceBusiness-oriented application

simplifies use and improves user

satisfaction. A Business Entitlements

Catalogue greatly simplifies access

requests by business users.

Reduced TCO through streamlined deploymentXpress tools simplify connectivity to

homegrown apps, enable business policy

definition without coding, and

streamline migration between

Development-Test-Production

One-stop-shop for access to all identity servicesSimplified, centralized interface

improves productivity and user

satisfaction/loyalty

Risk analysis & simulationAdvanced, robust rules engine that

calculates user risk score in real time,

and generates alerts on a risky user

access request.

Secures on-premise and cloud applicationsCentralized control of identities,

users, roles and policies across

on-premise and cloud applications.

ProvenScalabilitySupports many large, complex

environments today. Can address

your needs as they grow.


CA Identity Management and GovernanceCustomer Success

Rankings based on Fortune.com. Gov ranking based on # of employees

3 out of the top 6 US Government Agencies

5 out of the top 7 Manufacturing4 out of the top 5 Telecoms

9 out of the top 15 Fortune 500


CA Identity Management & GovernanceAnalyst Reviews & Industry Awards

1Leadership Compass: Access Governance: Martin Kuppinger, Oct 20141Leadership Compass: Identity Provisioning,: Martin Kuppinger, Apr 20141Leadership Compass: IAM/IAG Suites: Martin Kuppinger, Nov 20142Identity and Access Management Suites: Q3 2013; Forrester Research Inc.; September 4, 2013

Leader:

• Access Governance: Oct, 2014

• Identity Provisioning: Apr, 2014

• IAM/IAG Suites, Nov, 2014

Kuppinger-Cole Leadership Compass1 Forrester Wave2

Leader:

Identity and Access Management Suites: Sept, 2013


Industry awards for CA Identity Management

CA Identity Manager Best Identity Management Solution of 2015

Winner in 2013, Finalist in 2014

"The Reader Trust Award is unique because it represents the voice of the people who are using these products and services every day. CA Identity Manager was chosen as the Best Identity Management Solution winner for its ability to meet and exceed the needs of its customers."

Illena Armstrong, Vice President, editorial, SC Magazine


Legal NoticeCopyright © 2015 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. No

unauthorized use, copying or distribution permitted.

THIS PRESENTATION IS FOR YOUR INFORMATIONAL PURPOSES ONLY. CA assumes no responsibility for the accuracy or completeness of the information. TO

THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENT “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION,

ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. In no event will CA be liable for any loss or

damage, direct or indirect, in connection with this presentation, including, without limitation, lost profits, lost investment, business interruption, goodwill, or

lost data, even if CA is expressly advised of the possibility of such damages.

Certain information in this presentation may outline CA’s general product direction. This presentation shall not serve to (i) affect the rights and/or obligations

of CA or its licensees under any existing or future written license agreement or services agreement relating to any CA software product; or (ii) amend any

product documentation or specifications for any CA software product. The development, release and timing of any features or functionality described in this

presentation remain at CA’s sole discretion.

Notwithstanding anything in this presentation to the contrary, upon the general availability of any future CA product release referenced in this presentation,

CA may make such release available (i) for sale to new licensees of such product; and (ii) in the form of a regularly scheduled major product release. Such

releases may be made available to current licensees of such product who are current subscribers to CA maintenance and support on a when and if-available

basis.

The information and results illustrated here are based upon each identified customer’s unique experiences with the referenced software product in a variety of environments, which may include production and non-production environments. Past performance of the software products in such environments is not necessarily indicative of the future performance of such software products in identical, similar or different environments.


Thank you!

© 2015 CA. All rights reserved.

Customer success stories


Streamlining identity managementCase study: A large, multi-national media/broadcasting company

CONTRACTORS

150K+ Users

Challenges:

Fragmented entitlements

lack of visibility of access orphan accounts overlapping access

Manual entitlement reviews

No standardized role definitionsPARTNERS

EMPLOYEES

800+ Apps15K+ Unix servers

31K+ Windows servers55K+ Devices

These 3 slides describe the

Comcast use case

(delete this before showing)



CA Identity Suite

CONTRACTORS

PARTNERS

EMPLOYEES

Consistent role definitions Remediated orphan accounts/incorrect access Seamless access to apps and assets Shopping cart experience for access requests

RESULTS:

Reduced onboarding SLAs (5 day to minutes!) Vast improvement in ease of administration “Day 1 Productivity” Reduced time for certification campaigns (50 campaigns went

from 12 weeks to 3)

BENEFITS ACHIEVED:

IdentityPortal

IdentityManagement

IdentityGovernance

Roles



CONTRACTORS

PARTNERS

EMPLOYEES

Consistent role definitions Remediated orphan accounts/incorrect access Seamless access to apps and assets Shopping cart experience for access requests

RESULTS:

Reduced onboarding SLAs (5 day to minutes!) Vast improvement in ease of administration “Day 1 Productivity” Reduced time for certification campaigns (50 campaigns went

from 12 weeks to 3)

BENEFITS ACHIEVED:

IdentityPortal

IdentityManagement

IdentityGovernance

Roles–Chief Infrastructure and Information Security Officer

“We have been able to help simplify identity management processes and make engagement easy for our business leaders without compromising our security and compliance needs.”


Customer

Success“We have been able to help simplify identity management processes and make engagement easy for our business leaders without compromising our security and compliance needs.”–Chief Infrastructure and Information Security

Officer, Comcast

This is the same quote as the

previous slide, in case you don’t want

to use 3 slides for this one case study


Customer

Success

At a retail organization, Identity Governance analyzed 250,000

accounts, 66 million access rights and discovered 200 roles

in 3 minutes


Hill International is aglobal leader in managing construction risk

Reduced provisioning time from 14 days to 24 hours, improving productivity


Customer

SuccessA F500 insurance company:

Reduced SOX audit data gathering from 10 days to 2 hours

Reduced on-boarding from 10 days to <2 days


Customer

SuccessA F100 Financial Institution achieved:

$1M help desk savings within 2 years (for PW Mgt)

Using correlation, recouped $1.3M in software licenses by finding orphan accounts


Customer

Success“CA Identity Governance provided the most rapid TTV of any IAM product I’ve ever used…”

VP of IT, Huge Global Retailer

Extra slides to use


Integrated Identity Management & Governance Solution

CA Strong Authentication

CA Directory

CA Risk Authentication

Risk assessment for authentication and access decisions

Patented software-based two-factor authentication

High performancestore

CA Single Sign-On

Management of CA SSO entitlements

CA Identity

Suite


Customer success using CA Identity Suite

Identity process automation

Improved efficiencies and employee productivity

Simplified and faster provisioning

Improved compliance audits through automated access certifications

Benefits gained from using CA Identity Suite


Identity Management From CA Technologies

What is driving our strategy?

Understanding who has access to what and why

Identifying potential threats

Simplifying governance of access

The Open Enterprise

Enabling the Business Minimizing Risk

Increased cloud adoption (IaaS, PaaS, SaaS)

Bring your own devices and identities

Distributed internal and external users

Improving efficiencies

Shifting responsibilities from IT to the business user

Lowering total cost of ownership


Challenges of Today’s Open Enterprise

REDUCE RISK OF OVER-PRIVILEGED USERS

Do I have Segregation of Duties violations right now? Do all my users have the correct access for their role(s)?

AUTOMATE IDENTITY PROCESSES

Are my processes too manual? Are they inefficient? Do I have inconsistent security policies due to human error?

Can I reduce the time & effort it takes to submit audit reports? Can I easily show “who has access to what”?

SIMPLIFY COMPLIANCE AUDITS IMPROVE EMPLOYEE PRODUCTIVITY

How much time do my managers spend in access certifications? How long does it take a new employee to have ALL their access

and accounts available?

INCREASE USER PARTICIPATIONPROVIDE OUTSTANDING USER EXPERIENCE

Can the system interact with my users with Business terms that they understand?

Can I improve my user productivity and satisfaction?

Can I provide a one-stop-shop where my users can easily access all identity services in one place?

Can I reduce the need of IT to manage identity processes?


CA Identity Suite

The next Generation of Identity Management and Governance

Identity ManagerAutomated Provisioning

Policy/Workflow Mgt

Identity GovernanceRole Discovery & Analytics

Entitlement Certification

Identity PortalBusiness User Experience

Access Request/User Mgt

CA IDENTITY SUITE

CustomApplication

MainframeDatabaseDirectory SAPUNIXSalesforce

Xp

ress

Tec

hn

olo

gies

ConfigX

ConnectX

PolicyX

Entitlement Info

Business DataHR Systems

CA Identity Suite

Technology

Transcript of CA Identity Suite