Force Cyber Criminals to Shop Elsewhere

1 © Copyright 2015 EMC Corporation. All rights reserved.

Force Cyber Criminals to Shop Elsewhere


Introductions - Our Presenters

Rob Sadowski Director, Technology Solutions

Kimberlee Bachman Senior Product Marketing Manager, IAM Solutions


• Cyber Security Challenges in Retail

• Identity Challenges in Retail

• Solution Best Practices

• RSA Identity Management and Governance

• Use Cases

• Q&A

Agenda


Security Concerns in Retail

Need to protect customer data and intellectual

property

Need to secure critical

systems

Cyber criminals

focusing on retailers Recent wave

of retailer breaches


• Payment card data

• Emphasis on compliance

• High employee turnover

Why Are Retailers an Attractive Target?


Payment Card

Information

Customer Purchase

and Loyalty Information

Intellectual Property

Cyber criminals do not discriminate against data, they’ll take it all

Concern: More Than Just Payment Card Data


Retailers’ Identity Specific Concerns

Compliance Access to

Data

Role Management

Access Governance

Managing Identity Lifecycle


Employee Timeline Highlights Identity Concerns

Review Joins Leaves Request Review & Revoke

Roles & Suggested Entitlements

Roles & Suggested Entitlements

Moves


Regular Access Reviews Put process in place to stay audit compliant and know who has access to what

Business Driven Access Reviews

Fine Grained Entitlement Visibility

Remain Audit Compliant

Lower Organizational Risk


Governing Access With Policies Policies help automate access governance and improve workforce management

Joiner Mover Leaver

Time Based

Segregation of Duties


Many People in Small Number of Roles

Corporate Users Hourly Workers Contractors


Governing Privileged Access (PAM)

Know what accounts have extra privilege and make sure that’s appropriate

Avoid any one admin or user having too much access to valuable information

Manage employees, vendors and contractors

Review who has privileged access


Keeping Compliant

PCI DSS

HIPAA

SOX

Data Privacy


RSA Identity Management and Governance (IMG)


RSA IAM Enabling trusted interactions between identities and information

Applications/Data/Resources

Identity Lifecycle

Compliance

Access Platform Governance Platform

Federation/SSO

Authentication

Employees/Partners/Customers

Provisioning

Identity Intelligence


Shift Decision Making and Accountability to the Business

Centralized Identity & Business Context

Business Process-Driven

Policy-Based Automation

Business-Driven Approach to Governance


A Phased Approach Role & Group Management

Access Request Policy Management

Provisioning

Visibility & Certification

Account & Entitlement Collection

Access Reviews

Segregation of Duties

Role Discovery & Definition

Role Maintenance

Group Analysis & Cleanup

Access Request Portal

Policy-Based Change

Management

Joiners, Movers, and

Leavers

Task Notification

Service Desk Integration

Data Visibility

Automated Provisioning

Compliance Controls


RSA IMG Retail Use Cases


Point of Sale Monitoring

IMG Helps Retail Customers Achieve Success

Challenge Solution

No way of knowing which Point of Sale

kiosk is being used and when

Grant entitlements to individual POS kiosks and name them by

region


Unowned Accounts


Challenge Solution

There are many unowned accounts

Removed orphaned accounts


Seasonal Workers & Contractors


Challenge Solution

Concerned with seasonal workers and

contractors having access for the right

period of time

Policies allow access to be granted for a set

amount of time to the right applications


Operational Challenges


Challenge Solution

There is operational inefficiency at the

store level

Can put workflow in place to manage

operations


Q&A

EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.