1 / 9

Identity Management The Foundation Jim Gerken Novacoast, Inc.

Identity Management The Foundation Jim Gerken Novacoast, Inc. Why Identity Management?. Threats Regulations “Requirement to know who is accessing what” “.... share across agencies...” “Public needs access” More Data More Users More Places More Accountability.

kane-cobb
Download Presentation

Identity Management The Foundation Jim Gerken Novacoast, Inc.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identity Management The Foundation Jim Gerken Novacoast, Inc. www.novacoast.com

  2. www.novacoast.com Why Identity Management? • Threats • Regulations • “Requirement to know who is accessing what” • “.... share across agencies...” • “Public needs access” • More Data • More Users • More Places • More Accountability

  3. www.novacoast.com What is Identity Management? • WhatIs - “Identity management is a broad administrative area that deals with identifying individuals in a system and controlling their access to resources within that system by associating user rights and restrictions with the established identity.” • AAA • Authentication – Identify WHO (and WHERE) • Authorize – Is WHO allowed to WHAT from WHERE? Yes/No • Audit – Record that decision and the resulting action

  4. www.novacoast.com Authentication • Determining WHO and WHERE • Uniquely identifying the user via some mechanism such as password, biometrics, something • Identifying where the user is • Inside the network or outside? • On an enterprise resource or a public or private resource? • Controlled or un-controlled? • This information comes from the People Database(s) and the Asset/Inventory and Network

  5. www.novacoast.com Authorization • Is WHO allowed to WHAT from WHERE? • Defined by Policy • Enabled by Provisioning • Rules – data driven automation • Workflows – manual decision trees • Roles – policy decisions based upon business criteria • Enforced by Access Control

  6. www.novacoast.com Audit • Record that authorization and the resulting action • Log the Decision (implementation of Policy) • Prevent abuse of Policy • Separation of Duties • Circumvention of Policy • Log the Action (use/abuse of Policy) • Monitor the logging through notification and reporting • Purpose behind auditing is two-fold: • Document current state • Show how current state was reached

  7. www.novacoast.com Identity Management Features • Provisioning – the ability to create & terminate identities where needed when needed • Flexibility – the ability to implement your business rules without requiring you to change them first • Depth of Support – the ability to connect to the systems and service providers you and your users use • Multiple Methods – Rules, Workflows, Roles • Adds Value – to both your technical staff and your users • Secure – secure your data, secure your processes • Effective – get info where it needs to be when it needs to be

  8. www.novacoast.com Identity Management Projects • Strategic • Organization Wide • Like Security, a Core Consideration of all IT • Manageable • Modular • Multiple Implementations

  9. Jim Gerken Identity and Security Practice Manager Novacoast, Inc. jgerken@novacoast.com 800-949-9933 x6111 www.novacoast.com

More Related