Overview of Hitachi Id Management Suite

8
1 ID Management Suite Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Fully integrated identity and access management. 2 Agenda • Hitachi ID corporate overview. • Identity problems and ID Management Suite benefits. • ID Management Suite technology. • Example deployments. • Discussion. 3 Hitachi ID Corporate Overview © 2011 Hitachi ID Systems, Inc. All rights reserved. 1

description

Identity and Access Needs are Ever-ChangingDigital identities require constant administration to reflect business changes: Complexity creates delay and reliability problems.

Transcript of Overview of Hitachi Id Management Suite

Page 1: Overview of Hitachi Id Management Suite

1 ID Management Suite

Managing the User LifecycleAcross On-Premises andCloud-Hosted Applications

Fully integrated identity and access management.

2 Agenda

• Hitachi ID corporate overview.• Identity problems and ID Management Suite benefits.• ID Management Suite technology.• Example deployments.• Discussion.

3 Hitachi ID Corporate Overview

© 2011 Hitachi ID Systems, Inc. All rights reserved. 1

Page 2: Overview of Hitachi Id Management Suite

Slide Presentation

3.1 Hitachi ID Corporate Overview

Hitachi ID is a leading provider of identityand access management solutions.

• Founded as M-Tech in 1992, a divisionof Hitachi, Ltd. as of 2008.

• Hitachi, Ltd.:

– Founded in 1910.– $105 billion revenue in FY2010.– 360,000 employees.

• Hitachi ID has 840+ customers with acombined 10.4M+ licensed users.

• Offices in North America and partnersoverseas.

• Approximately 140 employees.

Award: SC Magazine Best Buy for the IDManagement Suite.

3.2 Representative Hitachi ID Customers

4 Identity Problems and ID Management Suite Benefits

© 2011 Hitachi ID Systems, Inc. All rights reserved. 2

Page 3: Overview of Hitachi Id Management Suite

Slide Presentation

4.1 User Lifecycle: Business Challenges

• More IT→ moreusers to manage.

• There arechallengesthroughout theuser lifecycle.

• Support cost.• User service.• Security.

Slow:too much paper,

too many people.

Expensive:too many administrators

doing redundant work.

Role changes:add/remove rights.

Policies:enforced?

Audit:are privileges appropriate?

Org. relationships:track and maintain.

Reliable:notification of terminations.

Fast:response by sysadmins.

Complete:deactivation of all IDs.

Passwords:too many, too weak,often forgotten.

Access:Why can’t I access thatapplication / folder / etc.

4.2 ID Management Suite

© 2011 Hitachi ID Systems, Inc. All rights reserved. 3

Page 4: Overview of Hitachi Id Management Suite

Slide Presentation

4.3 Identity Manager Benefits

Feature Impact Benefit

Auto-provisioning Changes on a system of recordtrigger account creation,deactivation.

Cost, Service, Security:Less manual administration.New hires setup on time.Reliable termination.

Self-service workflow Change requests via web form.Authorizers selected by built-inlogic.E-mail invitations, webapprovals.

Service, Cost:More efficient changemanagement.Less manual administration.

Consolidated administration Security officers can manageany user on any system from aweb console.Reports show entitlementsacross systems.

Cost, Security:More efficient to manage byuser than by system.Known account ownershipestablishes accountability.

4.4 Password Manager Benefits

Hitachi ID Password Manager is an authentication management platform, providing a consistentprocess for managing passwords, tokens, smart cards and more.

Feature Impact Benefit

Password synchronization Fewer passwords toremember.

Improved ease-of-use.Fewer password problems.

Self-serve password, PINreset

Users resolve their ownproblems.

Fewer help desk calls.

Assisted password reset Faster call resolution. Lower cost per incident,improved service.

Policy enforcement Password complexity, history,periodic changes.

Passwords harder tocompromise.

Single signon Automated application logins. Users happier with IT.

© 2011 Hitachi ID Systems, Inc. All rights reserved. 4

Page 5: Overview of Hitachi Id Management Suite

Slide Presentation

4.5 Privileged Access Manager Impact

Feature Impact Benefit

Randomize passwords daily Eliminate static, sharedpasswords.

Disconnect former IT staff.

Controlled disclosure Control who can seepasswords.

The right users and programscan access privileged accounts,others cannot.

Logging & Reporting Monitor password disclosure. Accountability.Faster troubleshooting.

Encryption Secure passwords in storageand transit.

Physical compromise does notexpose passwords.

Replication Passwords stored on multipleservers, in different sites.

Survive server crashes and sitedisasters.

5 ID Management Suite Technology

5.1 Closed Loop IAM

IntegratedSystems

of Record Autodiscovery

Auto-provisioningIdentity synch.

IdentityCache

IntegratedTarget Systems

Non-integratedSystems

Transaction Manager

Connectors

List accounts

Create,delete,update

accountsUpdates

Updates

Detectedchanges

Listpeople

Authorizers Approve,reject,delegate

Invitations

ApprovalsWeb UI

Certifiers Review,certify,correct

Invitations

CertificationWeb UI

Requesters Manualrequest

RequestsWeb UI

- Validate requests- Route for approval- Invite authorizers- Send reminders- Escalate- Delegate

Manualfulfillment

Auto-fulfillment

Create,delete,updateaccounts

Automaticrequest

ImplementersAccept,confirm

Invitations

ImplementerWeb UI

RequestQueue

WorkflowManager

Hitachi ID Management Suite

WorkQueue

© 2011 Hitachi ID Systems, Inc. All rights reserved. 5

Page 6: Overview of Hitachi Id Management Suite

Slide Presentation

5.2 Included Connectors

Many integrations to target systems included in the base price:

Directories:Any LDAP, AD, WinNT, NDS,eDirectory, NIS/NIS+.

Servers:Windows NT, 2000, 2003,2008, Samba, Novell,SharePoint.

Databases:Oracle, Sybase, SQL Server,DB2/UDB, ODBC.

Unix:Linux, Solaris, AIX, HPUX, 24more.

Mainframes, Midrange:z/OS: RACF, ACF2,TopSecret. iSeries / OS400.

HDD Encryption:McAfee, CheckPoint.

ERP:JDE, Oracle eBiz,PeopleSoft, SAP R/3, Siebel,Business Objects.

Collaboration:Lotus Notes, Exchange,GroupWise, BlackBerry ES.

Tokens, Smart Cards:RSA SecurID, SafeWord,RADIUS, ActivIdentity,Schlumberger.

WebSSO:CA Siteminder, IBM TAM,Oracle AM, RSA AccessManager.

Help Desk:BMC Remedy, BMC SDE, HPService Manager, CAUnicenter, Assyst, HEAT,Altiris, Track-It!, etc.

Cloud/SaaS:WebEx, Google Apps,Salesforce, SOAP (generic).

5.3 Scriptable Integrations

• ID Management Suite easily integrates with custom, vertical and hosted applications using flexibleagents .

• Each flexible agent represents a standard process for connecting to a whole class of target systems,including:

– API bindings (C, C++, Java, COM, ActiveX, MQ Series).– Telnet / TN3270 / TN5250 / sessions with TLS or SSL.– SSH sessions.– HTTP(S) administrative interfaces.– Web services.– Win32 and Unix command-line administration programs.– SQL scripts.– Custom LDAP attributes.

• Typically a few hours to a few days to add an integration.• Hitachi ID can build these at fixed-cost.

© 2011 Hitachi ID Systems, Inc. All rights reserved. 6

Page 7: Overview of Hitachi Id Management Suite

Slide Presentation

5.4 Network Architecture

UserPasswordSynchTriggerSystems

Load Balancer

SMTP or Notes Mail

IncidentManagementSystem System of

Record

IVRServer

ReverseWeb Proxy

Target Systemswith local agent:OS/390, Unix, older RSA

Firewall

TCP/IP + AES

Various Protocols

Secure Native Protocol

HTTPS

Remote Data Center

Firewall

Local Network

Target Systemswith remote agent:AD, SQL, SAP, Notes, etc

Target SystemsEmails

Tickets

Lookup & Trigger

Native

password

change

AD, Unix,

OS/390,

LDAP,

AS400

Validate PW

Web Services

Proxy Server(if needed)

Hitachi IDApplicationServer(s)

SQL/Oracle

SQLDB

SQLDB

Cloud-hosted,

SaaS apps

VPNServer

6 Example Deployments

6.1 Case Study: US Bank

Customer description: US bank

Product: Hitachi IDPassword Manager

Industry: Banking

Number of users: 150,000

Functionality: Password reset via telephone, web browser

Main business driver: Reduce IT support cost, improve authentication security when userscall for help.

Business impact: Eliminated 33,000 help desk calls/month.Saved at least US$ 4,000,000/year.

© 2011 Hitachi ID Systems, Inc. All rights reserved. 7

Page 8: Overview of Hitachi Id Management Suite

Slide Presentation

6.2 Case Study: Restaurant Chain

Customer description: Global restaurant chain

Products: Hitachi IDIdentity Manager

+ Hitachi IDPassword Manager

Number of users: 110,000

Functionality: Simplify onboarding, deactivation of users in 12 countries.

Main business driver: Reduce IT administration cost.Eliminate orphan accounts.

Business impact: Create and delete thousands of user accounts/year withoutinvolvement by corporate security.

6.3 Case Study: Semiconductor Company

Customer description: Semiconductor company

Product: Hitachi IDPrivileged PW Manager

Industry: Semiconductor

Number of servers: 3,000 – Unix, Windows, SQL Server, VMWare ESX

Functionality: Randomize local administrator passwords on mission-critical servers,daily. Control disclosure to 200+ users.

Main business driver: Secure sensitive password and discontinue manual effort.

Business impact: Improved system security, reduced monthly cost of manually changingthousands of passwords.

6.4 Case Study: Insurance Company

Customer description: Insurance company.

Products: Hitachi IDPassword Manager

Industry: Financial

Number of users: 40,000

Functionality: Browser-based password synchronization and reset.

Main business driver: Reduce IT support call volume.

Business impact: Automate 25,000 password resets and unlocks per month.

www.Hitachi-ID.com

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: [email protected]

File: PRCS:presDate: March 22, 2011