Identity Intelligence

Transcription

1 Identity Intelligence At the service of Risk & Audit Shlomi Wexler CTO

2 What Is Identity Intelligence? Who did what? When and where did access occur? Who has access to what? Who should have access to what? Who and What is not complying with policy? + Who and What is Risking my business and how? Whitebox Security 2011 All Rights Reserved 2

3 How Do Breaches Occur? Involved Privilige misuse Resulted from hacking Utilized malware Employed social tactics Comprised physical attacks % Source: 2010 Verizon Business Risk Data Breach Investigation Reports (With the US Secret Service) Whitebox Security 2011 All Rights Reserved 3

4 Why Should I Care? I don t know what my users are actually doing. I m not sure that sensitive data is not being accessed by unauthorized personnel. I suspect there are many users with excess privileges in my applications, some violating SoD policy. I think I have unused resources (files, mailboxes, ). I want to achieve sustainable and on-going compliance. I know that 70% of all security breaches in the world were due to insider negligence, error or malicious activity. Whitebox Security 2011 All Rights Reserved 4

5 An Intelligent Evolution 1 st Generation Batch Processing Paper Work Management Static Role Engineering 2 nd Generation Real Time Analytics Policy Compliance Dynamic Role Engineering 3 rd Generation Smart Provisioning IAM Integration Pattern Discovery Whitebox Security 2011 All Rights Reserved 5

6 The WhiteOPS Technology In-Line Security Information Enrichment Caching, Modular Architecture Non-Intrusive, Application- Aware Modular Monitoring Architecture Security Systems End User Application Servers Real-Time Activity Monitoring - Performance, Scalability Data Parsing, Normalization and De-Duplication. Real-Time Policy Engine. Whitebox Security 2011 All Rights Reserved 6

7 Protect what you value most..advanced, Complete and Non-Intrusive Monitoring Whitebox Security 2011 All Rights Reserved 7

8 Application & ERP Compliance The Sarbanes-Oxley (SoX) ERP Compliance is a major challenge for publicly traded companies in the US. The SoX 404 and 302 sections require: ERP Security and General Configuration Compliance. Complete Audit for Roles and Transactions. Segregation of Duties. WhiteOPS solution completely answers all of the SoX requirements. WhiteOPS is an external solution, not allowing SAP privileged users to sabotage or interfere security efforts. WhiteOPS is seamlessly integrated with other key security technologies, including Identity Management and Directory Services. Whitebox Security 2011 All Rights Reserved 8

9 WhiteOPS ROI Compliance with regulatory requirements is on on-going cycle of the following stages: Preparing for Audit. Performing the Audit (Internal, External). Correct and fix failed audit requirements. The WhiteOPS platform completely eliminates the need for Audit preparation. With WhiteOPS the Audit time is dramatically reduced. WhiteOPS on-going monitoring guarantees the Audit success and contributes to a rapid (or none) remediation phase no problems to fix..! Whitebox Security 2011 All Rights Reserved 9

10 WhiteOPS ROI Data* Time )Months( ROI Rate 93% 97% 100% In most customers, studies shows that up to 90% of Audit related resources where completely saved after 12 months of operation. In all customers, studies found complete ROI after 3 years. *Gartner, Frost & Sullivan. Whitebox Security 2011 All Rights Reserved 10

11 Application Compliance & SoD Segregation of Duties Real-time, automatic & cross-system SoD. Best practice knowledge base with easy to customize interface. Compliance Checks Application purpose-built. Live updates for compliance check lists. On-going and point in time. Access Policy Real-time access policy on application activities. IT Security unified policy. Complete, end-to-end, application security coverage Whitebox Security 2011 All Rights Reserved 11

12 Visit us at: