Quality in Identity and Access Management Systems IDM: Overview Michele Brass, PMP PMI Westchester Chapter Program Manager – Collaboration Tools.

Slides:



Advertisements
Similar presentations
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Advertisements

Autenticazione e Gestione delle Identità Giacomo Aimasso – CISM – CISA.
Privileged Identity Management Enterprise Password Vault
Microsoft Forefront Identity Manager 2010
Identity and Access Management Strategy and Solution.
Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
Dobrodošli!. Dobrodošli Peter Novak EPG Manager, Microsoft Slovenija Copyright 2006 © Microsoft.
Identity Management with Microsoft Identity Integration Server.
Identity and Access Management: Overview Rafal Lukawiecki Strategic Consultant, Project Botticelli Ltd
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Identity and Access Management
Access and Identity Management for Enterprise Portals Rohit Gupta Director, Identity Management Product Management Oracle Corporation.
Microsoft Identity Integration Server 2003 (MIIS) Kim Mikkelsen Senior Technology Specialist Microsoft.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Microsoft Identity and Access Solutions Market Trends and Futures
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Identity Lifecycle Management Jonny Chambers Senior Technical Specialist Microsoft Ireland
Cognizance Identity and Access Management Identity Management ● Authentication ● Authorization ● Administration The next generation security solution
Identity and Access Management Dustin Puryear Sr. Consultant, Puryear IT, LLC
Identity and Access Management Business Ready Security Solutions.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Overview of Access and Information Protection
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Unify and Simplify: Security Management
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Dell Connected Security Solutions Simplify & unify.
© Aladdin Knowledge Systems 2006 Aladdin eToken Overview April 2006 ®
Delivering Security for Mobile Device and Mobile Application Management INSERT MSP LOGO HERE.
Using AS 10g with EBS What are the Benefits of Integrating AS 10g with Oracle Applications?
Sudha Iyer Principal Product Manager Oracle Corporation.
Tech Ed North America /24/2017 1:59 AM SESSION CODE: SIA327
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
DEP311 Identity Management with Microsoft Identity Integration Server (formerly MMS) Steve Plank Architectural Engineer |Microsoft UK Visit
One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.
ARC203 Planning an IAM Strategy for your Organisation Gary Williams Principal Consultant – Microsoft UK.
AUTOMATING DAAS DESKTOPS WITH CITRIX CORTEX Tony Sanchez WW Alliances Solutions Architecture Citrix Systems Inc SESSION CODE: CLI415 (c) 2011 Microsoft.
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
Federico Guerrini IDA TSP, EMEA Incubation Team From Identity Synchronization to Identity Management.
Identity Management and Enterprise Single Sign-On (ESSO)
Copyright Microsoft Corp Sandeep Katyal TechnologistMicrosoft Solving the Identity Management problem using MIIS and ADFS.
Introduction to Identity Management with MIIS 2003 Steve Plank Architectural Engineer Session code.
University of Washington Collaboration: Identity and Access Management Lori Stevens University of Washington October 2007.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
February 24 th, 9am-11am Part 1: Preventing the “Big Lebowski” Justin Stanton, Stuart Ami from Interlink Group, LLC Part 2: Windows Focused Identity Administration.
Microsoft Identity Integration Server & Role Base Access Theo Kostelijk Consultant Microsoft BV
TechNet Architectural Design Series Part 5: Identity and Access Management Gary Williams & Colin Brown Microsoft Consulting Services.
Security Insights: Identity Theft & Management. The Identity Theft Problem What is Identity Theft? Dumpster diving Low tech Phishing/Pharming Targets.
Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Cloud, big data, and mobility Your phone today probably meets the minimum requirements to run Windows Server 2003 Transformational change up.
The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.
Building and Implementing An Identity Management Roadmap John Taylor Manager, IT Security & Service Continuity Phil Hall Security Consultant Apologies.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Introduction to the Microsoft Identity Integration Server and Roadmap
Identity and Access Management
Secure Connected Infrastructure
Data and Applications Security Developments and Directions
Identity and Access Management: Overview
Identity and Access Management
9/13/2018 4:54 PM BRK How to get Office 365 to the next level with Azure Active Directory Premium Brjann Brekkan Program Manager Lead – Customer.
Company Overview & Strategy
TechEd /6/ :24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
OU BATTLECARD: Oracle Identity Management Training
Microsoft Virtual Academy
Presentation transcript:

Quality in Identity and Access Management Systems IDM: Overview Michele Brass, PMP PMI Westchester Chapter Program Manager – Collaboration Tools

2Objectives Demonstrate how important data quality and data accuracy is with Identity and Access Management systems Discuss data flows and the problems and opportunities faced Build a good conceptual background Introduce terminology Promote future discussions

3 Session Agenda Identity Problem of Today Identity Laws and Metasystem Components and Terminology

4 Identity Problem of Today

5 Universal Identity? In-house networks use multiple, often mutually- incompatible, proprietary identity systems Users are incapable of handling multiple identities Criminals love to exploit this mess

6 Explosion of IDs Pre 1980’s 1980’s1990’s2000’s # of Digital IDs Time Applications Mainframe Client Server Internet BusinessAutomation Company(B2E) Partners(B2B) Customers(B2C) Mobility

7 The Identity And Access Management Chaos Enterprise Directory HRSystem InfraApplication Lotus Notes Apps In-HouseApplication Kelly IT Consulting Feed NOS OtherApplications Authentication Authorization Identity Data Authentication Authorization Identity Data Authentication Authorization Identity Data Authentication Authorization Identity Data Authorization Identity Data Authentication Authorization Identity Data Authentication Authorization Identity Data

8 Your COMPANY and your EMPLOYEES Your SUPPLIERS Your PARTNERS Your REMOTE and VIRTUAL EMPLOYEES Your CUSTOMERS Customer satisfaction & customer intimacy Cost competitiveness Reach, personalization Collaboration Outsourcing Faster business cycles; process automation Value chain M&A Mobile/global workforce Flexible/temp workforce Multiple Contexts

9 What is Identity Management? Provisioning Single Sign On PKI StrongAuthentication Federation Directories Authorization Secure Remote Access PasswordManagement Web Services Security Auditing & Reporting RoleManagement DigitalRightsManagement

10 Identity And Access Management is A system of procedures, policies and technologies to manage the lifecycle of entitlements of electronic credentials for your organization, business partners and customers.

11 Identity and Access Management Touches The process of authenticating credentials and controlling access to networked resources based on trust and identity Repositories for storing and managing accounts, identity information, and security credentials The processes used to create and delete accounts, manage account and entitlement changes, and track policy compliance Directory Services Access Management Identity Lifecycle Management

12 Trends Impacting Identity Increasing Threat Landscape Identity theft costs banks and credit card issuers $1.2 billion in 1 year $250 billion lost in 2004 from exposure of confidential info Maintenance Costs Dominate IT Budget On average employees need access to 16 apps and systems Companies spend $20-30 per user per year for PW resets Deeper Line of Business Automation and Integration One half of all enterprises have SOA under development Web services spending growing 45% CAGR Rising Tide of Regulation and Compliance SOX, HIPAA, GLB, Basel II, 21 CFR Part 11, … $15.5 billion spend in 2005 on compliance (analyst estimate) Data Sources: Gartner, AMR Research, IDC, eMarketer, U.S. Department. of Justice

13 Business Owner End User IT Admin Developer Security/ Compliance Too expensive to reach new partners, channels Need for control Too many passwords Long waits for access to apps, resources Too many user stores and account admin requests Unsafe sync scripts Pain Points Redundant code in each app Rework code too often Too many orphaned accounts Limited auditing ability

14 Simplify Enterprise Identity Management Identity Data LDAPSQL Directory Synchronization Active Directory & ADAM Sun/iPlanet Directory Novell eDirectory Microsoft SQL Oracle Lotus Notes Microsoft Exchange Microsoft NT DSML, LDIF, CSV, fixed width …others to follow Password Management Self-service password reset Helpdesk password reset User Provisioning Automate account create/delete NOS LOB Apps IDM

15 Who Are The Current Major Vendors? Microsoft Forefront Identity Management (FIM) Oracle Identity Manager Computer Associates Identity And Access Manager

16 Identity Management Concepts Connected directory Source and/or destination for synchronized attributes Connector space (CS) Staging area for inbound or outbound synchronized attributes Metaverse (MV) Central store of identity information Matching CS entries to a single MV entry is called “join” iPlanet Oracle SQL Exchange5.5 ConnectedDirectories Metaverse User Connector Space

17 Provisioning & de-provisioning Source Tel No. Title Tel No. Title Tel No. Title Tel No. ProvisioningEngine

18 Provisioning & de-provisioning Source Tel No. Title Tel No. Title Tel No. Title Tel No. ProvisioningEngine JoinEngine

19 HR MA Connector Space Metaverse Provisioning Types Simple Provisioning MA code modifies attributes as they flow Jimi cn = displayName = Surname = Hendrix First Name = Jimi MA Connector Space Constructed Attributes Attributes Jimi Hendrix Hendrix, Jimi cn = Hendrix, Jimi MailboxName = Jimi Hendrix FlowedAttributes MA config flows attributes intact MA maps attributes

20ProvisionDe-provision Join and synchronize Provisioning Lifetime Provisioning & de-provisioning PasswordSynch

21 Active Directory Password Management Initial password set Password Synchronization Centralized password control via a Web app Self-service password reset Helpdesk password reset Business Directory Web app IDM

22 Possible Savings Directory Synchronization Improved data accuracy Improved updating of user data Improved list management Password Management password reset costs range from $51 (best case) to $147 (worst case) for labor alone.” – Gartner User Provisioning “Improved IT efficiency “Reduced help desk costs: $75 per user per year” - Giga Information Group

23 Can We Just Ignore It All? Today, average corporate user spends 16 minutes a day logging on A typical home user maintains identities Number of phishing and pharming sites grew over 1600% over the past year Corporate IT Ops manage an average of 73 applications and 46 suppliers, often with individual directories Regulators are becoming stricter about compliance and auditing Orphaned accounts and identities lead to security problems Source: Microsoft’s internal research and Anti-phishing Working Group Feb 2005

24Solution? Better Option: Build a global, universal, federated identity metasystem Will take years…

25 Identity Laws – good source on the web 1. User Control and Consent 2. Minimal Disclosure for a Constrained Use 3. Directed Identity 4. Pluralism of Operations and Technologies 5. Human Integration 6. Consistent Experience Across Contexts

26 Remember the Chaos? Enterprise Directory HRSystem InfraApplication Lotus Notes Apps In-HouseApplication Kelly IT Consulting Feed NOS OtherApplications Authentication Authorization Identity Data Authentication Authorization Identity Data Authentication Authorization Identity Data Authentication Authorization Identity Data Authorization Identity Data Authentication Authorization Identity Data Authentication Authorization Identity Data

27 Identity And Access Management Benefits Benefits to take you forward (Strategic) Benefits today (Tactical) Save money and improve operational efficiency Improved time to deliver applications and service Enhance Security Regulatory Compliance and Audit New ways of working Improved time to market Closer Supplier, Customer, Partner and Employee relationships

28 IDM Architecture

29 In the end... The identity platform is complex as it touches the entire enterprise!

30 Identity Management Platform User Management Infrastructure Management Network Security Access Control Network Management Service Management Directory Services Automated Synch. Automated Provisioning Password Management Self-Service Interface IDM Workflow Auditing & Reporting Policy Management Enterprise Role-Man. Enterprise User-Man. Unix/Linux SSO Host SSO Remote Access Audit&Rep Provisioning Services Frontend Services Access Services Smardcard Management Certificate Management Information Rights Mgmt. Extended Directory Services Desktop IDM Env. Windows Server (Active Directory/ADAM, PKI Directory Services Quest / Centrify Identity and Access Management Product Provisioning & Password Management Services Active Directory Federation Server

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.