ea slide deck id sync apr12 930a

8/6/2019 EA Slide Deck ID Sync Apr12 930a

1/18

Identity Management for the

Modern Enterprise.

Protect Your Data

All firms manage the identity of their software users

the only question is, how well?

Reduce Your IT Costs Identity management is a discipline

That deals with identifying individuals in a system (such as a network, or

an enterprise) and

Controlling their access to data and software application resources within

that system. It associates defined user rights and restrictions with the established

identity of the person.

Its purpose is to increase security and productivity , while decreasing cost

and redundant effort.

[email protected] 419-931-0079 1


2/18

Identity Management Discussion Agenda

What is it?

Why do we care?

What is at stake?

An Example of Modern Identity Management Product

2


3/18

Identity Management Experience?

Yes, we did? What was the driving factor?

What applications did you integrate?

What tools did you use?

What did the project look like Where was the ROI?

What was enthusiasm level of management for the project?

Not yet ? Are you feeling?

Guilty?

Anxious?

Comfortable?

Confused?

Dont Know

3


4/18

Who Cares?

President / CIO I want data protected

I want no negligence lawsuits orregulatory violations

This growing dramatically with SOX,HIPPA, Grahm Leach, PCI, etc

I want our brand protected

HR Management I want our employees to be productive

I want all human resources to beproductive

IT Management I want to minimize the cost of identity

administration

I want to do what management needs Security

I want to know we are secure withoutimpeding user productivity (too much).

I want to be alerted to anomalous activityand potential security breech

4

Internal/External Auditor Prove you are following generally

accepted best practices

Give me tools that I can inspect and

validate compliance with regulations

Users

All I want is to be left alone and getmy job done.

I can't remember all my

passwords

Resetting passwords is a hassle

I know it's not a good idea but if I

don't write it down, how can I

remember it?


5/18

Characteristics of Identity Management

Necessary

Time Consuming

Error Prone

Required for user access to information systems,

networks, operating systems.

The most simple error can expose the firm to significant

business and financial risk.

Can consume significant amount of IT bandwidth

5


6/18

Identity Management time consuming, error prone

problem required for user access to information systems,

networks, operating systems,

As a matter of

Enterprise governance and

control

Not to mention IT best

practices,

Not a good idea to leave

Identity Management to

chance. As a result, Identity Management issues

deserve attention and resourcecommitments deserving of the potential

consequences.

Identity Management software is

designed to automate and address many

of the issues affiliated with the issue

alleviate the cost, the delay and the risk

exposure.

6

Identity Name

Password

Dept

Role

Geography

Etc.

Access To Systems

Software Capabilities

Data

Change

Users Divers Audiences

Add, Delete, Role Change

Review or Audit Need to inspect and prove compliance

with Access policy


7/18

What started as a simple issue ....

The problem in a one user, one application scenario is

easy but consider 5 - 15 applications per average user

The user AUDIENCE is proliferating from internal employee to wider, higher risk audience

making the problem more difficult The ENVIRONMENT is more diverse. It used to be contained to inside firewall with login

within a geography.

Increasing, complexity, quantity, diversity Audiences

Stakeholders

Rates of Change

Quantity of applications

Quantity of computing environments

Regulation

Litigation

7


8/18

Consequence of sub-optimized

identity management process Bottleneck issues

Provisioning a new employee withinformation tools takes longer than itshould resulting in less productive andfrustrated employee.

Employee movement to new role in firmcosts more and takes longer than it

should Deployment of new or changed

applications are more costly and/ordelayed

Providing info to authorized channels orservice providers slows revenue

Risk Issues Unauthorized users still have access to

information no longer "need to know" list Manual administrative errors cause

inadvertent window into informationsystems

Mistakes can result in potentiallyexplosive situations

8

Efficiency Issues Skill level to make changes are higher than necessary

Opportunity cost of scarce IT staff availability to make

changes

Redundancy and cost of maintaining multiple

directories for multiple applications and work

environments

Slow Response

Leaves workers without IT tools

Opportunity cost of slow response is the

dominant current cost of Identity Management

followed closely by cost of IT efforts.

Latent costs include business risk, regulation &

litigation

Governance Issues Breeches can easily become crises requiring

disproportionate share of management attention

Negligence of fiduciary responsibilities makes firm

vulnerable to litigation and clean-up expenses

Becomes a critical management issue because identity

management processes that do not meet the business

need.


9/18

Bottleneck Issues

Provisioning a new employee with information tools

takes longer than it should resulting in less productive

and frustrated employee.

Employee movement to new role in firm costs moreand takes longer than it should

Deployment of new or changed applications are more

costly and/or delayed

Providing info to authorized channels or serviceproviders slows revenue

9


10/18

Risk Issues

Unauthorized users still have access to information no

longer "need to know" list

Manual administrative errors cause inadvertent window

into information systems Mistakes can result in potentially explosive situations

Example

Zombie Account - similar to leaving the keys to vault with an ex-

employee or subcontractor.

Ripe for exploitation and abuse

The firm will probably, hopefully, be OK but perhaps not, who

knows ??

10


11/18

Regulatory & Litigation Issues

Legislation PC Security Standards

All firms that use/touch credit cards as part of their transactions

SOX

All firms that have publicly traded stock

HIPPA

Firms that have identifiable medical information

Grahm-Leach-Biley

Protection of financial information

Protection Obligations Unauthorized disclosure

Controlled management of protected information

Not be negligent

Requests for Identity Information Business Management - who has software & data access?

Info requested by Auditors for login access add/change delete & compliance with "best practices"

Info requested by lawyers in the event of disclosure requests

11


12/18

Efficiency Issues

Skill level to make changes are higher than necessary

Opportunity cost of scarce IT staff availability to make changes

Redundancy and cost of maintaining multiple directories for multiple

applications and work environments

Slow Response Leaves workers without IT tools

Opportunity cost of slow response is the dominant current cost of Identity

Management followed closely by cost of IT efforts.

Latent costs include business risk, regulation & litigation

12


13/18

Governance Issues

Breeches can easily become crises requiring

disproportionate share of management attention

Negligence of fiduciary responsibilities makes firm

vulnerable to litigation and clean-up expenses Becomes a critical management issue because identity

management processes that do not meet the business

need.

13


14/18

Tranztecs ID Sync

An Example of an

Identity Management ToolDesigned for

Microsoft Windows Active Directory

14


15/18

ID Sync

Product Vision Statement

Provide a low-cost, extensible Identity Management software

tool suitable for mid-size enterprises (100 to 5,000 users) that is

directly integrated to Microsoft Active Directory platform :

Reduce business risk related to potential data breaches

Lower the cost of password administration via automated

processes

Improves employee productivity through reduced downtime

Improves business agility via faster deployment of application

software changes Manage user access to software applications residing on diverse

operating systems (Microsoft Windows & IBM AS400, Cloud

Applications, Unix)

15


16/18

Tranztecs Smart Architecture Methodology

Tight & Seamless Integration LeveMicrosoft Active Directory

Leverage existing Microsoft Tools

Microsoft SQL Server

Microsoft SQL programming

SQL Reporting Services

Security Groups

Reduces Cost of Product 1/10th the cost/complexity of typical Identity projects

1/2 the licensing cost of solutions designed for Fortune 500

vendors

16


17/18

Design Center - For ID Sync

80% of Value for 20% of Cost Tranztec ID Sync A Modern Identity Management Software Solution

ConsiderA Honda Accord

Comfortable, Frugal, Streamlined

Drive to work and home again

Built for the Small to Mid-Size Firms

Everybody can drive it 30 MPG

Legacy Products

Consider .. A Flying Boat Car

Big, Bulky, Expensive

By Land, By Sea, By Air

Around the world and all placesin between

Built for Fortune 500 Firms

Requires specially trained crew

3 MPG

17


18/18

Tranztec Solutions, Inc. - Perrysburg Ohio

Founded in 2001

Full service technology consultancy originallyfounded to serve local industry in NorthwestOhio.

Serve customers within 48 states of thecontinental U.S. as well as Canada.

Offices and data centers in Ohio, Michigan,Indiana, and Texas

Knowledge, expertise, & coverage to provideservices to a wide range of companies nationwideand has specialized expertise

Identity Management,

EDI Integration,

Exchange Server,

SQL Server, SQL Language

SharePoint,

Document Management Imaging, and

VoIP telephony

Windows & AS400 Support

Networking Technology

[email protected] 419-931-0079 18

Technology Partners

Microsoft Gold Partner

IBM Partner

Cisco Partner

Citrix

Create Software Products

911 Alert for Police Dept & County

Government

Tranzactor - EDI Translator

ID Sync - Identify Management

A/P & A/R Document Managementfor ERP

SQL Reporting Services Portal

ea slide deck id sync apr12 930a

Documents