Presentation on theme: "Extending IBM Security Identity Manager With StealthAUDIT for Data & A ccess Governance Charlie Palella – IBM Alliance Manager"— Presentation transcript:
Extending IBM Security Identity Manager With StealthAUDIT for Data & A ccess Governance Charlie Palella – IBM Alliance Manager Sean Cataldo – GM, Data & Access Governance Jeff Warren – VP, Product Mgt. Data & Access Governance
Agenda Unstructured Data Access Challenges Managing Privileged Identities Enabling Complete IAM Governance
Unstructured Data Challenges Access Sprawl o Joiner, Mover, Leaver Activity Management o Distributed Entitlements Unlike applications, unstructured data entitlements are widespread at the folder level o Access Never thoroughly Reviewed/Adjusted Data Explosion o 80% of Data is in Unstructured Data Sites SharePoint, File Systems, SQL, etc. o Estimated that 30-40% of that data is sensitive o Gartner predicts 650% increase in next 5 years Risk Exposure on the Rise o Brand, Revenue & Reputation Exposure o Security Breach / Insider Threat o Compliance Findings o Service Level Impacts
Privileged Identities Managing Access to Unstructured Data User Access
Managing Privileged Identities Extending PIM to Unstructured Data with StealthAUDIT
IT Admin Setting the Stage for PIM PIM ESSO SIM I need access to this Server. I need access to this Database. I need access to this Web App.
Discover Where risk exists Who has privileged access How they are have privileged access How StealthAUDIT Helps….. DISCOVER ❶ ❷ CONFORM ❸ PUBLISH ❹ MONITOR PIM ESSO SIM Monitor User Activity User Logons
Our Value Proposition for PIM CapabilityBenefit Discovery & Conformance Find any “back doors” to circumvent PIM and close them where it matters the most Monitor ActivityKnow exactly what files administrators touched, modified, read, copied, etc. Monitor LogonsKnow when Privileged IDs not managed by PIM logged onto the system Publish to PIMStealthAUDIT can feed information directly to PIM to ensure all Privileged Identities are managed centrally
Governing User Access StealthAUDIT Integration with IBM’s PIM and SIM
Access Governance for Unstructured Data SIMStealthAUDIT® Directory Services SharePoint File Systems Databases Applications Access Recertification Self-Service Access
How StealthAUDIT Helps….. Discover Critical Unstructured Data Resources ❶ ❷ Correlate Access & Permissions ❸ Determine Resource Ownership ❹ Publish to SIM
IBM & STEALTHbits: One Stop Access Governance What SIM DoesNativelyWith StealthAUDIT Provision User Accessto Applications (ex. PeopleSoft)to Data (ex. the Finance Share) Review User Accessto Applicationsto Data De-Provision User Accessto Applicationsto Data SIM: Governs User Access to Applications…but what about the Data? For Applications,Data and Privileged Identities! What PIM DoesWith StealthAUDIT Control shared access to sensitive User IDsDiscover Backdoor Privileged ID’s residing within Data (ex. Local Admin Group) Request, approve and re-validate privileged access Identify Un-managed Privileged Identities Track usage of shared identitiesMonitor Privileged Identity Activity Automated password managementEnsure Sensitive Resources are only Accessed by the PIM Controlled Accounts PIM: Governs Known Privileged Identities …but what about the Unknown?
Contact Us for Additional Details 1. STEALTHbits Partner Alliance Manager o Charlie Palella: 2. Visit our developerWorks® websitedeveloperWorks® website 3. Visit