1 / 26

HP Identity Management Solution Suite

HP Identity Management Solution Suite. Eric Krol e ric.krol@hp.com +31 651572233 14 september, 2006. 2005 Priorities – What are yours ?. http://www.csoonline.com/poll/results.cfm?poll=3080. Key goal for IT Moving budget from maintenance to innovation. Former IT. Future IT.

yuval
Download Presentation

HP Identity Management Solution Suite

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HP Identity Management Solution Suite Eric Krol eric.krol@hp.com +31 651572233 14 september, 2006

  2. 2005 Priorities – What are yours ? http://www.csoonline.com/poll/results.cfm?poll=3080 HP Confidential

  3. Key goal for ITMoving budget from maintenance to innovation Former IT Future IT Applicationmaintenance 15% Applicationmaintenance 30% Applicationinnovation45% Infrastructuremaintenance42% Infrastructuremaintenance30% Applicationinnovation23% Infrastructureinnovation10% InfrastructureInnovation5% Source: HP IT department HP Confidential

  4. Employees Customers Partners Partner Data and Applications Policy A Policy B Policy C Policy D Policy E Policy F Policy G Line of Business Line of Business Line of Business Line of Business Line of Business Line of Business Line of Business Typical Enterprise: Current State Resources Databases,Directories Messaging ApplicationsCRM, ERM HR,Finance Non ITResources Network Services OperatingSystems Administration& Approval Process IT Admin Directory IT Admin OS IT Admin Messaging IT Admin Applications IT Admin HR, Fin. AdminNon IT IT Admin Network Security &BusinessPolicy Governance& AuditProcess HP Confidential

  5. Employees Customers Partners Partner Data and Applications Policy A Policy B Policy C Policy D Policy E Policy F Policy G Line of Business Line of Business Line of Business Line of Business Line of Business Line of Business Line of Business Typical Enterprise: Actual State Resources Databases,Directories Messaging ApplicationsCRM, ERM HR,Finance Non ITResources Network Services OperatingSystems Administration& Approval process IT Admin Directory IT Admin OS IT Admin Messaging IT Admin Applications IT Admin HR, Fin. AdminNon IT IT Admin Network Security &BusinessPolicy Governance& AuditProcess HP Confidential

  6. What is Identity Management? The set of people, processes and technologies supporting the creation, maintenance, and termination of digital identities to enable secure access to services, systems and applications. Do you know who your users/customers are? And their relationships with your services or organization? HP Confidential

  7. Identity Management(Administration) Access Management(Real-Time Enforcement) Administer Authenticate Authorize Alarm/ Alerting Authentication Services Reduced Sign-On Password Management NAC Audit/Compliance User life cycle management Role Engineering Service Mgt ITSM Identity Stores Access Management Federated Identity Management Source: Gartner IAM Defined — User Identities, Transactions, Roles, Policies and Privileges HP Confidential

  8. Employee moves naturally between roles Employee Leaves Organisation BUSINESS IMPACT ? Employee Accepts Job Offer Privileges are applied as requested • Who knows what privileges you have? • How long torevoke? How long? Appropriateness of Access? Manual Provisioning Account Privilege Time HP Confidential

  9. Employee moves naturally between roles Employee Leaves Organisation IT responsive to change Employee Accepts Job Offer Privileges are applied as requested GUARANTEED Appropriateness of Access! HP IDM: Digital Provisioning Account Privilege Time HP Confidential

  10. IdM Drivers: Audit & Compliance Audit • Only 50% of organizations attempt to audit rights on a regular basis • Up to 60% of access profiles are no longer valid. In high turnover industries this can be as high as 80% (IDC) • Regulatory issues raising stakes on audit • 60% of organizations need to comply to some kind of privacy regulation (11% do well) (SCC) • Do you have regular Audits? • How regular? Why? • How much of the audit process is automated? • How do you model your audit controls? • Both preventive and detective controls? Only detective? • Leverage same KPIs & KRIs for different regulatory audits? • What are your concerns over Identity theft and fraud? • What about Privacy? • Can you effectively distribute data subject to regulations? • Are you part of your partners/suppliers audit processes? • Do you maintain your supplier/partner user data in your IT systems? What about liability and privacy of that data? HP Confidential

  11. IdM Drivers: Security & Risk Mgmt Security • At best only about 62% of a user’s access is removed upon termination (Meta). Orphan” accounts compound an organization’s risk of security breech by 23 X” • Over 60% of the authorization / user profiles are out to date (Meta) • 39% of all licenses are orphan accounts • 81% of security breaches come from disgruntled employees (Computer Security, Issues, & Trends) • Insider security lapses cost 250K per incident (FBI/CSI Computer Crime and Security Survey) • Is your business locking customers out, and locking employees in? • Is this inhibiting business? • What is desired? • What is the impact on business agility? • How do you utilize your partner relationships to their best? • E.g. partners able to interact at all stages of the supply chain in real time? • Can you provide just in time services? • How do you empower partners to self manage? • How do you single sign off partners? • How are you identifying customers today? • Tokens, certificates? • Passwords? • Variations and Combinations? HP Confidential

  12. IdM Drivers: Cost Reductions Cost Reductions • Reduce Identity silos • 40-60% of helpdesk workload deals with password mgmt (Meta and Intl Security Forum Report) • $25 per call – lost productivity, cost of reset activity • 5 hours per year for maintaining existing user profiles up to date (Gartner) • 30% of dev / integration cost are security related • Time to usefulness of employees or partners • No waiting to perform job function • Do you have more than 5 ways of Identifying customers? • How Many? How many different profiles? • Do you have a documented Identity management strategy • Why did it start? Regulatory pressure, Audit, Cost? • What were the hurdles you overcame? • Who is your IdM sponsor? • Is your IT department burdened with manual processes? • The 5 O'clock problem! IT works on boring tasks…. • What repetitive tasks should you automate? • Are lines of business able to manage themselves? • Are they averse to using IT oriented tools? What about simple web based business tools? HP Confidential

  13. IdM Drivers: Efficiency and Productivity • Do you have challenges managing business or IT change in your organization? • Organizational changes? Restructuring? Employee Turnover? Seasonal/temp employees? • Cross-functional or departmental projects? • What is the impact of change on business continuity, user productivity and compliance? • What is the cost of managing partner access? • Do the partners manage themselves or do you manage them ? • How fast can you on-board a new employee/partner? • What about termination? Seasonal employees? • How much of the physical asset and user provisioning is automated? Efficiency and Productivity • 15-25% of access and provisioning activities need to be redone due to paper and manual processing errors across the identity lifecycle (Intl Security Forum Report) • 27% of companies take greater than 5 days to grant or remove access rights (Intl Security Forum Report) • Externalized security increases time to market of business applications by 25% HP Confidential

  14. IdM Drivers: New Business Models and Revenue opportunities Federated Communities • Solves the issue of different authenticaton methods • Builds on standard web security webservices • Covisint in automotive industry • SecuritiesHub in Financial industry • Employee Benefits (401K, Medical, Dental) • Wireless Service Providers • Do you have a single view into your customer across all your services and products? • Leverage cross-sell opportunities across your products and services? • Leverage authentication methods and security standards • Do you want to leverage cross-sell opportunities with your partners? • Loyalty programs, for example? • Do you want to offer ‘identity services’ to any consumer? • Are you taking advantages of web services to automate partner relationships ? • Is security and audit an inhibitor? • Have you standardized partner access integrations? • How do you Audit web services systems? HP Confidential

  15. Bottom line Regulation conformance • Board responsibility for ensuring & reporting on effectiveness of internal controls • $10m + per company in expected fines for lack of compliance with new regulations (Sarbanes-Oxley, Basel II, EU Privacy, etc.) • Only 50% of companies attempt to audit rights on a regular basis • 60% of organisations need to comply to some kind of privacy regulation (11% do well) (SCC) Employees Sales Security • 81% of security breaches from disgruntled employees(Computer Security) • At best only 62% of a user’s access is removed upon termination(Meta Group) • Orphan accounts increase risk of security breech by 23 times (Meta Group) • Insider security lapses cost 250K per incident. (FBI/CSI Computer Crime andSecurity Survey) Customers Finance Data Quality • Inconsistent user information is spread over numerous systems. • Data quality is having a detrimental impact on service • Up to 60% of access profiles are no longer valid. In high turnover industries this can be as high as 80% (IDC) B2B Productivity • 15-25% of access /provisioning activities must be redone due to error(International Security Forum Report) • 27% of companies take more than 5 days to grant/remove access rights (International Security Forum Report) • 40- 60% of service desk calls are password related (Meta Group) Marketing Partners Cost Explosion • The total cost of ownership for user administration is out of control • What is our cost for Compliance • What will happen if the business changes or if IT changes • How many unnecessary licences are we paying for? Logistics HP Confidential

  16. BusinessExternal Focus IT Process Focus IT Operations Focus Point Tools Consolidated / Integrated Service Perspective HP OpenView HP Confidential

  17. Learn to love what you have been taught to fear! Change is constant Change is unexpected Change is disruptive Business Business objectives and strategy • Strategic partnerships • Mergers and acquisitions • Response to competitive moves • Supply-chain integration • Gov’t regulation/compliance • IT consolidation • Security threats • Operating system upgrades • Application migration • System & network disruption Organization Computing environment Change presents opportunities The ability to adapt to change is a key advantage in business. HP Confidential

  18. Forces of Change & Traditional IdM • User Lifecycle • Hiring & Terminations • Promotions & Transfers • Vacations, Leaves of Absences • Contractors, Part-time and Temporary workers • Subscriptions & Expirations • Business Lifecycle • Mergers & Acquisitions • Reorganizations & Restructuring • Cross functional/departmental initiatives or projects • Cross-company partner initiatives or projects • Regulatory Compliance Identity& AccessManagement • IT Lifecycle • Add, upgrade or retire apps and systems • New access modes (remote, mobile, etc) • Data center consolidation • Outsourcing & Hosted services HP Confidential

  19. Identity& AccessManagement Automate change management across all enterprise lifecycles –business, IT and user lifecycles HP Identity Management • User Lifecycle • Higher level of abstraction in service model of HP: manage on the level of business processes NOT on technology components. • Business Lifecycle • Higher level of abstraction allow for business environment change: • Merger / acquisition • Product introduction • Organization changes • Business autonomy • IT Lifecycle • Efficiency gains and IT business alignment is rapidly introduced because of service model for identities. HP Confidential

  20. Registration Propagation Web & Web Services Authorization Account linking & Cross-domain SSO B Accounts & Policies O E E P P Single sign-on Trusted partnerships Maintenance Termination ? . Audit & Reporting Regulatory Compliance HP IdM Suite Automate change management across all enterprise lifecycles –business, IT and user lifecycles Select Identity aligns users rights with the changing environment.Select Access ensures the environment is secure through the changes. Select Federation manages partners in the change process. And Select Audit ensures change process is compliant. HP Confidential

  21. HP OpenView Project HP Confidential

  22. Identity Management Selection Cycle &HP engagement IdM Solution Selection Cycle Requirements Analysis Solution definition Solution Selection • Organisation is new to IdM business • Compelling events • Requirements: business/operational/ security • Scoping • Commitment in organisation • Initial business case & budget • Organisation has already defined goals and drivers, and started investigating solution in market. • Plan • Team • Evaluate • Business case review • Budget and ROI • Management approval • Possible solutions have already been investigated, drivers and requirements are defines and issued an RFx. • Response to RFx • Demo / presentation / PoC • Implementation planning • Risk management • Procurement and T&C’s HP Confidential

  23. Need for business case • Business case is required in 75% of the identified IDM projects • Focus on business benefits first……. then align IT benefits • IDM is ERP or ITRP for IT “At the beginning of a project you are most ignorant about the project and that is the time when you need to make the most critical decisions about the schedule and cost” HP Confidential

  24. HP Business Case workshop • Focuses on identification and estimation of potential savings and current costs against analysts and market experience • Easy and quick way to approach I&AM with the stakeholders • Establish common ground • Ownership is there from the start HP Confidential

  25. Who participates? CxO Corporate Accountability IT Director Ops costs/ ease of use Security /Compliance Manager Risk/Policy /Compliance Service Desk Manager Productivity HR Ownership of the employee profiles Business Data quality / ease of use / introduction of new services According to a Forrester Research survey: “CISO’s usually hold responsibility for compliance directives related to system security, system integrity, or privacy-related components...” Nevertheless, “CISO’s can lack the budget authority that is necessary to fulfill those responsibilities, and often have to turn to the CIO for budget approvals.” Source: 2005 Forester Research Many contact points!! HP Confidential

  26. Questions eric.krol@HP.com Phone: +31 651572233 Thank You! HP Confidential

More Related