Unternehmenskommunikation im mehrsprachigen Markt: Impulsreferat IAM live 2012
IDM & IAM 2012
-
Upload
ariel-evans -
Category
Documents
-
view
1.338 -
download
2
Transcript of IDM & IAM 2012
![Page 1: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/1.jpg)
IDM/IAM
Identity & Access
Management
Tell me and I’ll forgetShow me and I may rememberInvolve me and I’ll understand
Sigal Russin ,
VP & Senior Analyst
![Page 2: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/2.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
2
Is it identity?
![Page 3: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/3.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
3
Identity and Access Management
AccessControl
DirectoryServices
IdentityAdministration
Strong Authentication & Authorization
Risk Based AccessControl
Single Sign-OnFederation
Web Services Security
Identity & OrganizationLifecycle
AdministrationEnterprise Role Mng
Provisioning &Reconciliation
Compliance Automation
Virtualization
Synchronization
Storage
Service Levels Risk Analysis Forensics Configuration Performance Automation
Management
Audit Data Attestation Fraud Detection Segregation of Duties Controls
Audit & Compliance
![Page 4: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/4.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
4
Where to start ?!
![Page 5: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/5.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
5
Explosion of IDs
# of
Digital IDs
Time
Mainframe
Client Server
Internet
Business
Automation
Company
(B2E)
Partners
(B2B)
Customers
(B2C)
Mobility
Pre 1980’s 1980’s 1990’s 2000’s
![Page 6: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/6.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
6
“Identity Chaos”
Lots of users and systems required to do business
Multiple repositories of identity
information;
Multiple user IDs, multiple passwords
Decentralized management, ad hoc data
sharing
![Page 7: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/7.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
IDM – Identity Management
7
![Page 8: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/8.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
8
5 Core Elements of ID Management
FederatedFederatedIdentity
![Page 9: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/9.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
9
5 Core Elements of ID Management
![Page 10: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/10.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
10
5 Core Elements of ID Management
![Page 11: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/11.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
11
What’s next…
![Page 12: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/12.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
12
Before Implementing Access Management
![Page 13: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/13.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
13
After Implementing Access Management
![Page 14: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/14.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
14
Trends Impacting IAM and privacy management sectors
Gartner, Egham, UK, January 31, 2012, Summit 2012, March 12-13, London
Tactical identity
• IAM projects will generally be limited in scope and schedule to help ensure success.
Identity assurance
• Demands for stronger authentication and more mature identity provider infrastructures will raised.
• You need to know which providers you are trusting, why, and for what.
![Page 15: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/15.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
15
Trends Impacting IAM and privacy management sectors
Gartner, Egham, UK, January 31, 2012, Summit 2012, March 12-13, London
The identity bridge
• A new architectural component is needed to manage the flowof identity information between cooperating organizations.
• The edge of the organization is to look inward and outward simultaneously.
Authorization
• It will grow more complex and more urgent due to continuing regulatory pressure.
• Authorization will assume a place as a first-class business function.
![Page 16: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/16.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
16
Trends Impacting IAM and privacy management sectors
Gartner, Egham, UK, January 31, 2012, Summit 2012, March 12-13, London
The sea of tokens
• The new tokens-and-transformers architecture is more
modular, more flexible and more loosely coupled.
Policy battles
• Privacy and identity theft are having a serious impact on business operations and viability.
• The business community, law enforcement and national security communities will continue to fight over identification,
privacy laws and regulations.
![Page 17: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/17.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
Identity Management Market
17
Overlap without integration causes consternation and cost
� Around 60 vendors in IDM
Directory
Meta-directory
Appliances
Access Management
Virtual Directory
Provisioning
Password Management
Authentication
![Page 18: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/18.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
18
IAM's Biggest Concerns
HP Research Report, Security & Risk Management Survey Conducted by Coleman Parkes
Research, 2012
![Page 19: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/19.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
19
Be Aware - Most of IDM projects failed
1
• Allocating human resources for maintenanceIDM project
• Allocating human resources for maintenanceIDM project
2• Project Leaders: HR with cooperation of IT • Project Leaders: HR with cooperation of IT
3• Support from organization's high management• Support from organization's high management
4
• Sharing and training of all organization departments
• Sharing and training of all organization departments
![Page 20: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/20.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
20
Most of IDM projects failed - Be Aware!
5
• Data Cleansing: job definitions include user authorizations
• Data Cleansing: job definitions include user authorizations
6
• Mirroring to organization processes – workflows will maximize ROI
• Mirroring to organization processes – workflows will maximize ROI
7
• If you choose a product make sure about the integration to all organization systems -Learn the product!
• If you choose a product make sure about the integration to all organization systems -Learn the product!
8
• Step by Step-integration special groups on AD with one organizational system (SAP, billing, CRM etc.)
• Step by Step-integration special groups on AD with one organizational system (SAP, billing, CRM etc.)
![Page 21: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/21.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
21
Market Overview
Vendor Access ProvN Passwd Meta AuthN
IBM � � � � �
Novell � � � � �
Oracle � � � � �
CA � � � �
Microsoft � � � � �
Netegrity � � � �
Oblix � � � �
RSA � � � �
Entrust � � � �
� = Partner provided
![Page 22: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/22.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
22
Identity & Access Management- Israeli Market Positioning 1Q10-11
Lo
cal S
up
po
rt
Market Presence
IDM\IAM Player
This analysis should be used with its
supporting documents
Worldwide Leader
Prominent WAM Player
CANovell
BMCMicrosoft Velo (OS)
IBM
Oracle-Sun
Quest
SAP
Using this
technolog
y
27%
Evaluating
\Not using
73%
Estimated Technology
Penetration
![Page 23: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/23.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
23
2012 World Leaders in Cloud Identity Management
Market Presence
Forrester Survey
![Page 24: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/24.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
24
IDM Benefits
Centralize Security
Enforce Audit
Policies
Enhance Visibility
Detect Security,
Regulatory
Automate Auditing
Procedures
Maintain Control
Over Data Assets
![Page 25: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/25.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
25
2013 Will Change Enterprise IDM
By UCStrategies Staff November 14, 2012
�The rise of stateless identity
�ID standards
�Dissolving internal/external
boundaries
�Identity assurance
“It’s tough to pull your
head up from the static
world of on-premises user
management to the more
dynamic world.”2013 Planning Guide: Identity and Privacy, by Ian Glazer
![Page 26: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/26.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
26
Recommendations
Organization should translate the business world into project specification process
Do not try to fit the IDM system to your organization
Before starting – define SOW -> Consider alternatives-> POC for business process
Organization limits – try to start IDM inside the organization
Matching expectations of project initiators, users and
decision makers
Marketing the project to show the meanings and painful problems
![Page 27: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/27.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
27
Recommendations
Small steps such as Gradual connection to organization systems, initial provisioning, role based access control etc.
Standardization- you don’t need to update the system all the time
Organization password policy can take a part on IDM project – SSO on the last stage
Workflows- pay attention for duplication or conflict in organizational identities
Organizational Tree - reflect the organizational structure in HR and IT
Each department has a manager (referant) who responsible for management permissions to the same department
![Page 28: IDM & IAM 2012](https://reader033.fdocuments.net/reader033/viewer/2022042602/5589ec4bd8b42add738b45ed/html5/thumbnails/28.jpg)
Sigal Russin’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
28
Scan Me To Your Contacts:
Thank You!