IAM (Identity and Access Management) and IAG (Identity and Access Governance) have evolved to key topics within both Information Security and IT Infrastructure. Their central role in enabling the new ABC (Agile Businesses – Connected) by allowing controlled access of all types of users to all types of services, but also the key role they play in achieving regulatory compliance and implementing governance, drives the evolution of IAM/IAG. Most organizations have already made some investment in IAM and IAG. Many of these investments are focused on the on-premises infrastructure. With the need to support external users such as customers and business partners and both Cloud applications and on-premise applications, IAM/IAG must move to the next level. There are many new opportunities such as Cloud IAM, risk- and context-based authentication and authorization, Dynamic Authorization Management, etc. On the other hand, IAM still must work well for the existing on-premises infrastructure.
In other words: It is time for IAM/IAG Strategic Planning. This track provides the information required for IAM/IAG Strategic Planning. It looks at how to evolve the existing infrastructure in an “embrace and extend” approach instead of “rip and replace”. It looks at the role of peoples and processes, the IAM/IAG Vendor Landscape, and new evolutions within IAM/IAG that will help you get a better grip on the underlying system-level entitlement management.
IAM/IAG: Balancing Existing Investments with your Future Needs
Balancing existing investments with future needs – this is a tough challenge to solve. This is even more true for IAM/IAG, where organizations face a number of new challenges such as onboarding business partners and customers, collaborating in industry networks, or managing access to Cloud services securely. Clearly, there is the need of having a big picture in mind, defining a roadmap, and executing this step-by-step, while regularly adjusting the vision, strategy, and roadmap to new requirements.
Aside of the question, how a big picture should and could look like today for IAM/IAG, it is also about implementing a good program management. This session will talk about how such a program management could look like. How to ensure that dependencies between various components are known? How to build an infrastructure that avoids lock-in and allows exchanging various components? How to work based on risk? How to implement controls for the program management process itself? How to communicate with the business departments to balance their urging requirements with the ability of IT to deliver and the need for risk mitigation? This session will provide answers and approaches on how to do that best.
People, Processes, Solutions: Maturing IAM/IAG at Commerzbank AG
Refering to the core message in the keynote ´Mastering the IAG Challenge´, the focus here is on the main steps to be taken in setting up and maturing an IAM/IAG program. What are the key lessons in such an approach? What does it mean in detail to focus on people, process and only finally on solutions and why is it critical for that focus to be exactly in that order?
Access Governance Vendor Panel
The Access Governance market is maturing – and changing. While there are many vendors now that have a strong offering for IAG (Identity and Access Governance), there are various new features provided by the one or other vendor. Data Governance, Cloud Access Governance, integration of Privilege Management features, Access Inteliigence, etc. Aside of that, there is the more fundamental question of whether the better approach is integrating Identity Provisioning and Access Governance or keeping these functionalities separate. While the one better suits to customers looking for a single solution, the other approach might work better for customers that already have various Identity Provisioning tools in place – something that is not uncommon in large organizations. Aside of that, provisioning approaches are becoming more flexible, supporting ESBs (Enterprise Service Bus), Service Management tools, and other ways to provision, beyond traditional Identity Provisioning.
As always, customer requirements are differing and there is most likely not the single right approach to do Access Governance. However, there are good arguments for all of these new features and architectural concepts. The participants of this panel will discuss about this and provide you arguments that help you picking the Access Governance approach of choice for your organization.
The 5 Critical Tenets of Identity and Access Management
The IAM market is experiencing a renaissance with the emergence of new options for how and where to deploy IAM technology, both on-premises and as a service. At the same time most organizations are struggling with how to best utilize the IAM solutions they have to manage their changing world of IT infrastructure. New technologies like cloud and mobile are being mixed with established mainstays like SAP, Oracle and RACF and all must be managed with a increasing focus on governance, compliance and automation. However, regardless of the delivery model selected, and whatever the mix of applications being managed, many best practices of IAM remain unchanged. During this session, SailPoint CTO, Darran Rolls will introduce the 5 Critical Tenets of Identity and Access Management. He will discuss the many and varied options now available to deliver IAM technology, and will provide a best-practice guide for defining, securing and managing Identity regardless of the IAM deployment technology, the application being managed, or the the infrastructure it all runs upon.
What Is the Level of Detail, an IAM Solution Must Cover?
The question about the level of detail, an IAM solution must cover, has been around since some time. But more than ever before, it is one of the most challenging questions in many IAM projects.
On the one hand, audits are requesting end-to-end coverage (from the user to the individual file, document, folder). On the other hand, the amount of data is growing disproportionately with each implemented level. Some implementations stop the IAM administration at group-level in general in order to keep data in a range, that still can be managed. Others go further. What level of detail does make sense? Is it realistic, to run e.g. 10.000+ Windows folders by one central IAM solution? Are there alternatives to a full implementation of ´User to Ressource´ relations? Is the growing number of data access management systems an appropriate complement to IAM for this challenge?
However, this is not only – and maybe not even primarily – a technical issue. It is about organization. It is about accountabilities and responsibilities. How to define the levels and how to ensure that cooperation works for instance between persons responsible for systems and others being responsible for the overarching IAM system?
Join this thought leadership panel session to get answers to your questions.
Entitlement & Access Governance: How to do Data Governance Right?
Entitlement & Access Governance defines an approach that combines the cross-system view of Access Governance with system-level management of entitlements. However, there are various ways to keep your data under control. While some vendors address the challenge by expanding their Access Governance solutions, others tackle it from the system and data level. Which approach works better? And for whom? In this discussion, Borja Rosales of Druva and Pervez Goiporia of Oracle will discuss with KuppingerCole Analyst Amar Singh about the pros and cons of various approaches on Entitlement & Access Governance – or just Data Governance.