© 2010 Wipro Ltd - Confidential

Evolution of Identity As A Service(IDAAS)

Oct 2010

Vinod MuniyappaGeneral Manager – Application & Data SecurityEnterprise Security Solutions, Wipro Technologies

© 2010 Wipro Ltd - Confidential2

• Challenges eluding large scale success in Traditional “In-Sourced” IAM Programs

• Evolving “IDAAS” Models

• IDAAS– Principles– Components– Solution Highlights & Architecture– Roadmap– Summary of Benefits

• Evolution of Wipro’s IAM

Agenda

© 2010 Wipro Ltd - Confidential3

Challenges eluding large scale success in Traditional “In-Sourced” IAM Programs

• Cost • High Op-ex in Manual User Access• Management• Significant Capex for rolling out a • new IAM platform

IAM JourneyIAM Journey

• 3 R’s of IAM – A Customer’s View• ROI

• Seems “Utopian” - Not confident of achieving the promised returns

• Difficulty in separating the hype from reality

• Risks• Cost and time over-runs• All the Risks of an Enterprise wide initiative• Prohibitive cost of failure

• Resources• Financial and Budgetary Constraints• Right Technical and Managerial Talent

• Disparate Environments• Scalability Issues• Technology limitations

Project Initiation

Delayed Application Onboarding

Post M&A IAM Integration

• Compliance • High compliance risk due to manual

process

Technology Limitation

Program Cost Escalation

Delayed IAM Foundation

(5-6 months)

© 2010 Wipro Ltd - Confidential4

Tipping the Identity Mgmt Value Balance – The Only Mantra for IAM Program Success!

The biggest challenge of management in most YOY identity management programs is reducing the Unit Cost Per Admin Operation and at the same time increasing the associated

benefits of IAM

Identity ManagementValue Balance

Operations Technology Reporting

Identity GRC

How can the balance be

tipped favorably?

Annualized UserAdmin Op Ex

+ IdentityGRC

User Provisioning

Role Lifecycle

ManagementFederated

IdentityManagement

Annualized Capital Expenses towards User Administration Tools, AMC, Application

Integration Costs

Annual Cumulative User / Role Mgmt Service Ticket Requests

Reduce / Lighten the UnitCost of IAM (Operational / Tactical Goal)

Increase the Strategic Benefits ofIAM

Increased Employee

Productivity

Increased Access Accountability &

Security

Regulatory Compliance

© 2010 Wipro Ltd - Confidential5

Introducing Identity Service

Annualized UserAdmin Op Ex

+ IdentityGRC

User Provisioning

Role Lifecycle

ManagementFederated

IdentityManagement

Annualized Capital Expenses towards User Administration Tools, AMC, Application

Integration/Automation Costs

Annual Cumulative User / Role / Compliance Reporting Service

Ticket Requests

Layers of Identity

Assurance

An organization needs to align its IT Security governance process to achieve an optimal level of

harmony between the 3 key enabling layers of Identity Assurance: 1) Operations 2) Technology

Automation 3) GRC Reporting

Unit Cost of Identity

Management

A good indicator of this harmony and optimization is the Unit Cost of Identity Management

Unit Cost of Identity Management

The goal: to develop a Unified Service that integrates these three key enabling layers in a innovative way to deliver identity services at the lowest cost, fastest

speed with maximum value.

IdentityGRC

User Provisioning

Role Lifecycle

ManagementFederated

IdentityManagement

User ManagementOperations

Identity Automation BaseTechnology Platform

IdentityGRC, Analytics& Compliance

Layer 1

Layer 2

Layer 3

© 2010 Wipro Ltd - Confidential6

Defining IDAAS Models*

* As defined by Forrester

IDAAS for SAAS

IDAAS As SAAS

TrustedNetworks

Model Illustration Description

• Enable SSO for Enterprise users to SAAS business applications like Salesforce.com, Google Apps etc

• Companies that want to have user provisioning or single sign-on for their enterprise, internal-facing applications but can’t or don’t want to build out extensive IAM

• Federated identity and access management building the trust fabric and accompanying it with legal agreements

IDAAS

Enterprise 1

Enterprise 1

Enterprise 1

Enterprise 1

IDP

SP 1 SP 2

IDAAS

Salesforce.com

XYZ.com

Enterprise and Public Users

Enterprise 1

Enterprise 2

1

2

3

© 2010 Wipro Ltd - Confidential7

IDAAS – Principles behind Evolution

Principles behind the IDAAS Implementation Strategy

Reduce time to deploy IAM foundation & automate processes

Pre-baked 12 key IAM processes built in and ready to use

Best of Breed Technology platform coverage of IAM and associated functional areas

Integrated a mix of multi-vendor technology platforms for provisioning, SSO etc with multi-tenancy support

Predictable Costs for IAM operations and automation cycles

Standardized deployment, integration and operations model

Stronger Process Security -Pre-baked Best Practices Process implementation

Pre-baked processes

© 2010 Wipro Ltd - Confidential8

Components of IDAAS Offering

JML (Joiner, Mover, Leaver) Process

Components

Provisioning

Resource Access Request

Self Service Component

Compliance

1

2

3

4

5

Wip

ro ID

AA

S

On-boarding, Off-boarding, Update Termination, Rehire, Transfer, Processes pre-configured into solutionCertification / Attestation processes

Automated Role based Provisioning to wide variety application and platforms.Ease of integration and unique model of integration large # of instances

Ease of use self service resource requestSupport for IT, Non-IT resourcesConfigurable approval/delegationUnified request tracking

Attestation/RecertificationReports for various compliance needs

Unique Privilege user password management feature6

Unique Kiosk based password resetConfigurable Profile ManagementChange Password/Set security Q&AHelpdesk Password Reset/unlock account

Privilege User PasswordManagement

© 2010 Wipro Ltd - Confidential9

IDAAS Architecture

© 2010 Wipro Ltd - Confidential10

• Still early stages, but a lot can be done today

• Enterprises– Measure your IAM maturity level – Embrace the SOA lifestyle– Identify identity sources and virtualize an

enterprise identity profile– Document and put in place processes to

govern management and use of identity information

– Get involved!

Roadmap to IDAAS

© 2010 Wipro Ltd - Confidential11

• Identity Services will……reduce complexity through increased ability to

leverage critical identity data while removing the management and replication challenges

…increase security by providing centralized policy management and a controls framework that can dynamically mitigate risks

…create a flexible, adaptable, integrated platform on which to build applications

…makes new types of de- perimeterized, identity-based business functionality viable

IDAAS in Summary

© 2010 Wipro Ltd - Confidential12

Evolution of Wipro’s IAM Capability

Wipro-Websecure Product Vendor

Professional IAM (Type 1)

Managed IAM (Type 2)

IAM In A Rack

IDAAS (Type 3)

1999 2002 2009 2010

Productized Solutions

2006

Professional Services

IAM Transformation

al Services

Award Winning Productized Accelerator

Hosted Solution

© 2010 Wipro Ltd - Confidential13

Wipro’s Enterprise Security Solutions Practice Highlights

Full Service end to end Security Solutions Provider

Global Security Company – Ranked amongst Top 5

Award Winning Solution Frameworks

Innovation & Consulting Led Approach

3300 Security Consultants

Advisory, Implementation, Operations and Managed Services

Over 200 Satisfied Customers

Governance Risk &

Compliance

Identity & Access

Management

Application Security

Data Protection &

Privacy

Security Strategy &

Architecture

Infrastructure

Security

Physical & IT Security

Convergence

© 2010 Wipro Ltd - Confidential

Thank You

Vinod Muniyappavinod.muniyappa@wipro.comCell: 9845149862