Date post: | 08-Apr-2018 |
Category: |
Documents |
Upload: | martintoledoohio |
View: | 220 times |
Download: | 0 times |
of 18
8/6/2019 EA Slide Deck ID Sync Apr12 930a
1/18
Identity Management for the
Modern Enterprise.
Protect Your Data
All firms manage the identity of their software users
the only question is, how well?
Reduce Your IT Costs Identity management is a discipline
That deals with identifying individuals in a system (such as a network, or
an enterprise) and
Controlling their access to data and software application resources within
that system. It associates defined user rights and restrictions with the established
identity of the person.
Its purpose is to increase security and productivity , while decreasing cost
and redundant effort.
[email protected] 419-931-0079 1
8/6/2019 EA Slide Deck ID Sync Apr12 930a
2/18
Identity Management Discussion Agenda
What is it?
Why do we care?
What is at stake?
An Example of Modern Identity Management Product
2
8/6/2019 EA Slide Deck ID Sync Apr12 930a
3/18
Identity Management Experience?
Yes, we did? What was the driving factor?
What applications did you integrate?
What tools did you use?
What did the project look like Where was the ROI?
What was enthusiasm level of management for the project?
Not yet ? Are you feeling?
Guilty?
Anxious?
Comfortable?
Confused?
Dont Know
3
8/6/2019 EA Slide Deck ID Sync Apr12 930a
4/18
Who Cares?
President / CIO I want data protected
I want no negligence lawsuits orregulatory violations
This growing dramatically with SOX,HIPPA, Grahm Leach, PCI, etc
I want our brand protected
HR Management I want our employees to be productive
I want all human resources to beproductive
IT Management I want to minimize the cost of identity
administration
I want to do what management needs Security
I want to know we are secure withoutimpeding user productivity (too much).
I want to be alerted to anomalous activityand potential security breech
4
Internal/External Auditor Prove you are following generally
accepted best practices
Give me tools that I can inspect and
validate compliance with regulations
Users
All I want is to be left alone and getmy job done.
I can't remember all my
passwords
Resetting passwords is a hassle
I know it's not a good idea but if I
don't write it down, how can I
remember it?
8/6/2019 EA Slide Deck ID Sync Apr12 930a
5/18
Characteristics of Identity Management
Necessary
Time Consuming
Error Prone
Required for user access to information systems,
networks, operating systems.
The most simple error can expose the firm to significant
business and financial risk.
Can consume significant amount of IT bandwidth
5
8/6/2019 EA Slide Deck ID Sync Apr12 930a
6/18
Identity Management time consuming, error prone
problem required for user access to information systems,
networks, operating systems,
As a matter of
Enterprise governance and
control
Not to mention IT best
practices,
Not a good idea to leave
Identity Management to
chance. As a result, Identity Management issues
deserve attention and resourcecommitments deserving of the potential
consequences.
Identity Management software is
designed to automate and address many
of the issues affiliated with the issue
alleviate the cost, the delay and the risk
exposure.
6
Identity Name
Password
Dept
Role
Geography
Etc.
Access To Systems
Software Capabilities
Data
Change
Users Divers Audiences
Add, Delete, Role Change
Review or Audit Need to inspect and prove compliance
with Access policy
8/6/2019 EA Slide Deck ID Sync Apr12 930a
7/18
What started as a simple issue ....
The problem in a one user, one application scenario is
easy but consider 5 - 15 applications per average user
The user AUDIENCE is proliferating from internal employee to wider, higher risk audience
making the problem more difficult The ENVIRONMENT is more diverse. It used to be contained to inside firewall with login
within a geography.
Increasing, complexity, quantity, diversity Audiences
Stakeholders
Rates of Change
Quantity of applications
Quantity of computing environments
Regulation
Litigation
7
8/6/2019 EA Slide Deck ID Sync Apr12 930a
8/18
Consequence of sub-optimized
identity management process Bottleneck issues
Provisioning a new employee withinformation tools takes longer than itshould resulting in less productive andfrustrated employee.
Employee movement to new role in firmcosts more and takes longer than it
should Deployment of new or changed
applications are more costly and/ordelayed
Providing info to authorized channels orservice providers slows revenue
Risk Issues Unauthorized users still have access to
information no longer "need to know" list Manual administrative errors cause
inadvertent window into informationsystems
Mistakes can result in potentiallyexplosive situations
8
Efficiency Issues Skill level to make changes are higher than necessary
Opportunity cost of scarce IT staff availability to make
changes
Redundancy and cost of maintaining multiple
directories for multiple applications and work
environments
Slow Response
Leaves workers without IT tools
Opportunity cost of slow response is the
dominant current cost of Identity Management
followed closely by cost of IT efforts.
Latent costs include business risk, regulation &
litigation
Governance Issues Breeches can easily become crises requiring
disproportionate share of management attention
Negligence of fiduciary responsibilities makes firm
vulnerable to litigation and clean-up expenses
Becomes a critical management issue because identity
management processes that do not meet the business
need.
8/6/2019 EA Slide Deck ID Sync Apr12 930a
9/18
Bottleneck Issues
Provisioning a new employee with information tools
takes longer than it should resulting in less productive
and frustrated employee.
Employee movement to new role in firm costs moreand takes longer than it should
Deployment of new or changed applications are more
costly and/or delayed
Providing info to authorized channels or serviceproviders slows revenue
9
8/6/2019 EA Slide Deck ID Sync Apr12 930a
10/18
Risk Issues
Unauthorized users still have access to information no
longer "need to know" list
Manual administrative errors cause inadvertent window
into information systems Mistakes can result in potentially explosive situations
Example
Zombie Account - similar to leaving the keys to vault with an ex-
employee or subcontractor.
Ripe for exploitation and abuse
The firm will probably, hopefully, be OK but perhaps not, who
knows ??
10
8/6/2019 EA Slide Deck ID Sync Apr12 930a
11/18
Regulatory & Litigation Issues
Legislation PC Security Standards
All firms that use/touch credit cards as part of their transactions
SOX
All firms that have publicly traded stock
HIPPA
Firms that have identifiable medical information
Grahm-Leach-Biley
Protection of financial information
Protection Obligations Unauthorized disclosure
Controlled management of protected information
Not be negligent
Requests for Identity Information Business Management - who has software & data access?
Info requested by Auditors for login access add/change delete & compliance with "best practices"
Info requested by lawyers in the event of disclosure requests
11
8/6/2019 EA Slide Deck ID Sync Apr12 930a
12/18
Efficiency Issues
Skill level to make changes are higher than necessary
Opportunity cost of scarce IT staff availability to make changes
Redundancy and cost of maintaining multiple directories for multiple
applications and work environments
Slow Response Leaves workers without IT tools
Opportunity cost of slow response is the dominant current cost of Identity
Management followed closely by cost of IT efforts.
Latent costs include business risk, regulation & litigation
12
8/6/2019 EA Slide Deck ID Sync Apr12 930a
13/18
Governance Issues
Breeches can easily become crises requiring
disproportionate share of management attention
Negligence of fiduciary responsibilities makes firm
vulnerable to litigation and clean-up expenses Becomes a critical management issue because identity
management processes that do not meet the business
need.
13
8/6/2019 EA Slide Deck ID Sync Apr12 930a
14/18
Tranztecs ID Sync
An Example of an
Identity Management ToolDesigned for
Microsoft Windows Active Directory
14
8/6/2019 EA Slide Deck ID Sync Apr12 930a
15/18
ID Sync
Product Vision Statement
Provide a low-cost, extensible Identity Management software
tool suitable for mid-size enterprises (100 to 5,000 users) that is
directly integrated to Microsoft Active Directory platform :
Reduce business risk related to potential data breaches
Lower the cost of password administration via automated
processes
Improves employee productivity through reduced downtime
Improves business agility via faster deployment of application
software changes Manage user access to software applications residing on diverse
operating systems (Microsoft Windows & IBM AS400, Cloud
Applications, Unix)
15
8/6/2019 EA Slide Deck ID Sync Apr12 930a
16/18
Tranztecs Smart Architecture Methodology
Tight & Seamless Integration LeveMicrosoft Active Directory
Leverage existing Microsoft Tools
Microsoft SQL Server
Microsoft SQL programming
SQL Reporting Services
Security Groups
Reduces Cost of Product 1/10th the cost/complexity of typical Identity projects
1/2 the licensing cost of solutions designed for Fortune 500
vendors
16
8/6/2019 EA Slide Deck ID Sync Apr12 930a
17/18
Design Center - For ID Sync
80% of Value for 20% of Cost Tranztec ID Sync A Modern Identity Management Software Solution
ConsiderA Honda Accord
Comfortable, Frugal, Streamlined
Drive to work and home again
Built for the Small to Mid-Size Firms
Everybody can drive it 30 MPG
Legacy Products
Consider .. A Flying Boat Car
Big, Bulky, Expensive
By Land, By Sea, By Air
Around the world and all placesin between
Built for Fortune 500 Firms
Requires specially trained crew
3 MPG
17
8/6/2019 EA Slide Deck ID Sync Apr12 930a
18/18
Tranztec Solutions, Inc. - Perrysburg Ohio
Founded in 2001
Full service technology consultancy originallyfounded to serve local industry in NorthwestOhio.
Serve customers within 48 states of thecontinental U.S. as well as Canada.
Offices and data centers in Ohio, Michigan,Indiana, and Texas
Knowledge, expertise, & coverage to provideservices to a wide range of companies nationwideand has specialized expertise
Identity Management,
EDI Integration,
Exchange Server,
SQL Server, SQL Language
SharePoint,
Document Management Imaging, and
VoIP telephony
Windows & AS400 Support
Networking Technology
[email protected] 419-931-0079 18
Technology Partners
Microsoft Gold Partner
IBM Partner
Cisco Partner
Citrix
Create Software Products
911 Alert for Police Dept & County
Government
Tranzactor - EDI Translator
ID Sync - Identify Management
A/P & A/R Document Managementfor ERP
SQL Reporting Services Portal