Presentation is loading. Please wait.

Presentation is loading. Please wait.

April 28, 2015 Main Presentation title: 24pt Arial Regular, bold Recommended maximum length: 2 lines Subtitle: Arial 16pt bold white Date (auto) Arial.

Similar presentations


Presentation on theme: "April 28, 2015 Main Presentation title: 24pt Arial Regular, bold Recommended maximum length: 2 lines Subtitle: Arial 16pt bold white Date (auto) Arial."— Presentation transcript:

1 April 28, 2015 Main Presentation title: 24pt Arial Regular, bold Recommended maximum length: 2 lines Subtitle: Arial 16pt bold white Date (auto) Arial 10pt Regular Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements ActivCard logo must not be moved, added to, or altered in any way. Image..This must be clean, uncluttered and in neutral or blue tones. Approved images are posted on brandcentral Green Line: R000 | G220 | B046 Slide Background color: Blue R144 | G176 | B214 Compliance Solutions

2 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard What is the objective? Privacy, accountability? What must be done in order to be in compliance? How does your IT infrastructure play a role in executing the process? Example: SOX Goal: Accountability for financial information Must document how sales forecasts are created and verified. Process Audit Was the process honored? Are the right people involved? Did the activity occur? Any breakdown in process, people or activity can lead to being out of compliance Audit serves as the control to prevent it from happening It’s more cost effective to prevent problems in the first place. Catching problems in audit means going back to redo work that didn’t get done right in the first place. The Components/Elements of Compliance Who is involved in the process? Who must be involved? Can you ensure that they did the right thing? Who must NEVER be involved and can you keep them out? Example (partial): Account Manager owns territory forecast Sales Manager owns regional forecast CFO is accountable for the forecast accuracy People People execute the process – which result in trackable activities. Activities keep the process moving. Example (partial): Account manager must have all forecast data entered into a sales tracking tool Sales manager verifies it is correct. IT manager has taken steps to limit access to the data and who can change it. Activity

3 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard What is the objective? Privacy, accountability? What must be done in order to be in compliance? How does your IT infrastructure play a role in executing the process? Example: SOX Goal: Accountability for financial information Must document how sales forecasts are created and verified. Process Audit Was the process honored? Are the right people involved? Did the activity occur? Any breakdown in process, people or activity can lead to being out of compliance Audit serves as the control to prevent it from happening It’s more cost effective to prevent problems in the first place. Catching problems in audit means going back to redo work that didn’t get done right in the first place. What Affects the Quality of Compliance? Who is involved in the process? Who must be involved? Can you ensure that they did the right thing? Who must NEVER be involved and can you keep them out? Example (partial): Account Manager owns territory forecast Sales Manager owns regional forecast CFO is accountable for the forecast accuracy People People execute the process – which result in trackable activities. Activities keep the process moving. Example (partial): Account manager must have all forecast data entered into a sales tracking tool Sales manager verifies it is correct. IT manager has taken steps to limit access to the data and who can change it. Activity Security:Are there outside threats that can throw these elements out of compliance? Integrity:Have you ensured that only the right people are performing the activities outlined in your compliance plan? Usability:It’s one thing to become compliant – but will its effects disrupt your business? Identity Assurance

4 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Password Proliferation HR Collaboration Mainframe Web App Finance Sales DB 401K Portal Web App Applications and Resources With Compliance  Passwords need to be more complex  Passwords need to changed more frequently  Forgotten passwords requires help desk assistance, help desk cost accelerate  End users become frustrated Dial Up/VPN Server Web Wireless Access Desktop Access

5 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Premise for Compliance To honor the principles of compliance you must be able to have assurance of identity  Passwords alone do not deliver assurance  Passwords cannot provide high levels of security  Security and Usability are often at odds with one another Gartner Research states: “The increased focus on system security for regulatory purposes leads us to predict that today's PC password standards will no longer be accepted in Organizations that require stronger protection for data should: Disable Windows LAN Manager passwords by default Use smart cards or Universal Serial Bus (USB) keys for administrator passwords Use pass phrases for which there is no other alternative Consider tokens or biometrics for systems subject to Sarbanes-Oxley controls Consider trusted-platform module (TPM)- enabled systems” The requirement for multi- factor authentication….

6 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard.6 The Halo Effect – Compliance Benefits ActivClient with digital signatures Companies are spending millions on paper handling and physically signed forms. Document Proliferation Secure Remote Access ActivClient with digital certificates On-line Banking Solutions Hackers may misrepresent themselves as your company with the intent of defrauding you and your customers. Identity FraudEnterprise Access Card There are at least two, uncoordinated infrastructures for physical and network access. Oftentimes, employees leave but still have access privileges to some systems. Credential Proliferation Enterprise Access Card Secure Remote Access How do you ensure privileged access is only granted to employees, contractors and temps when customers and partners also need trusted access? Protecting the Enterprise Network Single Sign-On 15 percent to 35 percent of help desk call volume — with a typical cost per call of $10 to $31*. This is in addition to end user productivity costs. Passwords and Cost Controls Secure Remote Access Single Sign-On Enterprise Access Card How can you attest to the integrity of your controls and the enforcement of your policies? Regulation Compliance & Governance SolutionDescriptionProblem

7 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Enterprise: Monsanto Demonstrated controls of financial systems By consolidating all remote access, Monsanto can now handle provisioning of all remote workers 5,000 remote users at over 340 sites globally Solution: ActivCard Secure Remote Access  Secure Remote Access Prevent unauthorized access to network information and resources  Compliance with Sarbanes-Oxley With dial-up remote access, the controls did not lie with Monsanto NEEDS: RESULTS:

8 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard ActivCard Solutions for Identity Assurance Single Sign On (Secure Sign-On and Ease of Password Management) Secure Remote Access (with Two Factor Authentication) Enterprise Access Cards (Physical and Logical Access using Two Factor Authentication)

9 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Single Sign-On Benefits Simplified user experience  Reduces passwords  Reduces number of authentications  Improves productivity by reducing frustration. Meta Group estimates 18% increase in productivity Lower Help Desk Costs  Users don’t have multiple passwords to access protected resources  Meta Group estimates 33% reduction in help desk call volume Enhanced Security  Honor application password policies with automated management  No written passwords

10 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Strong Single Sign-On Strengthen application security by honoring policy and with stronger passwords ActivClient Browser Client- Server Applications Terminal Emulator Windows or Novell NOS Application Windows Application Windows Workstation  Validates application before authenticating  Automatically manage password changes to honor application policy  Increase strength and length of passwords without affecting usability Smart Card (+PIN) Fingerprint USB Token Protect access with a variety of choices for authentication Password

11 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Security and Usability Issues Employees must carry multiple devices Passwords provide poor security PKI credentials generated or stored on hard disk are insecure and non-portable Expensive to Maintain Cost of multiple devices and multiple issuance processes High password reset costs Replacement and support costs for RSA tokens Building Access Photo ID Remote Access Passwords PKI Credentials Enterprise Access Cards

12 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Secure Remote Access Secure Dial-up RAS Secure VPN Secure Web Secure Wireless LAN Secure Windows Login Secure Terminal Services Passwords One-Time Passwords USB Keys and Smart Cards Hard/Soft Tokens Multi-Factor Authentication Methods PKI Certificates Multi-Factor Authentication Devices Secure Remote Access Functionality ActivCard AAA functionality provides  Security through 2-factor authentication – PIN + Device  Standards based interoperability with the existing network infrastructure through RADIUS, TACACS+, 802.1X  Manageability of authentication devices throughout their lifecycle  Solutions for Windows and Solaris platforms

13 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard ActivCard SRA Programs of Interest  Free 2-token evaluation  SRA 25-user starter kit with special pricing  ActivCard Compliance White Paper  Aberdeen White Paper  Compliance Webinar Series  ActivCard strong authentication bundled firewall solutions

14 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Compliance Benefits Review Cut Costs  Data access management  Help desk savings Build Trust  Transparency and accountability  Lifetime customer value Mitigate Risks  Disclosures damage the brand  Legal liability and costs Improve Security and Governance  Know where data is, who uses it, and why  Central control point for data handling policies  Address of broader risk and compliance challenges

15 April 28, Template release: September 04 For the latest, go to Indications in green = Live content Indications in white = Locked elements Slide heading: 24pt Arial Bold, White Maximum length: 1 line Sub Head 20pt Arial Bold, Regular Blue R012 | G037 | B118 Slide body: 18pt Arial Regular Blue R012 | G037 | B118 Square bullet color: Green R063 | G174 | B080 Recommended maximum text length: 5 principal points Confidentiality & Copyright: 8pt Arial Regular, white Date (auto) 8pt Arial Regular, white ActivCard logo must not be moved, added to, or altered in any way. Background should not be modified. Blue R144 | G176 | B214 Slide number: 18pt Arial Regular, white ActivCard Suggested Palette Proprietary & Confidential © 2004 ActivCard Summary Get the broadest impact on your compliance measures by starting with identity assurance  No compliance solution operates correctly if you don’t know who’s using it  The principles of strong authentication apply across your compliance measures (People, Process, Activity, Audit)  Identity assurance has strategic implications, helping you springboard to address additional business benefit Get started with strong authentication easily  Start where you have the biggest impact, such as providing your users with a token, smart card, or USB key  Integrate with your perimeter systems so you only have the right people inside your company. (with SRA)  Integrate with your applications so you know what your users are doing and provide usability (with SSO)  Leverage your identity assurance broadly with an integrated credential and PKI (Enterprise Access Card)


Download ppt "April 28, 2015 Main Presentation title: 24pt Arial Regular, bold Recommended maximum length: 2 lines Subtitle: Arial 16pt bold white Date (auto) Arial."

Similar presentations


Ads by Google