Presentation is loading. Please wait.

Presentation is loading. Please wait.

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.

Similar presentations

Presentation on theme: "Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA."— Presentation transcript:

1 Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA

2 Identity & Access Management The explosion of Digital IDs

3 Identity & Access Management Internet was built so that communications are anonymous: In-house networks use multiple, often mutually-incompatible, proprietary identity systems. Users are incapable of handling multiple identities. Criminals love to exploit this mess! Regulation and Compliance: SOX, HIPAA, GLB, Basel II, 21 CFR Part 1 - $15.5 billion spent in 2005 on compliance Business Automation and Integration: One half of all enterprises have SOA under development, Web services spending growing 45% Increasing Threat Landscape: Identity theft costs banks and credit card issuers $1.2 billion in 1 yr $250 billion lost in 2004 from exposure of confidential info Maintenance Costs Dominate IT Budget: On average employees access 16 apps and systems, Companies spend $20-30 per user/yr for PW resets Trends impacting identity AMR Research 2006

4 Identity & Access Management Multiple contexts

5 Identity & Access Management Lots of users and systems required to do business: – Multiple repositories of identity information; Multiple user IDs, multiple passwords – Decentralized management, ad hoc data sharing Environment Complexity

6 Identity & Access Management Pain points

7 Identity & Access Management Management of identity: Provisioning/De-provisioning of accounts Workflow automation Delegated administration Password Synchronization Self-Service Password Reset Directory Service: Identity Repository (directory services for administration of user account attributes) Meta-data Replication/Synchronization Can include Access Control (I&AM): Policy based access control Enterprise/Legacy Single Sign On (SSO) Web Single Sign On (SSO) Reduced Sign On What is an Identity System? A system (processes, rules, applications, and services) that coordinates identity information held in disparate and scattered data sources. The concept of Identity Management

8 Employee info entered in HR Accounts provisioned to enterprise systems & applications Non-digital resources assigned and/or initiated New Users Join Company Change Events & User Support Users Depart Company Job/role/status changes Password changes and resets Personal profile information changes Additional requests for account access or non-digital resources Employee status updated in HR Account disabled & removed Non-digital resources retrieved and/or cancelled Delegation Workflow Role management Rule & Policy Enforcement Reports Audit Identity & Access Management What is Identity Management ? IDM CORE

9 USEROU ROLEACCOUNT RESOURCE PROFILES - GROUPS GROUPS of RESOURCES SW Inventory HRMS VISION Identity & Access Management What is Identity Management ?

10 IAM components 10 AdministerAuthenticateAuthorize Identity Management (Administration) Access Management (Real-Time Enforcement) Physical Resources ApplicationsDatabases Security Systems Directories Operating Systems Identity Admin Accounting (ITSM) NAC Alarm/ Alerting Authentication Infrastructure Enterprise Reduced Sign-On User Management Account Provisioning Metadirectory Role Matrix Management Enterprise Access Management Federated Identity Management AUDITAUDIT COMPLIANCECOMPLIANCE

11 Il nostro approccio Metodologico Organizzativo Tecnologico

12 Identity & Access Management Short termLong term Benefits of IAM Save money and improve operational efficiency Improved time to deliver applications and service Enhance Security Regulatory Compliance and Audit New ways of working Improved time to market Closer Supplier, Customer, Partner and Employee relationships

13 Grazie Giacomo Aimasso

Download ppt "Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA."

Similar presentations

Ads by Google