Upload
forgerock
View
275
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Breakout Session by Cyril Gollain, CEO of Brainwave, at the 2014 IRM Summit in Phoenix, Arizona.
Citation preview
IRM Summit 2014
Next-gen enterprise
identity services with
Brainwave Identity GRC
Cyril Gollain, Brainwave
2IRM Summit 2014
Agenda
■ The Trends:– Consumerization of Enterprise Identities– WWW Governance: Who, What, When– Identity beyond IT
■ The Cure:– Brainwave Identity GRC demo
3IRM Summit 2014
The Trends
Changes in the world of Enterprise Identities
4IRM Summit 2014
Consumerization
■ Over the last 10 years, the number of apps / accounts / access rights has exploded
■ New ways to access or share IT resources: Cloud, Mobile…
■ This drives for the need for more flexible ways to manage permissions in the extended enterprise– RBAC, Hierarchies, Fixed approval frameworks…
5IRM Summit 2014
Consumerization
■ Old New strategies are coming up:– Open Bar– Copy/Paste– Dynamic suggestions (à la Amazon)
■ Business Enabler: having the right level of safeguards (eg: on-the-fly) and controls (a posteriori)
6IRM Summit 2014
WWW Governance■ In order to efficiently govern your identities you need to
answer the three W:
■ Who: need to build a business-oriented system of records for Identities
■ What: need to encompass both the breadth of IT resources and the depth of granular access rights
■ When: need to correlate entitlement and activity (access logs) in order to assess the risks
7IRM Summit 2014
Identity beyond IT
■ Identity Analytics and Governance features enable new business Use Cases– Cost Optimizations: software licenses, mobile subcriptions, office
floor…– Merger&Acquisition: skills mapping based on entitlements;
identify key people…– Identity Context: risk-based authorizations, identity-aware
SIEM…
8IRM Summit 2014
The Cure
Brainwave Identity GRC
9IRM Summit 2014
Provide answers to
9
Who can access: \\NAS\secret\verysecret\document.xls?
Are there users who can remotely issue bank transfers?
Who left the accounting department over the last 6 months and is still accessing the Finance Back Office?
10IRM Summit 2014
Bottom-Up Approach
■ Holistic Mapping of organizations, resources, people and their access rights
■ Advanced navigation and search capabilities, including time navigation (entitlement history)
■ Advanced audit and analysis automated capabilities
■ Multi-format Reporting, versatile notification
■ Actionable & scalable processes– Review / Recertification / Remediation / Access Requests…
10
11IRM Summit 2014
Comprehensive Feature Set
Data model with full history trail
Collect engine
Data discovery
Rules engine
Controls
Reporting
Web portal
Exports to pdf, xls,…BPMN2 Workflowengine
Integratedticketingsystem
Push mail
IAM and ticketing systems connectors
Accounts reconciliation engine
Web Services
12IRM Summit 2014
OpenIDM Identity GRC
Identity GRC OpenIDM
Identity Lifecycle
OpenIdm Integration
Access Request & Approvals
Access FulfillmentCompliance controls& Access Recertification
Closed-loop remediation
13IRM Summit 2014
Seamless integration
Brainwave Unified Access Portal
Brainwave Core Services
Brainwave LedgerOpen IDM
OpenICF Connectors
Open DJ Business Apps
Reports Analytics Controls Notifications Workflows
JDB
C
Aja
xR
ES
T
14IRM Summit 2014
Benefits
■ Quick to deploy
■ Modular
■ Open
■ Complexity-proof
■ Business oriented
■ ForgeRock ready!
15IRM Summit 2014
Demo time…