SlideShare a Scribd company logo

Enterprise Identity and Access Management Use Cases

WSO2
WSO2

The growth of enterprises result in heterogeneous environments with complex business demands. Some of the biggest identity and access management (IAM) challenges faced by these organizations include inconsistent password policies, excessive identities and directories, diverse and time-consuming auditing processes and an increasing need to stay on top of compliance regulations. Moreover, maintaining an enterprise LAN border is no longer viable as enterprises shift to cloud platforms and adopt SaaS and mobile apps that cross typical security domain boundaries. Your productivity levels will go down if users can’t access the apps they need, the risk of breach when employees access apps outside of your enterprise will increase and you will face high maintenance costs for legacy systems. To avoid this, you need to implement a modern identity and access management solution that provides seamless user experiences, secures access for employees and partners, easily integrates legacy system as well as cloud and mobile apps, and manages employee data securely and efficiently. Malithi and Pulasthi explored how to address these IAM challenges and adopt strategies that lead to efficient, secure and compliant IAM. They will discuss The IAM challenges of complex heterogeneous enterprises Common IAM use cases Common patterns for IAM solutions

Technology
1 of 32
Download to read offline
Enterprise Identity and Access Management Use Cases Malithi Edirisinghe Pulasthi Mahawithana Associate Technical Lead Senior Software Engineer August 8, 2017
TODAY’S IT CHALLENGES 2 2 More Compliant Business ● Increasing regulatory demands ● Increasing privacy concerns ● Business viability concerns More Agile Business ● More accessibility for employees, partners and customers ● High level of B2B integrations ● Faster reaction to changing requirements More Secured Business ● Identity theft ● Intellectual property theft ● Constant global threats
TODAY’S SECURITY IS NO LONGER SECURE ● Two-thirds of organizations averaged five or more breaches in the past two years Forrester Consulting Thought Leadership Paper, February 2017 ● Nearly six billion data records were lost or stolen in past few years ● An average of over 165,000 records compromised every hour http://www.breachlevelindex.com/ ● Global cybercrime-related damage costs are expected to exceed $6 trillion annually by 2021 www.csoonline.com/article/3153707/security/ top-5-cybersecurity-facts-figures-and- statistics-for-2017.htm 3
How do you rate the need for having a mature IAM to succeed in Digital Transformation ? IAM FOR DIGITAL BUSINESS 4 Kuppinger Cole Ltd.,Berlin, 29.06.2017
FORRESTER IAM MATURITY MODEL ● Nonexistence (level-0): No identity management system in place — and do not realize the need. ● Ad hoc (level-1): Occasionally, not consistent, not planned, disorganized. ● Repeatable (level-2): Intuitive, not documented, occurs only when necessary. ● Defined (level-3): Documented, predictable, occurs only when necessary. ● Measured (level-4): Well-managed, formal, often automated, evaluated frequently. ● Optimized (level-5): Continuous and effective, integrated, proactive, usually automated. 5
ENTERPRISE IAM USECASES ● Identity Lifecycle Management ● Seamless access to applications and resources ● Regulatory Compliance ○ Identity Assurance ○ Auditing, Reporting and Monitoring ● Fraud Detection, Prevention and User Behavior Analytics 6
#1 IDENTITY LIFECYCLE MANAGEMENT
IDENTITY LIFECYCLE MANAGEMENT Phases ● User On-boarding/Account Activation ● Account Maintenance and Support ● User Off-boarding/Account Termination These processes will differ for ● Employees ● Partners ● Contractors 8
USER ONBOARDING / ACTIVATION 9 ● Usually involves ○ Workflow approval ○ Provisioning accounts ○ Verifications ■ Mail ■ Phone ○ Activation
Over the time the employees will require ● Privilege changes due to ○ Promotions ○ Change of Roles ● Profile updates ACCOUNT MAINTENANCE 10
● Deprovision the federated accounts ● Delete/Disable the account USER OFFBOARDING/TERMINATION 11
DEMONSTRATION
#2 SEAMLESS ACCESS TO RESOURCES
SEAMELESS ACCESS TO RESOURCES ● Distributed Workforce ○ Mergers, Acquisitions and Partnerships ○ Remote Workstations ○ Mobile Workforce ● Distributed Applications ○ SaaS Applications ○ Corporate Applications ○ Mobile Applications 14
SINGLE SIGN ON/ SINGLE LOGOUT 15
BYOID 16
BYOD 17
REAL-TIME ACCESS CONTROL 18
#3 REGULATORY COMPLIANCE
REGULATORY COMPLIANCE ● PCI ● HIPAA ● SOX ● FERPA ● GDPR ● PSD2 20
IDENTITY ASSUARANCE ● Compliance is more or less about ensuring Identity Assurance 21
AUTHENTICATION LEVELS 22 Meaning Authentication AL1 Little or no confidence PIN and Password AL2 Some confidence Single factor Authentication AL3 High Confidence Multi-factor Authentication via ‘soft’, ‘hard’, ‘OTP’ tokens AL4 Very High Confidence Multi-factor cryptographic authentication with hard tokens
PASSWORD RECOMMENDATIONS ● No universally accepted alternative for password ● Password recommendations: ○ Min, Max length ■ PINs - min: 6 digits ■ Passwords - min: 8 characters, max:64 characters ○ Specific character content ○ Password validation ■ against history ■ against a dictionary of bad choices ○ Avoid brute force and dictionary attacks ● Recovery and Password Reset ○ Security questions/ hints ○ Email Notifications 23
AUDITING AND MONITORING ● You might not know who will access your system ● Full Audit on user activities are important ○ Specially on User Management, Admin operations ○ Who, What, From Where, When, How 24
#4 FRAUD DETECTION, PREVENTION AND ANALYTICS
FRAUD DETECTION AND PREVENTION ● Monitor, Detect and Remediate ● Understanding user behavior ● Predicting future needs 26
ALERTING 27
ENTERPRISE IAM PLANNING 28 Assess your current IAM strategy 1 Have a clear inventory of your current identity and authentication infrastructure and policies 2 Evaluate the right IAM approach Security, Productivity and Compliance concerns Cloud Vs Corporate deployments Open standards Vs Proprietary Interfaces Assemble key stakeholders Define deployment plan Implement IAM solution Gain end user acceptance Define a strategy to execute IAM plan 3 28
ENTERPRISE IAM TRENDS ● By 2019, more than 80 percent of organizations will use access management software or services, up from 55 percent today. ● By 2021, IDaaS will be the majority access management delivery model for new purchases, up from less than 20% today. Gartner Magic Quadrant for Access Management, June 2017 29
30
Q&A 31
THANK YOUTHANK YOU

Recommended

Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewITJobZone.biz
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 

Recommended

Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewITJobZone.biz
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management StrategyNetIQ
 
Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Aujas
 
Zero Trust
Zero TrustZero Trust
Zero TrustBoaz Shunami
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
IAM Solution
IAM SolutionIAM Solution
IAM Solutionvikasraina
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access managementPiyush Jain
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
e-Zest Remote Infrastructure Management Services (RIM) Services
e-Zest Remote Infrastructure Management Services (RIM) Servicese-Zest Remote Infrastructure Management Services (RIM) Services
e-Zest Remote Infrastructure Management Services (RIM) Servicese-Zest Solutions
 
Building a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionBuilding a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionWSO2
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
Cyberark training ppt
Cyberark training pptCyberark training ppt
Cyberark training pptAkhil Kumar
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIBM Security
 
Going Passwordless with Microsoft
Going Passwordless with MicrosoftGoing Passwordless with Microsoft
Going Passwordless with MicrosoftFIDO Alliance
 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...FIDO Alliance
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Ping Identity: Corporate Overview Financial Services
Ping Identity: Corporate Overview Financial ServicesPing Identity: Corporate Overview Financial Services
Ping Identity: Corporate Overview Financial ServicesBenjamin Canner
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 

More Related Content

What's hot

Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access ManagementPrashanth BS
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management StrategyNetIQ
 
Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Aujas
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access managementPiyush Jain
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
e-Zest Remote Infrastructure Management Services (RIM) Services
e-Zest Remote Infrastructure Management Services (RIM) Servicese-Zest Remote Infrastructure Management Services (RIM) Services
e-Zest Remote Infrastructure Management Services (RIM) Servicese-Zest Solutions
 
Building a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionBuilding a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionWSO2
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019Ivanti
 
Cyberark training ppt
Cyberark training pptCyberark training ppt
Cyberark training pptAkhil Kumar
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIBM Security
 
Going Passwordless with Microsoft
Going Passwordless with MicrosoftGoing Passwordless with Microsoft
Going Passwordless with MicrosoftFIDO Alliance
 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...FIDO Alliance
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 

What's hot (20)

Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access Management
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016
 
Zero Trust
Zero TrustZero Trust
Zero Trust
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
IAM Solution
IAM SolutionIAM Solution
IAM Solution
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 
e-Zest Remote Infrastructure Management Services (RIM) Services
e-Zest Remote Infrastructure Management Services (RIM) Servicese-Zest Remote Infrastructure Management Services (RIM) Services
e-Zest Remote Infrastructure Management Services (RIM) Services
 
Building a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) SolutionBuilding a Customer Identity and Access Management (CIAM) Solution
Building a Customer Identity and Access Management (CIAM) Solution
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019
 
Cyberark training ppt
Cyberark training pptCyberark training ppt
Cyberark training ppt
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
 
Going Passwordless with Microsoft
Going Passwordless with MicrosoftGoing Passwordless with Microsoft
Going Passwordless with Microsoft
 
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
Microsoft's Path to Passwordless - FIDO Authentication for Windows & Azure Ac...
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 

Similar to Enterprise Identity and Access Management Use Cases

Ping Identity: Corporate Overview Financial Services
Ping Identity: Corporate Overview Financial ServicesPing Identity: Corporate Overview Financial Services
Ping Identity: Corporate Overview Financial ServicesBenjamin Canner
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
The Five Pillars of Customer Identity and Access Management (CIAM)
The Five Pillars of Customer Identity and Access Management (CIAM)The Five Pillars of Customer Identity and Access Management (CIAM)
The Five Pillars of Customer Identity and Access Management (CIAM)WSO2
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Group of company MUK
 
Six Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & VendorsSix Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & VendorsBomgar
 
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
The ForgeRock Identity Platform Extends CIAM, Fall 2017 ReleaseThe ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
The ForgeRock Identity Platform Extends CIAM, Fall 2017 ReleaseForgeRock
 
Identity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital TransformationIdentity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital TransformationWSO2
 
The Future of Digital IAM
The Future of Digital IAMThe Future of Digital IAM
The Future of Digital IAMWSO2
 
Buyer’s guide to multi factor authentication
Buyer’s guide to multi factor authenticationBuyer’s guide to multi factor authentication
Buyer’s guide to multi factor authenticationJack Forbes
 
AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?
AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?
AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?AdvisorAssist, LLC
 
Securing Privileged Access “Inside the Perimeter”
Securing Privileged Access “Inside the Perimeter”Securing Privileged Access “Inside the Perimeter”
Securing Privileged Access “Inside the Perimeter”Bomgar
 
Looking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance DeadlineLooking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance Deadlineaccenture
 
File Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial ServicesFile Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial ServicesBlackBerry
 
Consumer Identity World EU - Five pillars of consumer IAM
Consumer Identity World EU - Five pillars of consumer IAM Consumer Identity World EU - Five pillars of consumer IAM
Consumer Identity World EU - Five pillars of consumer IAM Sagara Gunathunga
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAMWSO2
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...CA Technologies
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO Alliance
 

Similar to Enterprise Identity and Access Management Use Cases (20)

Ping Identity: Corporate Overview Financial Services
Ping Identity: Corporate Overview Financial ServicesPing Identity: Corporate Overview Financial Services
Ping Identity: Corporate Overview Financial Services
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
The Five Pillars of Customer Identity and Access Management (CIAM)
The Five Pillars of Customer Identity and Access Management (CIAM)The Five Pillars of Customer Identity and Access Management (CIAM)
The Five Pillars of Customer Identity and Access Management (CIAM)
 
Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint Check Point: Defining Your Security blueprint
Check Point: Defining Your Security blueprint
 
Six Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & VendorsSix Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & Vendors
 
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
The ForgeRock Identity Platform Extends CIAM, Fall 2017 ReleaseThe ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
 
Identity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital TransformationIdentity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital Transformation
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6
 
The Future of Digital IAM
The Future of Digital IAMThe Future of Digital IAM
The Future of Digital IAM
 
Buyer’s guide to multi factor authentication
Buyer’s guide to multi factor authenticationBuyer’s guide to multi factor authentication
Buyer’s guide to multi factor authentication
 
AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?
AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?
AdvisorAssist Are Your RIA's Clients Protected from Cyber Threats?
 
Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management
 
Securing Privileged Access “Inside the Perimeter”
Securing Privileged Access “Inside the Perimeter”Securing Privileged Access “Inside the Perimeter”
Securing Privileged Access “Inside the Perimeter”
 
Looking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance DeadlineLooking Beyond GDPR Compliance Deadline
Looking Beyond GDPR Compliance Deadline
 
File Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial ServicesFile Sharing Use Cases in Financial Services
File Sharing Use Cases in Financial Services
 
Consumer Identity World EU - Five pillars of consumer IAM
Consumer Identity World EU - Five pillars of consumer IAM Consumer Identity World EU - Five pillars of consumer IAM
Consumer Identity World EU - Five pillars of consumer IAM
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - Presentation
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 

More from WSO2

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in ChoreoWSO2
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023WSO2
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzureWSO2
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfWSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in MinutesWSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityWSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfWSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoWSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsWSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital BusinessesWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformationWSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesWSO2
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready BankWSO2
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIsWSO2
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native DeploymentWSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”WSO2
 

More from WSO2 (20)

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
 

Recently uploaded

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Recently uploaded (20)

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Enterprise Identity and Access Management Use Cases

  • 1. Enterprise Identity and Access Management Use Cases Malithi Edirisinghe Pulasthi Mahawithana Associate Technical Lead Senior Software Engineer August 8, 2017
  • 2. TODAY’S IT CHALLENGES 2 2 More Compliant Business ● Increasing regulatory demands ● Increasing privacy concerns ● Business viability concerns More Agile Business ● More accessibility for employees, partners and customers ● High level of B2B integrations ● Faster reaction to changing requirements More Secured Business ● Identity theft ● Intellectual property theft ● Constant global threats
  • 3. TODAY’S SECURITY IS NO LONGER SECURE ● Two-thirds of organizations averaged five or more breaches in the past two years Forrester Consulting Thought Leadership Paper, February 2017 ● Nearly six billion data records were lost or stolen in past few years ● An average of over 165,000 records compromised every hour http://www.breachlevelindex.com/ ● Global cybercrime-related damage costs are expected to exceed $6 trillion annually by 2021 www.csoonline.com/article/3153707/security/ top-5-cybersecurity-facts-figures-and- statistics-for-2017.htm 3
  • 4. How do you rate the need for having a mature IAM to succeed in Digital Transformation ? IAM FOR DIGITAL BUSINESS 4 Kuppinger Cole Ltd.,Berlin, 29.06.2017
  • 5. FORRESTER IAM MATURITY MODEL ● Nonexistence (level-0): No identity management system in place — and do not realize the need. ● Ad hoc (level-1): Occasionally, not consistent, not planned, disorganized. ● Repeatable (level-2): Intuitive, not documented, occurs only when necessary. ● Defined (level-3): Documented, predictable, occurs only when necessary. ● Measured (level-4): Well-managed, formal, often automated, evaluated frequently. ● Optimized (level-5): Continuous and effective, integrated, proactive, usually automated. 5
  • 6. ENTERPRISE IAM USECASES ● Identity Lifecycle Management ● Seamless access to applications and resources ● Regulatory Compliance ○ Identity Assurance ○ Auditing, Reporting and Monitoring ● Fraud Detection, Prevention and User Behavior Analytics 6
  • 8. IDENTITY LIFECYCLE MANAGEMENT Phases ● User On-boarding/Account Activation ● Account Maintenance and Support ● User Off-boarding/Account Termination These processes will differ for ● Employees ● Partners ● Contractors 8
  • 9. USER ONBOARDING / ACTIVATION 9 ● Usually involves ○ Workflow approval ○ Provisioning accounts ○ Verifications ■ Mail ■ Phone ○ Activation
  • 10. Over the time the employees will require ● Privilege changes due to ○ Promotions ○ Change of Roles ● Profile updates ACCOUNT MAINTENANCE 10
  • 11. ● Deprovision the federated accounts ● Delete/Disable the account USER OFFBOARDING/TERMINATION 11
  • 14. SEAMELESS ACCESS TO RESOURCES ● Distributed Workforce ○ Mergers, Acquisitions and Partnerships ○ Remote Workstations ○ Mobile Workforce ● Distributed Applications ○ SaaS Applications ○ Corporate Applications ○ Mobile Applications 14
  • 15. SINGLE SIGN ON/ SINGLE LOGOUT 15
  • 20. REGULATORY COMPLIANCE ● PCI ● HIPAA ● SOX ● FERPA ● GDPR ● PSD2 20
  • 21. IDENTITY ASSUARANCE ● Compliance is more or less about ensuring Identity Assurance 21
  • 22. AUTHENTICATION LEVELS 22 Meaning Authentication AL1 Little or no confidence PIN and Password AL2 Some confidence Single factor Authentication AL3 High Confidence Multi-factor Authentication via ‘soft’, ‘hard’, ‘OTP’ tokens AL4 Very High Confidence Multi-factor cryptographic authentication with hard tokens
  • 23. PASSWORD RECOMMENDATIONS ● No universally accepted alternative for password ● Password recommendations: ○ Min, Max length ■ PINs - min: 6 digits ■ Passwords - min: 8 characters, max:64 characters ○ Specific character content ○ Password validation ■ against history ■ against a dictionary of bad choices ○ Avoid brute force and dictionary attacks ● Recovery and Password Reset ○ Security questions/ hints ○ Email Notifications 23
  • 24. AUDITING AND MONITORING ● You might not know who will access your system ● Full Audit on user activities are important ○ Specially on User Management, Admin operations ○ Who, What, From Where, When, How 24
  • 26. FRAUD DETECTION AND PREVENTION ● Monitor, Detect and Remediate ● Understanding user behavior ● Predicting future needs 26
  • 28. ENTERPRISE IAM PLANNING 28 Assess your current IAM strategy 1 Have a clear inventory of your current identity and authentication infrastructure and policies 2 Evaluate the right IAM approach Security, Productivity and Compliance concerns Cloud Vs Corporate deployments Open standards Vs Proprietary Interfaces Assemble key stakeholders Define deployment plan Implement IAM solution Gain end user acceptance Define a strategy to execute IAM plan 3 28
  • 29. ENTERPRISE IAM TRENDS ● By 2019, more than 80 percent of organizations will use access management software or services, up from 55 percent today. ● By 2021, IDaaS will be the majority access management delivery model for new purchases, up from less than 20% today. Gartner Magic Quadrant for Access Management, June 2017 29
  • 30. 30