Issuu on Google+

1

ID Management Suite

Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Fully integrated identity and access management.

2

Agenda • • • • •

3

Hitachi ID corporate overview. Identity problems and ID Management Suite benefits. ID Management Suite technology. Example deployments. Discussion.

Hitachi ID Corporate Overview

© 2012 Hitachi ID Systems, Inc.. All rights reserved.

1


Slide Presentation

3.1

Hitachi ID Corporate Overview

Hitachi ID is a leading provider of identity and access management solutions. • • • • •

Founded as M-Tech in 1992. A division of Hitachi, Ltd. since 2008. Over 900 customers. More than 11M+ licensed users. Offices in North America, Europe and APAC. • Partners globally.

3.2

4

Representative Hitachi ID Customers

Identity Problems and ID Management Suite Benefits

© 2012 Hitachi ID Systems, Inc.. All rights reserved.

2


Slide Presentation

4.1

Business Challenges • More IT → more users to manage. • There are challenges throughout the user lifecycle. • Support cost. • User service. • Security.

Slow: too much paper, too many people. Expensive: too many administrators doing redundant work.

Policies: enforced? Audit: are privileges appropriate? Org. relationships: track and maintain.

Reliable: notification of terminations. Fast: response by sysadmins. Complete: deactivation of all IDs.

4.2

Role changes: add/remove rights.

Passwords: too many, too weak, often forgotten. Access: Why can’t I access that application / folder / etc.

ID Management Suite

© 2012 Hitachi ID Systems, Inc.. All rights reserved.

3


Slide Presentation

4.3

4.4

HiIM Benefits Feature

Impact

Benefit

Auto-provisioning

Changes on a system of record trigger account creation, deactivation.

Cost, Service, Security: Less manual administration. New hires setup on time. Reliable termination.

Self-service workflow

Change requests via web form. Authorizers selected by built-in logic. E-mail invitations, web approvals.

Service, Cost: More efficient change management. Less manual administration.

Consolidated administration

Security officers can manage any user on any system from a web console. Reports show entitlements across systems.

Cost, Security: More efficient to manage by user than by system. Known account ownership establishes accountability.

HiPM Benefits

Hitachi ID Password Manager is an authentication management platform, providing a consistent process for managing passwords, tokens, smart cards and more.

Feature

Impact

Benefit

Password synchronization

Fewer passwords to remember.

Improved ease-of-use. Fewer password problems.

Self-serve password, PIN reset

Users resolve their own problems.

Fewer help desk calls.

Assisted password reset

Faster call resolution.

Lower cost per incident, improved service.

Policy enforcement

Password complexity, history, periodic changes.

Passwords harder to compromise.

Single signon

Automated application logins.

Users happier with IT.

Š 2012 Hitachi ID Systems, Inc.. All rights reserved.

4


Slide Presentation

4.5

5

HiPAM Impact Feature

Impact

Benefit

Randomize passwords daily

Eliminate static, shared passwords.

Disconnect former IT staff.

Controlled disclosure

Control who can see passwords.

The right users and programs can access privileged accounts, others cannot.

Logging & Reporting

Monitor password disclosure.

Accountability. Faster troubleshooting.

Encryption

Secure passwords in storage and transit.

Physical compromise does not expose passwords.

Replication

Passwords stored on multiple servers, in different sites.

Survive server crashes and site disasters.

ID Management Suite Technology

5.1

Closed Loop IAM

Integrated Systems of Record

Hitachi ID Management Suite List people

Auto discovery

Detected changes Auto-provisioning Identity synch.

Updates

Manual request

Requests Web UI

Updates

Invitations

Authorizers

Approve, reject, delegate

Approvals Web UI

- Validate requests - Route for approval - Invite authorizers - Send reminders - Escalate - Delegate Request Queue

Autofulfillment Work Queue

Manual fulfillment

Connectors

Review, certify, correct

Transaction Manager

Create, delete, update accounts

Invitations

Invitations

Certifiers

Non-integrated Systems

Create, delete, update accounts

Identity Cache

Automatic request

Requesters

Integrated Target Systems

List accounts

Certification Web UI

Workflow Manager

Implementer Web UI

Accept, confirm

Implementers

Š 2012 Hitachi ID Systems, Inc.. All rights reserved.

5


Slide Presentation

5.2

Included Connectors

Many integrations to target systems included in the base price:

5.3

Directories: Any LDAP, AD, WinNT, NDS, eDirectory, NIS/NIS+.

Servers: Windows NT, 2000, 2003, 2008, Samba, Novell, SharePoint.

Databases: Oracle, Sybase, SQL Server, DB2/UDB, Informix, ODBC.

Unix: Linux, Solaris, AIX, HPUX, 24 more.

Mainframes, Midrange: z/OS: RACF, ACF2, TopSecret. iSeries, OpenVMS.

HDD Encryption: McAfee, CheckPoint.

ERP: JDE, Oracle eBiz, PeopleSoft, SAP R/3 and ECC 6, Siebel, Business Objects.

Collaboration: Lotus Notes, Exchange, GroupWise, BlackBerry ES.

Tokens, Smart Cards: RSA SecurID, SafeWord, RADIUS, ActivIdentity, Schlumberger.

WebSSO: CA Siteminder, IBM TAM, Oracle AM, RSA Access Manager.

Help Desk: BMC Remedy, SDE, HP SM, CA Unicenter, Assyst, HEAT, Altiris, Track-It!

Cloud/SaaS: WebEx, Google Apps, Salesforce.com, SOAP (generic).

Simple Integration with Custom Apps

• ID Management Suite easily integrates with custom, vertical and hosted applications using flexible agents . • Each flexible agent connects to a class of applications: – – – – – – – –

API bindings (C, C++, Java, COM, ActiveX, MQ Series). Telnet / TN3270 / TN5250 / sessions with TLS or SSL. SSH sessions. HTTP(S) administrative interfaces. Web services. Win32 and Unix command-line administration programs. SQL scripts. Custom LDAP attributes.

• Integration takes a few hours to a few days. • Fixed cost service available from Hitachi ID.

© 2012 Hitachi ID Systems, Inc.. All rights reserved.

6


Slide Presentation

5.4

Multi-Master Architecture , nix , U 0, AD S/39 P, O DA 0 d e L S40 tiv or Na assw ge A p han Password c Synch Trigger Systems

User

IVR Server

VPN Server

Reverse Web Proxy

lid Va

ate

PW

Load Balancer

TCP/IP + AES Various Protocols

We

SQL/Oracle

ts ke Tic

& Incident up ok Management Lo System System of

Firewall

g Tri

ca Lo

etw lN

ork

Target Systems

Re

Firewall

t mo

n Ce a t a eD

ter

Proxy Server (if needed)

HTTPS

6.1

Target Systems with remote agent: AD, SQL, SAP, Notes, etc

s

r ge

Record

Secure Native Protocol

6

ice er v bS

SQL DB

ails Em SMTP or Notes Mail

Target Systems with local agent: OS/390, Unix, older RSA

Hitachi ID Application Server(s) SQL DB

, ted os s h ud app Clo aaS S

Example Deployments Case Study: US Bank Customer description:

US bank

Product:

Hitachi ID Password Manager

Industry:

Banking

Number of users:

150,000

Functionality:

Password reset via telephone, web browser

Main business driver:

Reduce IT support cost, improve authentication security when users call for help.

Business impact:

Eliminated 33,000 help desk calls/month. Saved at least US$ 4,000,000/year.

Š 2012 Hitachi ID Systems, Inc.. All rights reserved.

7


Slide Presentation

6.2

Case Study: Restaurant Chain Customer description:

Global restaurant chain

Products:

Hitachi ID Identity Manager

Number of users:

110,000

Functionality:

Simplify onboarding, deactivation of users in 12 countries.

Main business driver:

Reduce IT administration cost. Eliminate orphan accounts.

Business impact:

Create and delete thousands of user accounts/year without involvement by corporate security.

6.3

+ Hitachi

ID Password Manager

Case Study: Semiconductor Company Customer description:

Semiconductor company

Product: Industry:

Semiconductor

Number of servers:

3,000 – Unix, Windows, SQL Server, VMWare ESX

Functionality:

Randomize local administrator passwords on mission-critical servers, daily. Control disclosure to 200+ users.

Main business driver:

Secure sensitive password and discontinue manual effort.

Business impact:

Improved system security, reduced monthly cost of manually changing thousands of passwords.

6.4

Case Study: Insurance Company Customer description:

Insurance company.

Products:

Hitachi ID Password Manager

Industry:

Financial

Number of users:

40,000

Functionality:

Browser-based password synchronization and reset.

Main business driver:

Reduce IT support call volume.

Business impact:

Automate 25,000 password resets and unlocks per month.

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com

www.Hitachi-ID.com

File: PRCS:pres Date: March 1, 2012


Hitachi ID Management Suite