leveraging identity to manage change and complexity

Leveraging Identity to Manage Change and Complexity

Jim Taylor

Vice President of Product Management

Identity & Security

© 2012 NetIQ Corporation. All rights reserved.2

Goals of 21st Century Computing

Control the Risks and Challenges of computing across multiple environments.

Users should have the appropriate access at the right time to the computing services they need to do their jobs.

Computing should be secure, compliant and portable

1

2

3


Change & Complexity = Pressure on IAM

Attacks are increasing Everyone’s gone mobile

Budgets are shrinkingThe cloud is here


Attacks are increasing Everyone’s gone mobile

Budgets are shrinkingThe cloud is hereRegulatio

n, Complia

nce, A

udits

Change & Complexity = Pressure on IAM


Iden

tity-Infu

sed E

nterp

riseThe Big Picture

IT Conflicting Responsibilities

Support compliance activities

Maintain levels of security

Support strategic objectives

Respond to changing environments

Multiple Business User Requirements

Access Request Automation

Access Certification

Delegated Administration

Activity Monitoring and Reporting

Multiple User Environments

MS Windows administration

Financial and Business applications

Business, End-User, Partner and Customer access

SaaS Management

Multiple Required Technologies

Identity Management

Access Management

Access Governance

Windows Management

Security Management

Multiple Delivery Demands

Standalone Solution

Integrated Platform

Virtual Appliance

As a Service


It’s All About Identity and AccessWhat should it do for you ?

What is an Identity? - Who/What are you?

- Name, location, etc.

- Roles

- Title, Manager, etc.

- Relationships

- Employee, Contractor, etc.

Membership and Access based on Identity

- Applications

- Systems

- Data

- Groups

- Physical Facilities

- Resources


Access – The Big PictureWhat does it mean across your entire enterprise?

Who has the Access?– What level & type of Access?

– Who provided the Access?

– Was it reviewed and is the Access appropriate for each identity?

Is the Access Secure?– Can I monitor what is being done with the Access?

– What is the risk of giving Access?

Flexible Fulfillment of the Access?– Can I provision Access across physical, virtual & cloud?

– Privileged and delegated access too?

How do I gain Access?– Sign-on from any device, from anywhere, for everyone?

– Can the Access be Federated?


The business needs to know?

• Who has Access to what ?

• Is it appropriate Access, has it been checked ?

• Are we compliant ? And can we stay compliant ?

• Do we know our risk ? And can we mitigate it ?

Why Should You Care?


Right People, Appropriate Access, Right Resources, Right Time


Regulatory Pressures

Internal Audit

Board of Directors – Oversight Groups


Mitigate Risk – Stay Out of the Press

~ $7 Billion Loss

~ $2 Billion Loss

What Can You Do About It?


Identity, Access and Security

• Software vendors developed Identity, Access and Security solutions to provide the answer

– Unfortunately these were driven by separate market requirements and integration was an after thought

– Even though many vendors have improved the integration between User Provisioning, Access Management and Security solutions, a different approach is needed

• Next generation Identity solutions need to leverage common intelligence

– Conclusion is supported by convergence in key markets – for example – User Provisioning and Access Governance


Identity Management Market

IT and Business focused solutions led to two market segments within Identity Management

User Provisioning

Access Governance

Driven by IT

Driven by the business


Strategy driven by expected market convergence

User Provisioning and Access Governance markets are converging

User Provisioning (IDM 4)

Access Governance (AGS)

Next Generation Identity and Access Governance “Business Interface – Trusted

Fulfillment”

Driven by IT

Driven by the business

Demanding better

Provisioning

Demanding business-centric user interfaces


Next Generation IAG

• Characteristics of next generation Identity and Access Governance

– Provides an common platform that supports a variety of integrated services.

– Enables vendors, partners and customers to select solution specific configurations – simplifying deployment and management.

– Enables services to be dynamically added or removed to respond to changing business requirements.

– Intelligently reacts to changing service level requirements.

– Seamlessly provides identity services that can be leveraged by Access Management, Cloud and mobile technologies (Identity Hub).

– Is platform-independent (broad platform support), high performance and scalable.


Access GovernanceManage & Certify Access to Achieve Compliance

Identity & Access Governance

Compliance

Re-Certification

Roles

Access RequestEntitlement

Creep


Identity & Access ManagementFlexible Access Fulfillment Across Physical, Virtual & Cloud


Compliance

Re-Certification

Roles Management


Management

Identity & Access Management

ProvisioningFederation or

Trusted Authentication

Simplified Secure Sign-on

SaaS & MobilityActive Directory Administration

Privileged Administration


Security ManagementUnderstand What Users Are Doing With Their Access


Compliance

Re-Certification

Roles Management


Management







Security Management

Configuration Management

Correlation

Remediation

Log Management

Event Management








NetIQ Governance, Identity & SecurityA Full Set of Solutions to Solve Your IT/Business Challenges

Built on a Foundation of Identity


Compliance

Re-Certification

Roles Management


Management

Security Management

Configuration Management

Correlation

Remediation

Log Management

Event Management

Access Governance Suite

Identity ManagerAccess Manager

Secure LoginDirectory Resource Administrator

Privileged User ManagerAccess Gateway for Cloud

Sentinel

Change Guardian

Secure Configuration

Manager

Sentinel Log Manager


NetIQ – Positioned to Succeed

ApplicationManagement

SystemsManagement

SecurityManagement

Large Focused

ISV

Scale to deliver,with a culture to care.

$350 Million

Customer Service

Strong Vision

Technical Expertise

COMMITTED TO OUR CUSTOMERS’ SUCCESS

This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.

Copyright © 2011 NetIQ Corporation. All rights reserved.

ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.

leveraging identity to manage change and complexity

Technology