Embed Size (px)
Citation preview
Access Intelligence: A Key to Successful Compliance
1
55
Compliance and Access Rights Management
What is the link between Compliance and Access Rights Management?
2
HIPAA Privacy Rule
... a covered entity must develop and implement policies and
procedures that restrict access and uses of PHI, based on the
specific roles of the members of their workforce.
SoX Section 404 - Assessment of Internal Controls
..requiring each annual report ...to contain an internal control
report, which shall state the responsibility of management for
establishing and maintaining an adequate internal control
structure and procedures for financial reporting.
PCI-DSS - Restrict access to cardholder data
... Limit access to system components and cardholder data to
only those individuals whose job requires such access.
and many more...
Limit access ... to only those indivuals
whose job requires such access
Responsibility of management for
establishing and maintaining an
adquate internal control structure
... restrict access and uses of [data],
based on specific roles of the members
of their workforce.
Access Intelligence within IAG
Standard Reporting standard with most vendors
Recurring questions at periodic points in time
Predefined tabulation of filtered and sorted data
On-Demand Reporting / Analysis standard with most vendors
Filter / queries applied to standard reports
Report execution at individual point in time
Ad-hoc Reporting / Analysis included with Beta Systems Software
Self-service creation of individual reports
Selection of analysed data by drag and drop
Access Intelligence included with Beta Systems Software
Interactive data analysis
Variable perspectives on the data pool
Aggregation of / drill-down into data
Reporting
Access
Intelligence
Access Intelligence Use Case: Beta Systems Banking Client
Bank $19bn revenue/ 58k employees
Challenge: Bank needed more Intelligence on Access Rights
We need to compare two employees in same group to their rights
We need to see in each particular moment in time which users have collected higher risk profiles
We need to instantly spot role conflicts
We need a tool that will give data owners the risk level of employees in their group
We need to change analysis in real-time without IT intervention
4
Solution – Benefits for the Bank
Roles now classified according to risk rate and risk type
Each employee has it’s own risk level and profile
Managers can see their employees with high risk roles
Managers can see their employees within high risk groups
Managers more involved in access control definitions
Security officers can investigate accumulated roles and groups
Security officers can monitor users at high risk
Auditors prepare analysis with ad-hoc reporting for more timely reports
Easy to use tool
5
Access Intelligence - Data of most different sources
24.07.2015 6
Access Intelligence processed data from
SAM Enterprise and other IAM Solutions
Access Management systems directly
HR-Repositories
Compliance / Risk Management Systems
...
Windows Mail-Server Mainframe Directories
LDAP
Web-Apps Self-MadeApplicationsTarget Systems
Access
Intelligence
IAM Lösungen SAM 3rd Party IAM Directories
Enterprise Systems HRGRC-Systems
Access Intelligence – An encounter of different needs
Each type of user requires different features from access analytics
Access
Intelligence
Business Users• Easy to use systems following their user experience
• Predefined applications for their business needs
• Understandable business reports with a messageAuditors / Controlling
• Flexible ad-hoc queries
• Powerful standard reports
• Full integration of all data
• Drill-Through features
for complex analysis
IT / Security• Detailed information on all systems
• Efficient overview on system operations
• Drill-Down features for incident analysis
Management• Efficient risk, business & IT overview
• Indicators for follow up activities
• Owner concept for task assignment
• Auditable reports
Access Intelligence – BI technologies for IAGIn order get the required flexibility and effectiveness in Access Intelligence,
the use of ‚business intelligence‘ (BI) technologies is needed.
Only BI technologies offer the organization of the access data pool as a ‚cube‘
Handling of largest amounts of access data
Standard, On-Demand and Ad-Hoc Reporting
as well as Access Intelligence analyses
Multi-dimensional queries on normalized information
Recording of all data changes over time (data history)
Flexible integration of further, customer-specific data
Identities
Access Intelligence – Changing angles...
With Access Intelligence, the data pool becomes transparent from any reference point. By ‚slice and dice‘ the
user can get answers for the consequent next question.
From information / queries on User/Group connections
The query can change easily to the Group/User view
And further to e.g.Group/Role connections
Drill-Down Technologies allow the required
low-level analysis for individual details
Groups
Role
Risk-driven IAM
10
Risk profiles filtering
large amounts of data
Analysis of individual
risk scorings
Consideration in
Workflow operations
Focussing on
high risk IAM operations
The Challenge - Access Management as a 'Big Data' topicWith the growing number of IT-Systemes
the volume of IT-accounts explodes.
Access Risk Analytics help you to focus on crucial profiles
Users Systems Accounts
and users
Freelancers
Partners
Vendors
Customers
Mobile
Access
Risk-Scoring - Giving direction in Big Data
12
Compliance Indicators - Risk as an Eye-Catcher
13
Dashboards - Entry points to detailed analytics
14
Microsoft Excel / Ad-hoc Reporting
15
Company Overview
16
Customers
17
1,300+ customers in 30+ countries numerous industry leaders
most of them international companies
comprehensive IT systems
complex IT processes
Customer engagement long-standing customer ties
various user groups
requirement management
Key Figures
R&D spend close to 20% of revenue
Publicly listed on Frankfurt Stock Exchange
12 Offices in Europe + North America
Development labs in Berlin, Calgary, Cologne, Neustadt
“Garancy Access Intelligence Manager is pushing the
envelope in terms of identity analytics and intelligence
through the adoption of a BI approach.” - Gartner
300+ employees
1,500 customers in 30 countries
Berlin Headquarters
Tech Support Center in Berlin + Calgary (24x7)
18
- Gartner singles out Beta Systems Software
for outstanding Customer Satisfaction for
Product, Support and Maintenance. And,
expertise with highly complex environments.
50% of Europe’s largest banks
secure business processes with
solutions from Beta Systems
7 of Europe’s 10 largest
insurers use solutions from
Beta Systems
Lines of Business
DCI: Data Center Intelligence
Beta‘s foundation in 1983
Infrastructure products for large DC
• New Discovery product suite
• Bi-directional Connectors and support
for CA and IBM Solutions
IAM: Identity Access Management
Since 2003
Most experience, comprehensive &
integrated IAM
• IBM, Microsoft, CA, SAP Partner
19
