SlideShare a Scribd company logo

Tech Executives Risk Mgmt And It Gov Frm Iam Persp Nov13

Download as PPT, PDF
V
vijaychn

This document discusses the deployment challenges of risk management, IT governance, and identity management. It provides an overview of identity and access management components and benefits. It also outlines seven common challenges in IAM projects: lack of executive involvement, failure to socialize across the enterprise, lack of an enterprise architecture, poor project management, failure to use incremental deployments, issues with resource turnover, and inexperience of vendors. The document advocates for addressing these challenges and provides Laurus Technologies as an experienced IAM vendor and implementation partner.

1 of 19
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Deployment Challenges of Risk Management & IT Governance from an Identity Management Perspective Vijay Subramanian vsubramanian@laurustech.com www.laurustech.com Nov 13, 2008
Four Benefits of IAM Regulations Inappropriate access Manage growing system Revenue generation SOX, GLBA,HIPAA, PCI portfolio Segregation of Duties Security policy Shrinking budget External user enforcement Do more with less experience Approval & Audit trail Untimely termination Slow on-boarding Improved Increased Enhanced Business Compliance Security Efficiency Enablement IDENTITY & ACCESS MANAGEMENT 2 Laurus Technologies Confidential
Identity And Access Management - Components Managed Resources Authoritative Identity Manager Source(s) Unix Windows Provisioning / Automated feed Deprovisioning Workflow Connectors Reconcilation HR System(s) Open Systems Mainframe Password Management RDBMS User Self- Reporting / Centralized ERP System Auditing Unmanaged Service Compliance Resources Provision users / Directory Services groups Custom Role evaluation / Applications Role ~ Entitlements Internal External Protect User/Admin Users Users Compliance and Role Access Manager Role Mining and Role Engineering Enterprise Access and Federation Single Sign-On Manager Entitlement Management Application Protection Policy Agents Federation Services Periodic Access Review Web Application Auditing Certification Windows Client Apps Authentication Authorization Attestation Custom Application 3 Laurus Technologies Confidential
Case Study Client: Large Business Service Provider Background: World leader in the employment services industry, $21 billion in annual revenue, 33,000 employees worldwide, 5 million associates Products Sold: Sun Identity Manager, Sun Access Manager, Sun Role Manager, Enterprise Single Sign-on Services provided: Laurus did an assessment engagement to capture strategic and tactical business goals to provide phased roadmap covering the entire solution set Laurus is currently engaged in completing the first phase of the roadmap. Business Drivers: Efficient attestation, Reduction in help desk calls, Centralized on-boarding/off-boarding, Auditing/Reporting issues 4 Laurus Technologies Confidential
Seven Challenges in an IAM Compromise on Strategic vision Executive Involvement Technical focus, not Business driven Fragmented solutions sets Political infighting Business Justification 5 Laurus Technologies Confidential
Strategy & Roadmap ROI Calculation Cost benefit analysis 6 Laurus Technologies Confidential
Seven Challenges in an IAM Executive Involvement Socialize across enterprise silos Business and IT – Bridging the gap Enterprise Socialization Program status meetings Department, App prioritization 7 Laurus Technologies Confidential
Seven Challenges in an IAM Executive Involvement Architecture - Enterprise view IAM touches enterprise wide Enterprise Socialization Directory services User provisioning Enterprise Architecture Access Management 8 Laurus Technologies Confidential
Architecture Deliverable eSSO Server eSSO policy / password Conceptual and Logical Architecture eSSO Authoritative Managed Appliance Imprivata sync Source Resources/ Systems Feed / Active Sync With eSSO Agent Application 1 Legend: Windows 2003 Self Service Phase 1: Server 8.1 Sun Application User Manager 8.1 Sun Identity Phase 2/3: Application 2 Manual Process Profile Management Provision/De-Provision App1 App2 Approver App3 Security Admin Application 3 App4 Database Server Provision/De-Provision IdM Repository App5 Authoritative Windows 2003 Source Gateway Service Sun Identity Manager Identity Management Suite Application 5 Application Server User Interface App6 Password Provisioning Management App7 Windows 2003 Application 6 Reconciliation Server 8.1 Sun Application Manager 4.0 Workflow Sun Role App8 Initial Feed Provision/De-Provision AD User / Entitlements Scripts Database Server Import (flat file feed) Role Manager IDM ... Repository Active Directory Repository Role Manager Application Server Imprivata OneSign User Interface Appliance (eSSO server) Identity Role Warehouse Engineering Identity Role Certification Management Reporting/Audit Role Manager Repository 9 Laurus Technologies Confidential
Seven Challenges in an IAM Clearly defined process Executive Involvement Roles and responsibilities Clear project structure Enterprise Socialization Provides internal discipline Enterprise Architecture Project Management 10 Laurus Technologies Confidential
Project Management Project Methodology Laurus Project Customer Business Manager Analyst Team Structure Laurus QA Laurus Lead Customer Technical Architect Resources Laurus Role Customer eSSO eSSO Architect Architect resource Customer Resources Laurus Consultant Laurus Consultant (Job Shadow) 11 Laurus Technologies Confidential
Seven Challenges in an IAM Executive Involvement More complex than typical Boil the ocean approach Enterprise Socialization Project fatigue Discrete chucks of phases Enterprise Architecture Typical phases of 14 – 18 weeks Project Management Quicker success stories Incremental Deployment 12 Laurus Technologies Confidential
Phased Roadmap 13 Laurus Technologies Confidential
Seven Challenges in an IAM Key resource reassignment Executive Involvement No succession planning Enterprise Socialization Loss in momentum Sometimes project stalls Enterprise Architecture Project Management Incremental Deployment Resource Turnover 14 Laurus Technologies Confidential
Seven Challenges in an IAM Executive Involvement Experienced resources Vendors with focus on IAM Enterprise Socialization Solution providers not pure product implementers Enterprise Architecture Project Management Incremental Deployment Resource Turnover Inexperienced Vendors 15 Laurus Technologies Confidential
Seven Challenges in an IAM They chose us Inexperienced Vendors 16 Laurus Technologies Confidential
Laurus Overview: Who are we? Bus. Strategy - Consultants in Business Optimization Bus. Apps. - SAP & Oracle Consulting - Master Data Services - ERP Optimization Security & Compliance - Audit Reporting - Identity Management - User Provisioning - Data Protection - Single Sign-On - Role Based Access Control Systems Integration - Servers & Storage - Capacity Planning - Virtualization & Consolidation - Backup & Recovery - Business Continuity / Disaster recovery - Migrations - Datacenter Assessments - High Availability - Data Replication 17 Laurus Technologies Confidential
Questions? Vijay Subramanian Michelle Burger Practice Manager, Software Services Director, Software Sales vsubramanian@laurustech.com mburger@laurustech.com Office: 630.521.8934 Office: 630.521.8944 Cell: 847.970.1660 Cell: 847.977.4268 Laurus Technologies Laurus Technologies Toll Free: 1-877-LAURUS 1 Toll Free: 1-877-LAURUS 1 1015 Hawthorn Drive 1015 Hawthorn Drive Itasca, IL 60143 Itasca, IL 60143 18 Laurus Technologies Confidential
The Laurus Advantage: Our Technical & Engineering Team Laurus Technologies is an IT services and business consulting firm that leverages our expertise to identify and solve business challenges. Our goal of 100% referenceable clients has resulted in Laurus becoming one of the fastest growing solution providers in the US. No other company can match our combination of business knowledge, technical talent and strong focus on customer business objectives. Steady and Substantial growth Consultants & Engineers fill our ranks Consultants & Engineers Operations Account Mgmt. 1999 2005 2006 2007 Today YOUR BUSINESS. EMPOWERED. 19 Laurus Technologies Confidential 9/26/2008

More Related Content

PPTX
Tech Ed 09 - Arc302 - Analysis and Architecture
mhessinger
 
PDF
ITManager
Mark Harrell
 
PPT
Final Academic Project
Syed Hassan Abbas
 
PPT
Gordon baisley - eircom - Introducing the EDM role with www.softtest.ie
David O'Dowd
 
PDF
Comarch Technology Review Magazine 2011/01
Comarch
 
PDF
Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Master Chief Petty Officer of the Navy
 
PPT
MIS Presentation
Ibrahim Rahmani
 
PPT
MIS Presentation
Ibrahim Rahmani
 
Tech Ed 09 - Arc302 - Analysis and Architecture
mhessinger
 
ITManager
Mark Harrell
 
Final Academic Project
Syed Hassan Abbas
 
Gordon baisley - eircom - Introducing the EDM role with www.softtest.ie
David O'Dowd
 
Comarch Technology Review Magazine 2011/01
Comarch
 
Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Master Chief Petty Officer of the Navy
 
MIS Presentation
Ibrahim Rahmani
 
MIS Presentation
Ibrahim Rahmani
 

What's hot (16)

PPTX
Test Data Management for healthcare
Karen Hsu
 
PDF
System Software, IBM Power Event
IBM Danmark
 
DOC
Roadmap for Application Process Interactions
Nandeep Nagarkar
 
PDF
9sept2009 iiruc
Agora Group
 
PDF
ASI Legal Casemanagement
Argentto Systems, Inc.
 
PPT
Verax OSS/BSS Suite
Nick (Mikolaj) Zmierczak
 
PDF
Miratech Infrastructure Support Services
Miratech
 
PDF
10 steps to_4_g_service_assurance
Telecosm
 
PPSX
Data3 S Eluzzion Crm 2010 Gc 001
Joshua Mensch
 
PDF
New aspects of Cisco UC Interoperability
Cisco Canada
 
PDF
ex of my work for client: Corporate Back Office suite On Cloud
Pravin Gandhi
 
PDF
Data hrm
mpsmoorthy
 
PDF
TechNet Live spor 2 sesjon 4 - sc-forefront
Anders Borchsenius
 
PDF
Motor Industry Diagnostic Feature Sept10
tony_at_integration_executive
 
PDF
Itam Presentation by Cydney Davis
Cydney Davis
 
PDF
Sla Model 2002 Jvk
DrJVK
 
Test Data Management for healthcare
Karen Hsu
 
System Software, IBM Power Event
IBM Danmark
 
Roadmap for Application Process Interactions
Nandeep Nagarkar
 
9sept2009 iiruc
Agora Group
 
ASI Legal Casemanagement
Argentto Systems, Inc.
 
Verax OSS/BSS Suite
Nick (Mikolaj) Zmierczak
 
Miratech Infrastructure Support Services
Miratech
 
10 steps to_4_g_service_assurance
Telecosm
 
Data3 S Eluzzion Crm 2010 Gc 001
Joshua Mensch
 
New aspects of Cisco UC Interoperability
Cisco Canada
 
ex of my work for client: Corporate Back Office suite On Cloud
Pravin Gandhi
 
Data hrm
mpsmoorthy
 
TechNet Live spor 2 sesjon 4 - sc-forefront
Anders Borchsenius
 
Motor Industry Diagnostic Feature Sept10
tony_at_integration_executive
 
Itam Presentation by Cydney Davis
Cydney Davis
 
Sla Model 2002 Jvk
DrJVK
 
Ad

Viewers also liked (7)

PPT
mundial 2010
anmeto
 
PPTX
Cloud Computing What Is It Via
vijaychn
 
PPTX
Blog presentation
rogerchen89
 
PPT
Mathematics
Amal Els
 
PPSX
東北腳
ningeunhyuk
 
PPTX
東北腳
ningeunhyuk
 
PPTX
Indian Brands on Facebook
Pratik Mohapatra
 
mundial 2010
anmeto
 
Cloud Computing What Is It Via
vijaychn
 
Blog presentation
rogerchen89
 
Mathematics
Amal Els
 
東北腳
ningeunhyuk
 
東北腳
ningeunhyuk
 
Indian Brands on Facebook
Pratik Mohapatra
 
Ad

Similar to Tech Executives Risk Mgmt And It Gov Frm Iam Persp Nov13 (20)

PDF
Reference architecture for community clouds
Jonathan Spindel
 
PDF
The CORA Model Explained
telzinga
 
PDF
2. FOMS _ FeedHenry_ Mícheál Ó Foghlú
FOMS011
 
PPTX
A guiding light for the processes in your private cloud
Microsoft TechNet - Belgium and Luxembourg
 
PDF
Oil and Gas 75 Workshop Ana Paula Brambila Sep 2012
alipaiva
 
PPTX
6.Live Framework 和Mesh Services
GaryYoung
 
PDF
Dell open stack powered cloud solution introduce & crowbar demo cosug-2012
OpenCity Community
 
PPTX
Private cloud day session 3 monitor and operate your private cloud
Microsoft TechNet - Belgium and Luxembourg
 
PPTX
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...
Lucas Jellema
 
PDF
02 Ms Online Identity Session 1
Sivadon Chaisiri
 
PDF
Paychex Wheel of Services
kguillot
 
PDF
Crossideas Segregation of Duty Approach
Marco Venuti
 
PDF
Instant Agility in Oracle Fusion Middleware through Design Time @ Run Time (O...
Lucas Jellema
 
PDF
Day 2 p1 - operate simply
Lilian Schaffer
 
PDF
Day 2 p1 - operate simply
Lilian Schaffer
 
PDF
TripleTree eDiscovery
Chris Hoffmann
 
PDF
Drawing3
roykelly
 
PDF
Model Information Office
Mahesh Patwardhan
 
PDF
Expendables E-AppStore
lobalint
 
PPTX
Increase Agility & ROI: BPM in Business Support Systems
Srikanth Minnam
 
Reference architecture for community clouds
Jonathan Spindel
 
The CORA Model Explained
telzinga
 
2. FOMS _ FeedHenry_ Mícheál Ó Foghlú
FOMS011
 
A guiding light for the processes in your private cloud
Microsoft TechNet - Belgium and Luxembourg
 
Oil and Gas 75 Workshop Ana Paula Brambila Sep 2012
alipaiva
 
6.Live Framework 和Mesh Services
GaryYoung
 
Dell open stack powered cloud solution introduce & crowbar demo cosug-2012
OpenCity Community
 
Private cloud day session 3 monitor and operate your private cloud
Microsoft TechNet - Belgium and Luxembourg
 
Manage Agility through Manage-ability – Introducing Design Time at Run Time ...
Lucas Jellema
 
02 Ms Online Identity Session 1
Sivadon Chaisiri
 
Paychex Wheel of Services
kguillot
 
Crossideas Segregation of Duty Approach
Marco Venuti
 
Instant Agility in Oracle Fusion Middleware through Design Time @ Run Time (O...
Lucas Jellema
 
Day 2 p1 - operate simply
Lilian Schaffer
 
Day 2 p1 - operate simply
Lilian Schaffer
 
TripleTree eDiscovery
Chris Hoffmann
 
Drawing3
roykelly
 
Model Information Office
Mahesh Patwardhan
 
Expendables E-AppStore
lobalint
 
Increase Agility & ROI: BPM in Business Support Systems
Srikanth Minnam
 

Tech Executives Risk Mgmt And It Gov Frm Iam Persp Nov13

  • 1. Deployment Challenges of Risk Management & IT Governance from an Identity Management Perspective Vijay Subramanian vsubramanian@laurustech.com www.laurustech.com Nov 13, 2008
  • 2. Four Benefits of IAM Regulations Inappropriate access Manage growing system Revenue generation SOX, GLBA,HIPAA, PCI portfolio Segregation of Duties Security policy Shrinking budget External user enforcement Do more with less experience Approval & Audit trail Untimely termination Slow on-boarding Improved Increased Enhanced Business Compliance Security Efficiency Enablement IDENTITY & ACCESS MANAGEMENT 2 Laurus Technologies Confidential
  • 3. Identity And Access Management - Components Managed Resources Authoritative Identity Manager Source(s) Unix Windows Provisioning / Automated feed Deprovisioning Workflow Connectors Reconcilation HR System(s) Open Systems Mainframe Password Management RDBMS User Self- Reporting / Centralized ERP System Auditing Unmanaged Service Compliance Resources Provision users / Directory Services groups Custom Role evaluation / Applications Role ~ Entitlements Internal External Protect User/Admin Users Users Compliance and Role Access Manager Role Mining and Role Engineering Enterprise Access and Federation Single Sign-On Manager Entitlement Management Application Protection Policy Agents Federation Services Periodic Access Review Web Application Auditing Certification Windows Client Apps Authentication Authorization Attestation Custom Application 3 Laurus Technologies Confidential
  • 4. Case Study Client: Large Business Service Provider Background: World leader in the employment services industry, $21 billion in annual revenue, 33,000 employees worldwide, 5 million associates Products Sold: Sun Identity Manager, Sun Access Manager, Sun Role Manager, Enterprise Single Sign-on Services provided: Laurus did an assessment engagement to capture strategic and tactical business goals to provide phased roadmap covering the entire solution set Laurus is currently engaged in completing the first phase of the roadmap. Business Drivers: Efficient attestation, Reduction in help desk calls, Centralized on-boarding/off-boarding, Auditing/Reporting issues 4 Laurus Technologies Confidential
  • 5. Seven Challenges in an IAM Compromise on Strategic vision Executive Involvement Technical focus, not Business driven Fragmented solutions sets Political infighting Business Justification 5 Laurus Technologies Confidential
  • 6. Strategy & Roadmap ROI Calculation Cost benefit analysis 6 Laurus Technologies Confidential
  • 7. Seven Challenges in an IAM Executive Involvement Socialize across enterprise silos Business and IT – Bridging the gap Enterprise Socialization Program status meetings Department, App prioritization 7 Laurus Technologies Confidential
  • 8. Seven Challenges in an IAM Executive Involvement Architecture - Enterprise view IAM touches enterprise wide Enterprise Socialization Directory services User provisioning Enterprise Architecture Access Management 8 Laurus Technologies Confidential
  • 9. Architecture Deliverable eSSO Server eSSO policy / password Conceptual and Logical Architecture eSSO Authoritative Managed Appliance Imprivata sync Source Resources/ Systems Feed / Active Sync With eSSO Agent Application 1 Legend: Windows 2003 Self Service Phase 1: Server 8.1 Sun Application User Manager 8.1 Sun Identity Phase 2/3: Application 2 Manual Process Profile Management Provision/De-Provision App1 App2 Approver App3 Security Admin Application 3 App4 Database Server Provision/De-Provision IdM Repository App5 Authoritative Windows 2003 Source Gateway Service Sun Identity Manager Identity Management Suite Application 5 Application Server User Interface App6 Password Provisioning Management App7 Windows 2003 Application 6 Reconciliation Server 8.1 Sun Application Manager 4.0 Workflow Sun Role App8 Initial Feed Provision/De-Provision AD User / Entitlements Scripts Database Server Import (flat file feed) Role Manager IDM ... Repository Active Directory Repository Role Manager Application Server Imprivata OneSign User Interface Appliance (eSSO server) Identity Role Warehouse Engineering Identity Role Certification Management Reporting/Audit Role Manager Repository 9 Laurus Technologies Confidential
  • 10. Seven Challenges in an IAM Clearly defined process Executive Involvement Roles and responsibilities Clear project structure Enterprise Socialization Provides internal discipline Enterprise Architecture Project Management 10 Laurus Technologies Confidential
  • 11. Project Management Project Methodology Laurus Project Customer Business Manager Analyst Team Structure Laurus QA Laurus Lead Customer Technical Architect Resources Laurus Role Customer eSSO eSSO Architect Architect resource Customer Resources Laurus Consultant Laurus Consultant (Job Shadow) 11 Laurus Technologies Confidential
  • 12. Seven Challenges in an IAM Executive Involvement More complex than typical Boil the ocean approach Enterprise Socialization Project fatigue Discrete chucks of phases Enterprise Architecture Typical phases of 14 – 18 weeks Project Management Quicker success stories Incremental Deployment 12 Laurus Technologies Confidential
  • 13. Phased Roadmap 13 Laurus Technologies Confidential
  • 14. Seven Challenges in an IAM Key resource reassignment Executive Involvement No succession planning Enterprise Socialization Loss in momentum Sometimes project stalls Enterprise Architecture Project Management Incremental Deployment Resource Turnover 14 Laurus Technologies Confidential
  • 15. Seven Challenges in an IAM Executive Involvement Experienced resources Vendors with focus on IAM Enterprise Socialization Solution providers not pure product implementers Enterprise Architecture Project Management Incremental Deployment Resource Turnover Inexperienced Vendors 15 Laurus Technologies Confidential
  • 16. Seven Challenges in an IAM They chose us Inexperienced Vendors 16 Laurus Technologies Confidential
  • 17. Laurus Overview: Who are we? Bus. Strategy - Consultants in Business Optimization Bus. Apps. - SAP & Oracle Consulting - Master Data Services - ERP Optimization Security & Compliance - Audit Reporting - Identity Management - User Provisioning - Data Protection - Single Sign-On - Role Based Access Control Systems Integration - Servers & Storage - Capacity Planning - Virtualization & Consolidation - Backup & Recovery - Business Continuity / Disaster recovery - Migrations - Datacenter Assessments - High Availability - Data Replication 17 Laurus Technologies Confidential
  • 18. Questions? Vijay Subramanian Michelle Burger Practice Manager, Software Services Director, Software Sales vsubramanian@laurustech.com mburger@laurustech.com Office: 630.521.8934 Office: 630.521.8944 Cell: 847.970.1660 Cell: 847.977.4268 Laurus Technologies Laurus Technologies Toll Free: 1-877-LAURUS 1 Toll Free: 1-877-LAURUS 1 1015 Hawthorn Drive 1015 Hawthorn Drive Itasca, IL 60143 Itasca, IL 60143 18 Laurus Technologies Confidential
  • 19. The Laurus Advantage: Our Technical & Engineering Team Laurus Technologies is an IT services and business consulting firm that leverages our expertise to identify and solve business challenges. Our goal of 100% referenceable clients has resulted in Laurus becoming one of the fastest growing solution providers in the US. No other company can match our combination of business knowledge, technical talent and strong focus on customer business objectives. Steady and Substantial growth Consultants & Engineers fill our ranks Consultants & Engineers Operations Account Mgmt. 1999 2005 2006 2007 Today YOUR BUSINESS. EMPOWERED. 19 Laurus Technologies Confidential 9/26/2008