leveraging identity to manage change and complexity
DESCRIPTION
Presented at this year European Identity and Cloud Conference 2012, Jim Taylor's Leveraging Identity to Manage Change and Complexity looks at controlling the risks and challenges of computing across multiple environments; providing users the appropriate access at the right time to the computing services they need to do their jobs; and ensuring computing is secure, compliant and portable. He discussed how identity, identity management and governance serve as the foundation for coping with an ever-changing IT environment, new business models, cloud models and more.TRANSCRIPT
Leveraging Identity to Manage Change and Complexity
Jim Taylor
Vice President of Product Management
Identity & Security
© 2012 NetIQ Corporation. All rights reserved.2
Goals of 21st Century Computing
Control the Risks and Challenges of computing across multiple environments.
Users should have the appropriate access at the right time to the computing services they need to do their jobs.
Computing should be secure, compliant and portable
1
2
3
© 2012 NetIQ Corporation. All rights reserved.3
Change & Complexity = Pressure on IAM
Attacks are increasing Everyone’s gone mobile
Budgets are shrinkingThe cloud is here
© 2012 NetIQ Corporation. All rights reserved.4
Attacks are increasing Everyone’s gone mobile
Budgets are shrinkingThe cloud is hereRegulatio
n, Complia
nce, A
udits
Change & Complexity = Pressure on IAM
© 2012 NetIQ Corporation. All rights reserved.5
Iden
tity-Infu
sed E
nterp
riseThe Big Picture
IT Conflicting Responsibilities
Support compliance activities
Maintain levels of security
Support strategic objectives
Respond to changing environments
Multiple Business User Requirements
Access Request Automation
Access Certification
Delegated Administration
Activity Monitoring and Reporting
Multiple User Environments
MS Windows administration
Financial and Business applications
Business, End-User, Partner and Customer access
SaaS Management
Multiple Required Technologies
Identity Management
Access Management
Access Governance
Windows Management
Security Management
Multiple Delivery Demands
Standalone Solution
Integrated Platform
Virtual Appliance
As a Service
© 2012 NetIQ Corporation. All rights reserved.6
It’s All About Identity and AccessWhat should it do for you ?
What is an Identity? - Who/What are you?
- Name, location, etc.
- Roles
- Title, Manager, etc.
- Relationships
- Employee, Contractor, etc.
Membership and Access based on Identity
- Applications
- Systems
- Data
- Groups
- Physical Facilities
- Resources
© 2012 NetIQ Corporation. All rights reserved.7
Access – The Big PictureWhat does it mean across your entire enterprise?
Who has the Access?– What level & type of Access?
– Who provided the Access?
– Was it reviewed and is the Access appropriate for each identity?
Is the Access Secure?– Can I monitor what is being done with the Access?
– What is the risk of giving Access?
Flexible Fulfillment of the Access?– Can I provision Access across physical, virtual & cloud?
– Privileged and delegated access too?
How do I gain Access?– Sign-on from any device, from anywhere, for everyone?
– Can the Access be Federated?
© 2012 NetIQ Corporation. All rights reserved.8
The business needs to know?
• Who has Access to what ?
• Is it appropriate Access, has it been checked ?
• Are we compliant ? And can we stay compliant ?
• Do we know our risk ? And can we mitigate it ?
Why Should You Care?
© 2012 NetIQ Corporation. All rights reserved.10
Right People, Appropriate Access, Right Resources, Right Time
© 2012 NetIQ Corporation. All rights reserved.11
Regulatory Pressures
Internal Audit
Board of Directors – Oversight Groups
© 2012 NetIQ Corporation. All rights reserved.12
Mitigate Risk – Stay Out of the Press
~ $7 Billion Loss
~ $2 Billion Loss
What Can You Do About It?
© 2012 NetIQ Corporation. All rights reserved.14
Identity, Access and Security
• Software vendors developed Identity, Access and Security solutions to provide the answer
– Unfortunately these were driven by separate market requirements and integration was an after thought
– Even though many vendors have improved the integration between User Provisioning, Access Management and Security solutions, a different approach is needed
• Next generation Identity solutions need to leverage common intelligence
– Conclusion is supported by convergence in key markets – for example – User Provisioning and Access Governance
© 2012 NetIQ Corporation. All rights reserved.15
Identity Management Market
IT and Business focused solutions led to two market segments within Identity Management
User Provisioning
Access Governance
Driven by IT
Driven by the business
© 2012 NetIQ Corporation. All rights reserved.16
Strategy driven by expected market convergence
User Provisioning and Access Governance markets are converging
User Provisioning (IDM 4)
Access Governance (AGS)
Next Generation Identity and Access Governance “Business Interface – Trusted
Fulfillment”
Driven by IT
Driven by the business
Demanding better
Provisioning
Demanding business-centric user interfaces
© 2012 NetIQ Corporation. All rights reserved.17
Next Generation IAG
• Characteristics of next generation Identity and Access Governance
– Provides an common platform that supports a variety of integrated services.
– Enables vendors, partners and customers to select solution specific configurations – simplifying deployment and management.
– Enables services to be dynamically added or removed to respond to changing business requirements.
– Intelligently reacts to changing service level requirements.
– Seamlessly provides identity services that can be leveraged by Access Management, Cloud and mobile technologies (Identity Hub).
– Is platform-independent (broad platform support), high performance and scalable.
© 2012 NetIQ Corporation. All rights reserved.18
Access GovernanceManage & Certify Access to Achieve Compliance
Identity & Access Governance
Compliance
Re-Certification
Roles
Access RequestEntitlement
Creep
© 2012 NetIQ Corporation. All rights reserved.19
Identity & Access ManagementFlexible Access Fulfillment Across Physical, Virtual & Cloud
Identity & Access Governance
Compliance
Re-Certification
Roles Management
Access RequestEntitlement
Management
Identity & Access Management
ProvisioningFederation or
Trusted Authentication
Simplified Secure Sign-on
SaaS & MobilityActive Directory Administration
Privileged Administration
© 2012 NetIQ Corporation. All rights reserved.20
Security ManagementUnderstand What Users Are Doing With Their Access
Identity & Access Governance
Compliance
Re-Certification
Roles Management
Access RequestEntitlement
Management
Identity & Access Management
ProvisioningFederation or
Trusted Authentication
Simplified Secure Sign-on
SaaS & MobilityActive Directory Administration
Privileged Administration
Security Management
Configuration Management
Correlation
Remediation
Log Management
Event Management
© 2012 NetIQ Corporation. All rights reserved.21
Identity & Access Management
ProvisioningFederation or
Trusted Authentication
Simplified Secure Sign-on
SaaS & MobilityActive Directory Administration
Privileged Administration
NetIQ Governance, Identity & SecurityA Full Set of Solutions to Solve Your IT/Business Challenges
Built on a Foundation of Identity
Identity & Access Governance
Compliance
Re-Certification
Roles Management
Access RequestEntitlement
Management
Security Management
Configuration Management
Correlation
Remediation
Log Management
Event Management
Access Governance Suite
Identity ManagerAccess Manager
Secure LoginDirectory Resource Administrator
Privileged User ManagerAccess Gateway for Cloud
Sentinel
Change Guardian
Secure Configuration
Manager
Sentinel Log Manager
© 2012 NetIQ Corporation. All rights reserved.22
NetIQ – Positioned to Succeed
ApplicationManagement
SystemsManagement
SecurityManagement
Large Focused
ISV
Scale to deliver,with a culture to care.
$350 Million
Customer Service
Strong Vision
Technical Expertise
COMMITTED TO OUR CUSTOMERS’ SUCCESS
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.
Copyright © 2011 NetIQ Corporation. All rights reserved.
ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.