1 hitachi id password manager...
Post on 07-May-2018
233 Views
Preview:
TRANSCRIPT
1 Hitachi ID Password Manager (B2C)
Managing The User Lifecycle
With The Hitachi IDManagement Suite
Password synchronization and self-service reset.
2 Agenda
• Hitachi ID corporate overview.• Hitachi IDMS overview.• Extranet password problems.• The Hitachi ID Password Manager solution.• Project TCO and ROI.• Buy vs Build.
© 2010 Hitachi ID Systems, Inc. All rights reserved. 1
Slide Presentation
3 Hitachi ID Corporate Overview
Hitachi ID is a leading provider of identityand access management solutions.
• Founded as M-Tech in 1992, acquiredby Hitachi, Ltd. in 2008.
• 840+ customers with a combined10.4M+ licensed users.
• Offices in North America and partnersoverseas.
• Approximately 140 employees.
Award: SC Magazine Best Buy for theHitachi IDMS.
4 Representative Hitachi ID Customers
© 2010 Hitachi ID Systems, Inc. All rights reserved. 2
Slide Presentation
5 Hitachi IDMS
6 Costly Customer Support
Customers log into web applications and ISPs/BSPs with an ID and password, but sometimesforget their password. When this happens:
• The customer has trouble logging in.• A call to the user support line follows.• Both the user and support organization spend time resolving the problem.
This support process is costly, especially for large numbers of users. The process also frustrates users,impacting customer retention.
© 2010 Hitachi ID Systems, Inc. All rights reserved. 3
Slide Presentation
7 Safeguarding Privacy
National and EU regulations mandate strong measures to protect user privacy, including on B2Capplications.
• In most B2C applications, confidential customer data is protected by one password per user.• Passwords may be: easily guessed, written down or shared .• Users who forget their password must prove their identity to the customer support organization
before being allowed a password reset, but this process may be weak and vulnerable to attack.
8 Hitachi ID Password Manager Reduces Password Cost of Owner-ship
Password Manager reduces the TCO of customer password systems:
• Users can reset their own forgotten passwords, using a web browser or an automated telephonecall.
• Support staff use a simple, secure and accountable web interface to quickly resolve customerpassword problems.
• The solution is available: 24x365 from anywhere.
9 Password Manager Strengthens Security
Aging: Users can be prompted to change their password regularly.
Composition: New passwords must meet rules, designed to make them hard to guess.
Authentication: Users must reliably identify themselves before they can reset their forgottenpasswords.
Accountability: All transactions are logged.
© 2010 Hitachi ID Systems, Inc. All rights reserved. 4
Slide Presentation
10 Password Manager Features
• Synchronization:Reduce the number of passwords per user.
• Self service:Enable users to resolve lockout and forgotten-password problems without calling the help desk.
• Assisted reset:Shorten help desk password calls.
• Policy enforcement:Ensure consistently strong, frequently changing passwords.Close social-engineering weaknesses at the help desk.
• Other authentication factors:PIN resets for smart cards and one-time-password tokens.Enrollment for security questions and voice biometrics.Unlock encrypted hard disks with lost/forgotten keys.
11 Network Architecture
InternetUser
InternalUser
PasswordSynchTriggerSystems
Load Balancer
SMTP or Notes Mail
IVR Server
HelpdeskTicketingSystem Authoritative
System ofRecord
Target Systemswith local agent:OS/390, Unix, older RSA
Firewall
Firewall
Firewall
TCP/IP + AES
Various Protocols
Secure Native Protocol
Remote Network
Firewall
Local Network
DMZ
Target Systemswith remote agent:AD, SQL, SAP, Notes, etc
Target SystemsEmails
Tickets
Lookup & Trigger
Native
password
change
AD, Unix,
OS/390,
LDAP,
AS400
Web
Web
Validate PW
HTTPS Private Channel
HTTPS
Phone
Hitachi IDProxy Server(s)(optional)
ReverseWeb Proxy
Hitachi IDApplicationServer(s)
© 2010 Hitachi ID Systems, Inc. All rights reserved. 5
Slide Presentation
12 Hitachi ID Password Manager Works Across Firewalls
User
Local Network
Remote Network
Firewall
Firewall
Target SystemsLoadBalancer
Firewall
TCP/IP + AES
Various Protocols
Secure Native Protocol
Hitachi IDProxy Servers
Hitachi IDManagement Suite
13 The Hitachi ID Solution is Flexible
Customize: Every aspect of the user interface
Integrate with: 113+ target system typesCall tracking systemsHR systemsAuthentication hardwareMeta directoriesIVR servers
Enforce: Password policyAuthentication rules
© 2010 Hitachi ID Systems, Inc. All rights reserved. 6
Slide Presentation
14 Supported Target Systems
Many connectors included in the base price:
Directories:Any LDAP, AD, WinNT, NDS,eDirectory, NIS/NIS+.
Servers:Windows NT, 2000, 2003,2008, Samba, Novell,SharePoint.
Databases:Oracle, Sybase, SQL Server,DB2/UDB, ODBC.
Unix:Linux, Solaris, AIX, HPUX, 24more.
Mainframes, Midrange:z/OS: RAC/F, ACF/2,TopSecret. iSeries / OS400.
HDD Encryption:McAfee, CheckPoint.
ERP:JDE, Oracle eBiz,PeopleSoft, SAP R/3, Siebel,Business Objects.
Collaboration:Lotus Notes, Exchange,GroupWise, BlackBerry ES.
Tokens, Smart Cards:RSA SecurID, SafeWord,RADIUS, ActivIdentity,Schlumberger.
WebSSO:CA Siteminder, IBM TAM,Oracle AM, RSA AccessManager.
Help Desk:BMC Remedy, BMC SDE, HPService Manager, CAUnicenter, Assyst, HEAT,Altiris, Track-It!, etc.
Cloud/SaaS:WebEx, Google Apps, SOAP.
15 Rapid Target System Integration
• Hitachi ID Password Manager easily integrates with custom, vertical and hosted applications usingflexible agents .
• Each flexible agent represents a standard process for connecting to a whole class of target systems,including:
– API bindings (C, C++, Java, COM, ActiveX, MQ Series).– Telnet / TN3270 / TN5250 / sessions with TLS or SSL.– SSH sessions.– HTTP(S) administrative interfaces.– Web services.– Win32 and Unix command-line administration programs.– SQL scripts.– Custom LDAP attributes.
• Typically a few hours to a few days to add an integration.• Hitachi ID can build these at fixed-cost.
© 2010 Hitachi ID Systems, Inc. All rights reserved. 7
Slide Presentation
16 Rapid Deployment and Low TCO
Optimized to minimize effort: Using Hitachi ID Password Managertechnology:
• Password management with PasswordManager:
– Initial deployment:4 to 8 weeks of effort.
– Ongoing maintenance:0.25 to 0.5 FTE.
• Built-in nightly auto-discovery of IDs,entitlements.
• Both attribute-based and self-service IDmapping.
• Automatically managed user enrollment• No requirement for client software.• 113 connectors out of the box.• Rapid integration with custom, vertical
apps.• Easy customization of GUI, business
logic.
17 User Enrollment / Roll-out Process
• If no new data is needed from users, there will be no enrollment.• Hitachi ID Password Manager automatically identifies users who need to enroll. It limits the total
number of registration requests per day and the frequency of requests per user.• Users are notified by e-mail or a popup Web browser launched during their network login script and
asked to register.• Users enroll by filling in the blanks on a handful of sequential Web forms on the Password Manager
server.
18 Deployment Services
Turn-key deployments are recommended, to ensure a rapid return on investment:
• A typical B2C Hitachi ID Password Manager deployment takes just 2 weeks.• Deployments can be carried out remotely, using VPN and remote control software.• Deployments do not interrupt service.
© 2010 Hitachi ID Systems, Inc. All rights reserved. 8
Slide Presentation
19 Project TCO and ROI
Hitachi ID Password Manager deployment normally pays for itself in 2-3 months:
• Cost of the problem: $10 - $20 per user annually.• Password Manager deployment cost: - Hardware: $6,000
- Software license: less than $1/user- Professional services (turnkey): $18,000- Ongoing software support: less than 1/4 FTE- Software maintenance: 20% of license/year
20 Buy vs. Build
Purchasing Hitachi ID Password Manager is more cost effective than developing a home-grownsolution:
• Benefits can be realized immediately – ROI in less time than completing development.• No ongoing software maintenance work.• Password Manager is a high-quality, commercial-grade, robust and secure product. This degree of
quality control is costly to reproduce and maintain.
21 Summary
• Password management is a costly problem.• Hitachi ID Password Manager is a simple, targetted and secure solution to the password
management problems of support cost, customer satisfaction and privacy .• Deployment can be completed in 2-3 weeks, and return on investment can be realized in 2-3 months.
Find out more at Password-Manager.Hitachi-ID.com.
www.Hitachi-ID.com
500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com
File: PRCS:presDate: June 16, 2010
top related