CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

Similar documents
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Advanced Solutions of Microsoft SharePoint Server 2013

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Advanced Solutions of Microsoft SharePoint Server 2013 Course Contact Hours

Advanced Solutions of Microsoft SharePoint 2013

Privileged Identity Management

Intro to the Identity Experience Engine. Kim Cameron, Microsoft Architect of Identity ISSE Paris November 2016

Microsoft SharePoint Server 2013 Plan, Configure & Manage

CAN MICROSOFT HELP MEET THE GDPR

ISACA Silicon Valley. APIs The Next Hacker Target or a Business and Security Opportunity? Tim Mather, CISO Cadence Design Systems

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

General Data Protection Regulation (GDPR) and the Implications for IT Service Management

Next Generation Authentication

02/11/2015. This is a slide for graphics (It has a white background)

Partner Center: Secure application model

Cybersecurity Roadmap: Global Healthcare Security Architecture

Getting personal with your customers and GDPR

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

GDPR How we can help. Solvit Networks CA. ALL RIGHTS RESERVED.

Mapping BeyondTrust Solutions to

Getting Started with AWS Security

SAP Security in a Hybrid World. Kiran Kola

ForgeRock Identity Management Core Concepts IDM-400 Course Description

Securing the Cloud Today: How do we get there?

WSO2 Identity Management

SOLUTION ARCHITECTURE AND TECHNICAL OVERVIEW. Decentralized platform for coordination and administration of healthcare and benefits

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

GDPR, PSD2, CIAM, and the Role of User-Managed Access 2.0

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

Data Governance: Data Usage Labeling and Enforcement in Adobe Cloud Platform

THE IDENTITY DEFINED SECURITY ALLIANCE

Demystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases. Gen Fields Senior Solution Consultant, Federal Government ServiceNow

Open mustard seed. Patrick Deegan, Ph.D. ID3

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

IBM services and technology solutions for supporting GDPR program

Virtual Machine Encryption Security & Compliance in the Cloud

Cracking the Access Management Code for Your Business

Moving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model.

SAP API Management and API Business Hub Overview

Access Control and CIP 10/20/2011

Centrify Identity Services for AWS

The Changing Face/Fate of Identity

SECURITY REDEFINED. Managing risk and securing the business in the age of the third platform. Copyright 2014 EMC Corporation. All rights reserved.

Evolution of the Data Center

CipherCloud CASB+ Connector for ServiceNow

EMC Hybrid Cloud. Umair Riaz - vspecialist

Transforming IT: From Silos To Services

OpenIAM Identity and Access Manager Technical Architecture Overview

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

Challenges in Authenticationand Identity Management

Use Cases for Argonaut Project -- DRAFT Page

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

SAP SuccessFactors Q Review Platform By James Clough, Solution Architect, ROC

W H IT E P A P E R. Salesforce Security for the IT Executive

Managing the Risk of Privileged Accounts and Passwords

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

Service Description VMware Workspace ONE

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Securing Your Most Sensitive Data

Poor PAM processes and policies leave the crown jewels susceptible to security breaches Global Survey of IT Security Professionals

1 Introduction to Identity Management. 2 Access needs evolve. Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Automating the Software-Defined Data Center with vcloud Automation Center

SOCIAL IDENTITIES IN HIGHER ED: WHY AND HOW WITH REAL-WORLD EXAMPLES

1 Hitachi ID Access Certifier. 2 Agenda. Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Protect your enterprise assets with integrated security management solution

Security Readiness Assessment

GLBA Compliance. with O365 Manager Plus.

1. Federation Participant Information DRAFT

To the Designer Where We Need Your Help

Liferay Security Features Overview. How Liferay Approaches Security

Cloud Computing. Faculty of Information Systems. Duc.NHM. nhmduc.wordpress.com

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

EXTENDING BEHAVIORAL INSIGHTS INTO RISK-ADAPTIVE PROTECTION & ENFORCEMENT

Novell Access Manager 3.1

Pervasive Security Accelerator

Google on BeyondCorp: Empowering employees with security for the cloud era

Security Architecture

SharePoint 2019 and Extranet User Manager

CSV-W14 - BUILDING AND ADOPTING A CLOUD-NATIVE SECURITY PROGRAM

1Z Oracle Identity Governance Suite 11g PS3 Implementation Essentials Exam Summary Syllabus Questions

Transforming the Network for the Digital Business

13241 Woodland Park Road, Suite 400 Herndon, VA USA A U T H O R : E X O S T A R D ATE: M A R C H V E R S I O N : 3.

The Pathway to the Cloud Using Azure SQL Managed Instance

Title DC Automation: It s a MARVEL!

Altitude Software. Data Protection Heading 2018

WEBMETHODS AGILITY FOR THE DIGITAL ENTERPRISE WEBMETHODS. What you can expect from webmethods

Access Management Handbook

Trust. Trustworthiness Trusted. Trust: Who? What? When? Why? How?

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

Go mobile. Stay in control.

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Now on Now: How ServiceNow has transformed its own GRC processes

Identity Management as a Service

Data Governance Industrial Internet & Big Data

Microsoft 365. A complete, intelligent, secure solution to empower employees. Integrated for simplicity. Built for teamwork. Unlocks creativity

Cloud-Security: Show-Stopper or Enabling Technology?

Transcription:

CIAM: Need for Identity Governance & Assurance Yash Prakash VP of Products

Key Tenets of CIAM Solution Empower consumers, CSRs & administrators Scale to millions of entities, cloud based service Security should be in-grained

Why is Identity Governance & Assurance critical for CIAM? Let s review some of the use cases

1 Frictionless Onboarding at the same time, provide assurance and manage risk Enable customers and business partners with self-service account management tools Ensure they are who they claim to be Manage user groups and associated access across multiple identity stores Registration Level of Assurance ID Proofing

1 Orchestrate customer journeys securely with tiered ID proofing and based on a risk framework Based on the channel (Mobile, Social etc.) Consumer Risk-level of the entity or service that user is planning to consume Risk at user and session level, constantly evaluate the user activity and behavior Registered Customer RISK TRUST Integration with case management tools Account linking based on risk associated with both user and the entity (e.g. insurance policy) Trusted user User

Ability to select ID proofing providers based on the risk framework CMDB,

2 Access Control & Policy simplify access model across multiple portals/applications Enforce visibility rules for attribute management, trigger approval workflows upon state change Perform provisioning actions upon state change across multiple repositories Product Owners Customer Support IDM Identity Governance Broker APIs Product Bulk Updates Version Control Role / Profile Governance Risk Profiling Model Reporting Dashboards Privilege Access Policy / Audit DB

3 Privileged Access for consumer facing applications Manage product and service catalogs Support granular delegated administration of users / organizations with integrated audit and traceability Organize access and subscription bulk changes to user communities, manage attribute inheritance model Continuous governance of access, policies Context aware Delegated Administration Risk modeling

4 Self-Service Capabilities enabling customized experience Visibility into their personal information Consent management (GDPR, PSD2 compliance) Subscription management Password management Privacy / Consent Profile Password

5 Risk aggregation & distribution to continuously monitor user and entity behavior Integration with UEBA / Threat tools for additional threat intelligence feeds Propagate risk to authentication providers as well as downstream applications Behavior Analytics Preventive Controls Compliance

So, how does the end-state CIAM architecture look like?

IT Security Audit / Compliance Employees Customers, Partner Admins Customer Support Portal / App Owners CONSUMER APPS / PORTAL SERVICES Micro-services abstraction layer Manage Account (Self-service / delegated) Account Validation / Linking Subscription / Profile Privacy / Consent Forgotten ID / Password IDENTITY MGMT. & GOVERNANCE Portal Entitlement Tiered Identity Proofing Role / Policy / Group Risk Profiling / Workflow Privilege Access Delegated User Administration Provisioning Product / Service Catalog Access Review Reports, Controls, Dashboards Federation / Single Sign-On Access Policy Case Support Multi-factor Authentication Web Services Security Adaptive Authentication Security Token Service Just-in-time Provisioning Session Audit, Reports ACCESS MGMT. 3 rd Party / Internal Risk Providers Customer Identity Stores, AuthN / AuthZ stores, Legacy Platforms User & Entity Behavior Analytics Customer Master Data

Business Ready Compliance Driven Extensible CIAM is HERE. Governance & Assurance is KEY. Risk Based Cloud Architected, Cloud Hosted

Questions? www.saviynt.com yash.prakash@saviynt.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback