IAM Service and Descriptions Summer 2016
-
Upload
karl-kispert -
Category
Documents
-
view
162 -
download
0
Transcript of IAM Service and Descriptions Summer 2016
Copyright © Aujas All rights reserved.
IAM Services and Solutions
- Vision and Mission
- Services for all stages of IAM program lifecycle
- Services Offerings – descriptions and probing questions
- Case Studies
- Aujas Advantages and Experience
Identity and Access Management
May 2016
Copyright © Aujas All rights reserved.
2
“To Enable a digital era by empowering everyone to extend their digital personas and identity across
the enterprise, cloud, social and mobile realms in a naturally easy, secure and a reliable way.
“To provide our client organizations with solutions and services for planning, deploying and operating IAM programs
for enabling ubiquitous identity, access risk management, and identity driven intelligence.”
“To enable our client organizations across the globe, with leading edge professional services driven by real life experiences and
domain knowledge of building best fit IAM solutions.”
Vision
Mission
Copyright © Aujas. All rights reserved.
Services PortfolioEnd to end services for all stages of IAM Program
3
• Access Governance ServicesMeasure and mitigate access risk across distributed business systems. Capability to periodically review access and build executive IAM dashboards
• Ubiquitous IdentityUnified, converged and digital for the enterprise, cloud, social and mobile realms
• Digital Identity ManagementStreamline digital identity lifecycle processes by automating creation, modification and removal of digital identifies within the enterprise or on cloud
• Access Management and SSOEliminate multiple application access channels by one access for all uses
• Privileged Identity ManagementAccountability for shared and administrative access while increasing efficiency
• Identity Intelligence identity dashboards
• Audits and BenchmarkingFunctionality and performance audits to benchmark against industry standards
• Incident ResolutionTroubleshooting, short term resolution, bug fixes, SLA driven support and liaison with OEM vendor for resolution and patches
• Enhancements and OptimizationsProjects to introduce new functionality in the existing IAM system
• IAM Operations And EvolutionIAM operations (onsite / offsite) and provide an enhancement roadmap
SER
VIC
E O
FFER
ING
SSE
RV
ICE
AR
EAS
SOLUTION IMPLEMENTATION ENHANCEMENTS & SUSTENANCE
• IAM Governance FrameworkPolicy & procedure, roles and responsibilities framework required by IAM
• IAM Readiness and RoadmapRoadmap for functionality, investment and preparation assessment
• IAM Technology and Product SelectionSelection of best fit technology and product choice, POC, demo
• IAM Architecture DesignDetailed blueprint of the solution design to weed out technology unknowns
STRATEGY AND PLANNING
Copyright © Aujas All rights reserved.
4
Descriptions – Planning Services
Solution/Services Value Proposition Probing Questions
IAM Governance Framework
This Aujas service offering has been designed to establish the governance foundation of an IAM program. Under this program we help define business policies and procedures to be automated by IAM and to manage the IAM system. The deliverables also include a governance charter including roles and responsibilities framework for various IAM stakeholders.
• Do you know how you can enhance your policies and procedures to derive maximum benefit from IAM automation?
• Do you have a governance framework in place to manage IAM as a business enabler? • Do you have technology framework that provides a predictable method of
integrating new systems and applications with the IAM platform?
IAM Readiness and Roadmap
A service offering that helps our clients plan their IAM investments in line with this business requirements and ROI. Aujas consultants provide a recommendation of which services to rollout at what timeframe via a roadmap for IAM program. This service, additionally reveals the level of organizations preparedness (technical, operations and project management) for an IAM program and methods to plug the gaps for each stage in the IAM roadmap.
• Do you know if your organization is ready for an IAM Program• Do you know the pitfalls you must avoid while planning an IAM program for your
organization?• Is your current IAM program providing the anticipated business value?• Do you know how you can prepare yourself for IAM from technology, operations and
project management perspectives?• Do you know how you can maximize the return on investment on IAM?• Do you know which features can be introduced quickly to get organization buy in and
which features can be introduced later after preparations?
IAM Technology and Product Selection
Aujas provides a technology neutral approach to establish custom made benchmark for evaluating IAM technology based on your own business needs and goals. This custom made benchmark is then used to evaluate technology and product options. Aujas also provides technology demonstrations, self-guided demos, and proof of concept pilot deployments.
• Do you know the various technology options to address your identity and access management challenges and their constraints and benefits?
• Do you have a benchmark that allows evaluation of IAM product and technology options against your organization’s needs?
• Do you want to experience the products capabilities through a demo or a proof of concept setup?
IAM Architecture Design
This service is designed to establish a detailed blueprint of the solution design to weed out technology unknowns, before starting the solution implementation thereby mitigating project risk and expediting the go live.
• Do you have a detailed macro and micro design for your identity management setup?
• Do you have a detailed design describing how your IAM solution will integrate with your business applications and systems?
• Do you know how to build a fault tolerant IAM system to match your business continuity program?
Copyright © Aujas All rights reserved.
5
Descriptions – Implementation Services
Solutions/Services Value Proposition Probing Questions
Access Governance
This offering helps design and deploy solutions to measure and mitigate access risk across distributed business systems. The solution offering also provides capability to periodically review access and build executive IAM dashboards, without going through long and tedious application integration cycles.
• Are you able to identify, measure and mitigate access risk across business applications in line with regulatory requirements and security best practices?
• Are you able to eliminate access review fatigue and bring in efficiency enhancement through automation?
• Are you able to assert that you are in control of your access risk?• Do you know who has access to what in your organization?
Ubiquitous Identity
These solutions address the challenge of managing digital identity in a unified converged manner for the enterprise, cloud, social and mobile realms. It directly provides ease of use while enhancing your security posture in a connected world.
• Do your employees complain on having to deal with several digital and physical identities?
• Do you want to leverage one single identity for the enterprise and use it for physical access control as well?
• Do you intend to leverage a unified identity so ease the adoption of cloud based applications?
Digital Identity Management
This offering helps design, deploy and manage solutions to streamline digital identity lifecycle processes by automating creation, modification, and removal of digital identifies within the enterprise or cloud. The solution offering enhances security posture, reduced cost of lost productivity and increases while making access control more responsive for end users and customers.
• Do your users complain about long turn-around time for their access and password request to get addressed?
• Do you intend to reduce helpdesk cost while increasing security of user access management functions?
• Do you intend to leverage automated workflows to eliminate lengthy approval process and paper based form, while keeping tamper proof audit data of all actions?
• Do you intend to eliminate ghost accounts and ensured guaranteed access removal of ex employees?
• Do you want to empower your users to be able to manage their own identity and access across applications thereby freeing up valuable resources?
Access Management and SSO
Solutions designed to provide enhanced security while making it easy for users to access the applications and systems. Solutions help eliminate multiple application access channels by establishing one multipurpose identity for all linked access.
• Do you want to enhance user experience by eliminating the need to remember several passwords?
• Do you want to integrate several business applications with one single ID and password for your end users?
• Do you want to centrally manage strong and more secure authentication?• Do you want to experience seamless login to thick client, legacy apps, or cloud apps
based on your AD login?
Copyright © Aujas All rights reserved.
6
Descriptions – Implementation Services
Solutions/Services Value Proposition Probing Questions
Privileged Identity Management
These services help design and deploy solutions to bring in accountability for shared and administrative access while increasing operational efficiency. Aujas solutions empower security leaders to comply with regulations and best practice for managing administrative access and prevent insider breach by power users without introducing restriction or bottlenecks. The solutions scale to address the needs for a small server room to large global data centers.
• Do you know what your most powerful users are doing on your IT infra?• Do you worry that your administrators need to share access to be able to perform their job?• Do your administrators and power users need to remember or record access rights to
several hundreds of systems?• Are you able to security store administrative credentials to your IT infra?• Do you change the passwords on all your systems when one of your administrators leave?• Do you periodically recycle passwords on your IT infra? • Do you worry about unauthorized or malicious activity by internal administrators?• Do you have a systems that doesn’t compromise accountability in administrative actions
while allowing ease of use by access sharing?• Do you have a comprehensive log or video recording of critical administrative tasks for
forensic analysis?
Identity IntelligenceThese services provide Identity Dashboards highlighting key metrics and anomalies in user access management process and activities across the enterprise, cloud and mobile realms.
• Do you know how effective your IAM solution is?• Do you know how are your users accessing your business applications?• Do you know where your ghost accounts are?• Do you know what is causing bottlenecks in your IAM operations?• Do you know how which functions on your IAM operations need attention?
Copyright © Aujas All rights reserved.
7
Descriptions – Enhancement and Sustenance Services
Solution/Services Value Proposition Probing Questions
Audits and Benchmarking
The service offerings helps owners of existing IAM deployments to review and benchmark functionality and performance of the existing solutions against industry standards. The services helps in identifying areas of improvement along with an enhancement roadmap.
• Are you able to ascertain how your IAM investment is evolving along with your changing business needs?
• Is your IAM solution working at the performance levels required by the business?• Do you know where do you stand in terms of IAM maturity?
Incident Resolution
These sustenance services help clients with manage existing IAM deployments by offering ready capability for troubleshooting, short term resolution, bug fixes, SLA driven support and liaison with OEM vendor for resolution and patches. The services enables providing the business users a reliable and error free IAM system.
• Do you a method in place to ensure periodic and proactive maintenance of your IAM system?
• Do you have a system in place to quick address IAM incidents and bugs minimizing the impact on end users of business processes?
Enhancements and Optimizations
These services are designed Projects to help ensure that the IAM systems continue to adapt in line with your changing business requirements. The services help introduce new functionality in the existing IAM system as and when required by the business.
• Do you have a method to quickly respond to changing business requirements by enhancing your IAM system?
• Are you able to allow your IAM environment to continually evolve instead of trying to play catch up?
IAM Operations and Evolution
These service offerings are designed to provide IAM operations and define an enhancement roadmap for the IAM system. The services ensures a reliable IAM system that also keeps up with changing business needs. The service allows flexible delivery models including on-demand execution, on premise execution or hybrid round the clock execution.
• Do you have a method to provide an integrated IAM service to your business that includes IAM operations, troubleshooting, SLA management and upgrades?
• Are you able to allow your IAM environment to continually evolve instead of trying to play catch up?
Copyright © Aujas All rights reserved.
8
Planning and Implementation Services for
Enterprise Wide IAM
Solution Highlights
Aujas services
Client profile
Key Requirements
Country affiliate
of a Fortune
500 Insurance
MNC
13,000
employees
working across
600 locations
Employee
strength
growing by
30% every year
Heterogeneous IT
environment with
multiple legacy
apps
30 business critical
applications; solve
IT manpower
waste
Controlled
Access and SSO
for business
apps
ID Recertification
for regulatory
compliance
Access
Governance
Dashboards
End to end provisioning
to eliminate errors and
omissions
Identity Manager
Web Access Management
Enterprise SSO
Reporting Dashboards13,000users
8 services
15 custom
adapters30 business
applications
20 reporting
parameters
Executive WorkshopAujas brought various stakeholders
to a single forum to facilitate a
common vision for IAM.
Business Case for
IAM: ROI Estimation
for the IAM initiative -
hard numbers and soft
benefits
Proof of ConceptComprehensive POC was done
to show provisioning into
Life/400 among other features.
Implementation ServicesAujas completed deploying this greenfield project
in 6 months using Hybrid Delivery Model. The
project was divided into multiple tracks and phases
to mitigate project risk. Helpdesk call volumes
reduced by 95% at the end of 9 months.
Continuous Sustenance & EnhancementPost completion of solution implementation,
Aujas has been providing remote and onsite expert
services to ensure the IAM deployment evolves with
changing business needs and remains bug free.
Copyright © Aujas All rights reserved.
9
Unified SSO for an Industry Conglomerate
to secure Cloud and On-Premise Business Applications
Solution Highlights
Aujas services
Client profile
Industry
conglomerate
with more than 62
group companies
serving
various verticals
Business enabled
by multiple
business
applications and
security domains
More than 8,000
users
Cloud ready
distributed IT
environment
Key Requirements
Need for secure
access control for
the heterogeneous
IT environment
ID Federation to cloud
centric applications
Enable user
access and
SSO to Web
Applications
from multiple
platforms
Easy user on
boarding and
administration
7,000users
Federation Gateway and
IDP supporting SAML,
WS-Federation and OAuth
6 Cloud Applications with open
standards for Federation
Common Portal for
Unified SSO Read Only Integration
with Active Directory
SSO Gateway using
Reverse Proxy
On Premise Enterprise
Applications including home
grown custom apps
Solution DesignAujas leveraged a modular approach to
design a solution using two solution
components – 1.) federation for cloud
applications and 2.) reverse proxy based
multi protocol SSO for internal on premise
applications
Implementation ServicesAujas team created a common portal for unified
SSO to integrate two solution components
together into a unified interface. Both SSO
components were deployed independently and
were integrated with Aujas’s common SSO portal.
Individual applications were iteratively integrated
using a dual track approach.
Copyright © Aujas All rights reserved.
10
Solution Design and Implementation
for managing Privileged IDs in Telecom Environment
Client profile
Key Requirements
Solution Highlights
Aujas services
Telecom company
providing GSM
and CDMA
Mobility Services
More than 80
million
subscribers
Nationwide network leveraging over 5000 network
elements equipment from 100s of vendors. Managed
centrally from a state of the art NOC supporting onsite
regional teams
Accountability in
usage of Shared
IDs by power users
Eliminate
thousands of
IDs &
passwords
managed by
each NOC
engineer
Dashboards and
reports to reveal
who has access to
what
Workflow based
ID request
approvals
?Activity logs and
video recording of
sessions
200,000 ID Password pairs
Identity Manager
Enterprise SSO
Keystroke and Session Recording
SIEM
4,000NOC users
210 custom
ESSO profiles
4000+ network
elements
26 reporting parameters
Shared ID Management Module
Video recording and Logging95
element
types
110 custom log
parsers
Solution DesignAujas designed an innovative solution to manage shared IDs
over 4000+ devices distributed over a country wide network.
Aujas leveraged IBM Tivoli products to bring in accountability
and ease of use in running telecom NOC operations.
Proof of Concept to showcase
shared ID management and log
correlation to ascertain user
accountability
Implementation ServicesAujas completed deploying this greenfield project in
9 months using Hybrid Delivery Model. The project
was divided into multiple tracks and phases to
mitigate project risk. Aujas created hundreds of ESSO
profiles and SIEM parsers during this deployment.
Continuous Sustenance & EnhancementPost completion of solution implementation,
Aujas has been providing remote and onsite expert
services to ensure the IAM deployment evolves with
changing business needs and remains bug free.
Copyright © Aujas All rights reserved.
11
Aujas Advantages
Enhancement Factory
Advanced Planning and Design
Services
COE for IAM Solutions
ThinkSecure
Comprehensive Portfolio Coverage
Hybrid Delivery Model
Customized Solutions
Aujas provides advanced capabilities to enhance leading IAM products to better match customer requirements. This is accomplished via a sure shot enhancement factory offering which has been used by customers to obtain custom IAM adapters, SSO profiles, advanced reports, dashboards and customer user interfaces.
The Aujas COE brings together a global pool of IAM experts who work together to address bleeding edge IAM challenges of Aujas customers. The ThinkSecure GDC is used to build rapid prototypes and enable a global delivery model.
The Aujas COE brings together a global pool of IAM experts who work together to address bleeding edge IAM challenges of Aujas customers. The ThinkSecure GDC is used to build rapid prototypes and enable a global delivery model.xzds
Copyright © Aujas All rights reserved.
12
Aujas ThinkSecure Global COE
Aujas leverages a Center of Excellence physically located at
Bangalore and digitally accessible across the globe.
The Aujas COE brings together a global pool of IAM experts who
work together to address bleeding edge IAM challenges of Aujas
customers.
Aujas leverages the COE to provide additional specialist support to
project teams as and when needed.
Over 100 Certified Experts with proven skills on leading Identity and Access Management Products
Centre of Excellence for rapid prototyping and solution design
Capability to remotely prepare solution components at low cost
Support global projects round the clock
Support capability for all products being handled via projects
Liaison with leading OEMs to design their certification programs
Maintains talent pool across projects
Multi node cluster allowing rapidly building sandboxed IAM images
Copyright © Aujas All rights reserved.
13
Aujas IAM Engagements
Consulting Engagements
25%
Implementation Engagements
41%
Sustenance Engagements
34%
Identity Governance & Administration
28%
Web SSO and Federation
17%Enterprise SSO21%
Privileged Identity
Management16%
Other IAM Functions
18%
Aujas has successfully delivered over 105 IAM projects during the last five years
Copyright © Aujas All rights reserved.
14
Bangalore | Cupertino | Delhi | Dubai | Jersey City | Mumbai
Thank You
For more information:
Karl KispertVice President