Deep Identity Solution Overview - CC 14Apr2016
-
Upload
christer-cruz -
Category
Documents
-
view
221 -
download
0
Transcript of Deep Identity Solution Overview - CC 14Apr2016
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
1/66
Deep Identity - Solution OverviChrister Cruz | Sales Consulting Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
2/66
Agenda:
Industry Trends & Challenges
Business Challenges
Solution Overview
Business Benefits of Implemen
Solutions First Look @ New V5 User
Competitive Differentiator
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
3/66
Market Trends:
1. Growing Market Security Awareness
2. Regulatory Pressure
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
4/66
WHERE IT SECURITY BUDGET
Advanced Persistent T
Endpoint Security & M
Network Security Email Security
Mobile Security
..
Trend #1: Increased IT
Spending & Focus on
the wrong risks
BUDGET 2013/2014
Medium & Large
Enterprises
REALITY CH
94% against servers
66% of sensitive data
96% Non-compliance
5% Privilege Misuse
32% of Hacking invologin credentials
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
5/66
Trend #2: Employees and
contractors are the most cited
source of vulnerabilities
85%
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
6/66
Trend #3:
The use and amount of
data in enterprises has
increased exponentially
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
7/66
Top spending priorities over the next 12
months
Key findings from The Global State of
Information Security Survey 2015
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
8/66
Business Challenges
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
9/66
Identity and Access Management Challenges
How to request a change? Who must approve the change?
When will the change be completed?
Too many passwords.
Too many login prompts.
For USERS
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
10/66
Identity and Access Management Challenges
Onboarding, deactivation, transfer across many apps is challeng More apps all the time!
What data is trustworthy and what is obsolete?
Not notified of new-hires/terminations on time.
Hard to interpret end user requests.
Who can request, who should authorize changes? What entitlements are appropriate for each user?
The problems increase as scope grows from internal to external.
Complexity of Managing User Profiles across various/siloed appl
For IT Operations
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
11/66
Identity and Access Management Challenges
Need temporary access (e.g. prod migration). Half the code in every new app is the same:
Identify.
Authenticate.
Authorize.
Audit.
Manage the above.
Mistakes in this infrastructure create security holes.
For Developers..
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
12/66
Identity and Access Management Challenges
Orphan, dormant accounts. Too many people with privileged access.
Static admin, service passwords a security risk.
Weak password, password-reset processes.
Inappropriate, outdated entitlements.
Who owns ID X on system Y?
Who approved entitlement W on system Z?
Limited/unreliable audit logs in apps.
For Security, Risk, and Audit..
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
13/66
Business Drivers
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
14/66
Business Drivers for IAM
Security andControls
Reliabledeactivation.
StrongAuthentication.
Appropriatesecurity
entitlements
RegulatoryCompliance
BSP 808, PDPA,BSP IdentityTheft Memo,
PCI-DSS, SOX,HIPAA, EUPrivacy
Directive, etc. Audit User
Access Rights
IT Support Costs
Helpdesk CallVolume
Time/Effort tomanage accessrights.
Service /
Faster OnBoarding
SimplerRequest /Approvalprocess
Reduce bof too malogin proand pass
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
15/66
Business Drivers for IAM
Appropriate access rights. Timely access termination. Effective authentication.
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
16/66
How do we get started?
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
17/66
Getting an IAM Project started.
Build a business case. Get management sponsorship and a budget.
Discovery phase, capture detailed requirements.
Assemble a project team:
security
system administration user support
etc.
Try before you buy: Demos, POCs, Live Demo.
IAM Solution Discovery and Roadmap Discussion.
Plan of attack.value based selling
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
18/66
Identity and Data Governance
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
19/66
Identity and Access Management 101
Identity Managementprocess for managing the entire life cycle of
digital identities, including the profiles ofpeople, systems, and services
Access Managementis the process of regulating access to information
assets by providing a policy-based control of who
can use a specific system based on anindividual's role and the current role's permissions and
restrictions
IAM
Provisioning
Report and AudReconcile
De-Provision
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
20/66
Goal of Identity and Access Management
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
21/66
IT Security Basics
Employee
Partners
Customers
Suppliers
Anyone
Cloud Applications
On-premise Applications
Databases
Folders
Cloud Storage
Portals
Whos who , Whats What & Who has access to What
ACCESS ACCESS
ENTITLEMENT CATALOG
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
22/66
Who is Deep Identity?
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
23/66
Who is Deep Identity?
A niche IT Security Technology vendor based and 100% owned i
Comprehensive and completely automated solutions for Identity aGovernance solution.
Offer a comprehensive and unique solutions built based on layerto address Identity Governance & Administration, and UnstructureGovernance
Part of Temasek Group, subsidiary of Trusted Source Pte Ltd.
Identity Governance. Optimized.
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
24/66
Who is Deep Identity?
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
25/66
Our Customers in Singapore
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
26/66
Analyst View
Gartner in its Dec 2013 MQ report says Deep
Identity remains the only IGA product vendor
Gartner has identified that is headquartered inthe Asia/Pacific region.
Kuppingercole in the Aprisays that The Innovators
contains only one vendor
They are rather innovativerespect to some Identity Pfeatures.
/
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
27/66
Access Control/Governance for SAP Environm
INNOVATION LEADER
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
28/66
Accreditation @ IDA
What this mean to Deep Identity:
Green lane - The Government procurement process has bestreamlined to allow accredited companies to be consideredGovernment agencies.
Increase the visibility of accredited companies
Match government lead demand with innovative supply.
http://www.ida.gov.sg/Collaboration-and-Initiatives/Initiatives/Store/Accreditation-IDA
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
29/66
Solution Overview
Wh t ff t d
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
30/66
What we offer today
Comprehensive Identity & Data Governance
Solution:
Identity Audit & Compliance Manager
Identity Manager
Data Governance Manager
Privilege Identity Manager
Identity Audit & Compliance Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
31/66
Identity Audit & Compliance ManagerDeep IACM
Comprehensive Layered Approach to address Identity
& Access Governance Automatic Detection & Notification of Violation
User & Role Attestation
Compliance Management
Workflow
Risk Scoring Reporting & Analytics
Three Phased Attestation
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
32/66
Three Phased Attestation
Comprehensive attestation (User & Role Access Certificapproach, IACM provides capability to implement 3 phasattestation process as below:
Self-service Attestation
Attestation by Manager/Group/Department
Attestation by Endpoint Systems
Enables organization to implement review of user accesstructural manner and with complete coverage and visib
Side-Benefits
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
33/66
Side Benefits.
Security aspect is one thing.
Types of Reports:
Last Login
Last Password Change
How many functions / modules they are using?
Identity Audit & Compliance Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
34/66
Identity Audit & Compliance ManagerDeep IACM
Comprehensive Layered Approach to address Identity &
Access Governance Automatic Detection & Notification of Violation
User & Role Attestation
Compliance Management
Workflow
Risk Scoring
Reporting & Analytics
Compliance Management
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
35/66
Compliance Management
IACM provides out-of -the box policy templates for enterprises to pcompliance check. Such checks include:
Separation of duties (SoD) Within a particular systems and across system User Compliance & Sensitive Access Password Compliance Unauthorized user/groups assignments
Risk scoring includes the ability to automatically assign risk
typicmedium and high.
Complex risk scoring is based on user role assignment, user behacompliance violations.
Compliance Lifecycle
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
36/66
Compliance Lifecycle
Compliance Management
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
37/66
Across All
SAP Modules
& Environment
Across SAP
& third party
Applications
Compliance ManagementIntegrated SoD & GRC Solutions
Support
Cloud-based
Applications
Identity Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
38/66
y g
Deep IM
Provisioning / de-provisioning, transfer
Password Management Access Request Management
Data Synchronization/Replication
Self-service:
Registration Profile Administration
Password Reset/Account Unlock
Self-service Attestation
Identity Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
39/66
Identity Portal for iOS and Android Phones
Identity Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
40/66
Identity Portal for iOS and Android Phones
Data Governance Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
41/66
Deep DGM
Data discovery and profiling Identify in-active, orphan, duplicate, & sensitive files
Data Access Request Management Create folder (and assign users to folder)
Attestation for Data Access
Analytics & Dashboard
Data Governance Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
42/66
Architecture
Privilege Identity Manager
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
43/66
Deep PIM
Privilege Access Request
Privilege Command Manager (UNIX)
Secure Desktop Connection Manager
Session Recording & Logging
Video Logging
Keystroke Logging
Privilege Identity ManagerD PIM
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
44/66
Deep PIM
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
45/66
Architecture
Solution Architecture
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
46/66
VM / Deployment Architecture
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
47/66
p y
Security Architecture
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
48/66
y
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
49/66
Business Benefits
Positioning (Use Case)
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
50/66
g ( )
Business Problem:
Customers current system setup cant offer an unified user identity management for different target sneed to do the management such as user creation, checking, password reset, and generating reportsindividually in different systems. Its time consuming, and affecting the operational efficiency.
Challenges:User management provision and reconciliation are independent for different target systems and applic
time consuming for the unified user management.Provide the visibility of the current and existing user profiles.
Provide a centralized repository of users being provisioned upon.Compliance reporting functionality cant generate compliance-driven reports.
Business Benefits:
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
51/66
Deep Identity understands the current tedious, and labour-intensive manual process for prprovisioning of employees - which are time-consuming, costly and can be prone to error.
These manual processes generally result in loss of productivity, lack of audit trail, and cou
security risk to our customer.
Key Focus Areas Benefits
User Provisioning and Attestation Have centralized and automated application which will perform the provireview tasks, thus simplifies user administration and provides security fo
User Tracking Have centralized application which will be able to present current and ex
respective access to different target systems.
Compliance Reports Have a tool which will be able to generate compliance-driven reports, mreporting needs. Comply with SoD and GRC regulations.
User Management (Privilege) and Access Have a centralized repository which will store all users information to offor systems with this centralized user repository as the basis of authoriza
We are here to help..
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
52/66
Establish realistic and achievable business value expectations
IAM program (Business Requirements and Business CaseDevelopment)
1. The risk and compliance driven business case.
2. The operational effectiveness or cost savings driven business case.
3. The business enablement driven business case.
We are here to help..
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
53/66
Strategic Approach to crafting an IAM Business Case
Current state assessment; capability maturity; IAM maturity modeassessment report
Summary of Benefits (High Level)
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
54/66
EnhancedSecurity
Systematic clean-up of unauthorizedaccounts
Enforcement ofSegregation ofDuties policies,
within and acrossapplications
Enhanced UserExperience
Self-service webportal to view selfaccess rights,request for a newaccess right, createa new group, etc.
Email notificationswhenever there isany actionsrequired
IncreasedProductivity
Default systemaccess to be givento new joiners onDay One
Reducedturnaround time
to provision newaccess uponrequest
ImproveEfficienc
Staff spenditime on admroutines(estimated$60,000 softsavings per y
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
55/66
Competition & Differentiator
Know your Competition
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
56/66
Big Boys Cloud Players
IBM
CA Technologies
Novell
Oracle
Dell
Okta
ForgeRock
Niche Players
Sailpoint
Aveksa
Courion
CrossIdeas
Data Governance Player
Varonis
Stealthbits
Compliance/GRC Player
SAP GRC
Archer
Competitive Differentiator
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
57/66
Value Add/Differentiator
Features and functionality against leaders in the market
Total Cost of Ownerships
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
58/66
TCO and
Investment Value over
3-5 Years
Professional
Services
Software License
Hardware
Value for Money
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
59/66
V5 First Look & Roadmap
Product Roadmap
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
60/66
Integrated Identity, Access & Data Governance Suite (V5)
IdentityGovernance& Administration
AccessManagement
Data Governance
Identity Audit &Compliance
Manager
IdentityManager
PrivilegeIdentityManager
WebSingle
Sign-On
XACML/ABACEntitlementServer
Deep IdentityTACACS+
DataGovernance
Manager
DataCrawler
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
61/66
Connectors Roadmap
DI Connectors
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
62/66
OS DBData storage
devices Mail/collab systems ERP PortalsCLOUD/Third Party
IntegrationDIRECTORIES Cloud Appli
AD
AD Cloud Sync
Password Filter
Generic LDAP
V2&V3
Win
Unix
Telnet/SSH
IBM
AS/400IBM Z/OS
FTP
Exchg Server
LNS Domino
Google Usr
Mgmt.
MS SQL
Oracle
My SQL
DB App Table
SharePoint IBM WebSphere
MQ
Web Services/API
SPML
SCIM
Windows
EMC
SharePoint
Server
SAP Usr Mgmt
SAP EP
Oracle
eBusiness Suit
Office 36
Google U
Mgmt
Salesforce
Mgmt.
Oracle
PeopleSoft Usr
Mgmt.
1. AD
2. LNS
3. SAP EP
4. SAP User Management
5. SAP HRMS
6. Windows
7. Unix
8. MS SQL
9. Oracle 11g/12c
10. Exchange server
11. ERP > Oracle eBusiness Suit
12. ERP> Oracle people soft user management
13. HRMS > Oracle PeopleSoft
14. HRMS > Oracle eBusiness suit user management
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
63/66
Summary
Integrated Identity & Data Governance Solutio
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
64/66
Complete
- Supports both On-Premiseand Cloud App and Infra
- Internet of Things (IoT)
Automated & I
- End-to-end A- OOB Integra
Lightweight
- Most Lightweight Solution & Lower TCO
- Agentless
Call to Action.
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
65/66
Technical Deep-Dive with Pre-Sales Team Product Positioning / Licensing / Support
Nominate Accounts
-
7/26/2019 Deep Identity Solution Overview - CC 14Apr2016
66/66
THANK YOU!