Compliance Management Solutions from Novell Insert Presenter's Name (16pt)

Similar documents
Effectively Managing Identities within the Enterprise and Cloud

Key Benefits of Novell ZENworks 10 Configuration Management. Enterprise Edition

SOLUTION BRIEF RSA IDENTITY GOVERNANCE & LIFECYCLE SOLUTION OVERVIEW ACT WITH INSIGHT TO DRIVE INFORMED DECISIONS TO MITIGATE IDENTITY RISK

Securing Access of Health Information Using Identity Management

RSA ARCHER IT & SECURITY RISK MANAGEMENT

Novell o e File Management age e Suite

An Introduction to Oracle Identity Management. An Oracle White Paper June 2008

Just Enough Operating System to kick start creativity. Simona Arsene

Tools for the Times New Boulder Tools Overview Presenter Name

Build a Future-Ready Enterprise With NTT DATA Modernization Services

Automating the Creation and Management of Cloud Workloads

Simplify and Secure: Managing User Identities Throughout their Lifecycles

Fulfilling CDM Phase II with Identity Governance and Provisioning

Sustainable Identity and Access Governance

SAP Road Map for Governance, Risk, and Compliance Solutions

White Paper. Reducing the Costs of IT Security Management

Oracle Identity & Access Management

IDEAS for Identity and Access Governance. Capabilities summary and screenshot selection

Novell GroupWise. Product Overview. Corne Groesbeek

ORACLE SOA GOVERNANCE SOLUTION

RSA Identity Management & Governance

Making intelligent decisions about identities and their access

CHOOSE THE RIGHT IDENTITY & ACCESS MANAGEMENT SOLUTION

SAP Product Road Map SAP Identity Management

PSA Peugeot Citroën PME PORTO

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

Be Remarkable. CONTRACT LIFECYCLE MANAGEMENT SOFTWARE. Software Overview OVERVIEW. Additional Available Professional Services

Securing Your Business in the Digital Age

Employee Lifecycle Management in an R12 World

Simple, Scalable, Real-time Protection

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

An Oracle White Paper April Developers and Identity Services - Bridging Usability and Transparency with Role Provider Service

IDENTITY AND ACCESS MANAGEMENT SOLUTIONS

Jeff Carpenter Authentication and Access Specialist RSA, The Security Division of EMC. Copyright 2015 EMC Corporation. All rights reserved.

ORACLE FUSION FINANCIALS CLOUD SERVICE

CA Virtual Performance Management

10 REASONS FOR ARIS. ARIS Product Marketing July Software AG. All rights reserved.

Speed Business Performance, Lower Cost, and Simplify IT with Automated Archiving

Certified Identity Governance Expert (CIGE) Overview & Curriculum

CA VPM Overview and Roadmap

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Identity Governance and Administration

SUSE Studio Extension for System z and the SUSE Appliance Program

IBM Tivoli Monitoring

The Data Opportunity: Using data for economic and social benefit reaping the

GOVERNANCE. Overview. The Governance Module can address all applicable standards and regulations.

ACHIEVE GLOBAL TRADE BEST PRACTICES

Environmental, Health and Safety Management

Security solutions White paper. Effectively manage access to systems and information to help optimize integrity and facilitate compliance.

Ready for the GDPR, Ready for the Digital Economy Fast-Track Your Midsized Business for the Digital Economy While Addressing GDPR Requirements

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Advanced Support for Server Infrastructure Refresh

Title: Leveraging Oracle Identity Manager (OIM) to Improve Costs and Control. An Oracle White Paper March 2009

Oracle Product Hub Cloud

PREVENT MAJOR DATA BREACHES WITH THREAT LIFECYCLE MANAGEMENT Seth Goldhammer, Senior Director of Product Management at LogRhythm

Cisco Tidal Intelligent Automation for SAP

AWS MSP Partner Program Validation Checklist v3.2 Mapping

Streamline Physical Identity and Access Management

Dynamic Enterprise Performance Management

Quantifying the Value of Investments in Micro Focus Quality Center Solutions

VULNERABILITY MANAGEMENT BUYER S GUIDE

The 7 Tenets of Successful Identity & Access Management

ORACLE PROJECT PORTFOLIO MANAGEMENT CLOUD

Improve Enterprise Application Adoption with User Experience Analytics

IBM Tivoli Endpoint Manager for Lifecycle Management

DATA SHEET RSA IDENTITY GOVERNANCE & LIFECYCLE SERVICES ACCELERATE TIME-TO-VALUE WITH PROFESSIONAL SERVICES FROM RSA IDENTITY ASSURANCE PRACTICE

5 Pitfalls and 5 Payoffs of Conducting Your Business Processes in the Cloud

Data Integration for the Real-Time Enterprise

Infor CloudSuite solutions Flexible, proven solutions designed for your industry. Infor CloudSuite

Securing Intel s External Online Presence

WHITE PAPER MARCH Improve ROI of PeopleSoft Enterprise With Business Automation

BUYER S GUIDE. Identity Management and Governance

<Insert Picture Here> Externalizing Identity

An Oracle White Paper March Access Certification: Addressing and Building On a Critical Security Control

Identity Management Solutions for Oracle E-Business Suite. An Oracle White Paper January 2008

RSA Solution for egrc. A holistic strategy for managing risk and compliance across functional domains and lines of business.

Neues von der Oracle Identity Governance Suite. Dr. Stephan Hausmann

Delivering Business-Critical Solutions with SharePoint 2010

WHITE PAPER EU General Data Protection Regulation Compliance

Entitlement Management

Fast Forward Shareholder Value from your SAP Investment using IBM Rational

Digitalizing Procurement for Midsize Companies: The First Step in Doing More with Less

The innovation engine for the digitized world The New Style of IT

Detect. Resolve. Prevent. Assure.

Modernizing Cyber Defense: Embracing CDM. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA

Business Risk Intelligence

OMADA IDENTITY SUITE OMADA IDENTITY SUITE. - Solution in Detail. - for Microsoft Forefront Identity Manager 2010

ORACLE PROJECT PORTFOLIO MANAGEMENT CLOUD

An Overview of the AWS Cloud Adoption Framework

IBM Tivoli Service Desk

Brochure. Information Management & Government. Archive Data in the Largest Private Cloud. Micro Focus Digital Safe

ORACLE FUSION FINANCIALS

Accelerate GDPR compliance with the Microsoft Cloud Henrik Mønsted

IBM Data Security Services for activity compliance monitoring and reporting log analysis management

Gain strategic insight into business services to help optimize IT.

Pinnacle Data Integration Services

Improving Information Security by Automating Provisioning and Identity Management WHITE PAPER

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

Transcription:

Compliance Solutions from Novell Insert Presenter's Name (16pt) Insert Presenter's Title (14pt)

Issues Driving the Compliance Need

Dealing with Compliance Requirements It's All about Balance Flexibility Control Move at the speed of business requirements Less compliance cost burden 3 Confidence in meeting compliance objectives

Different Stakeholders Different Needs to Balance Finance IT Audit Security CFO CIO/CTO Internal Audit CISO What keeps me up at night? Needs to prevent financial and reputation damage 4 Needs to protect sensitive data, enforce regulations, stay aligned to business needs Needs to manage the cost and resources of required audits Needs to have enterprise-wide visibility to threats that may impact the business

Moving to the Cloud Makes It Harder To Balance Flexibility/Control while Staying Compliant Percent of enterprise workloads that will run in physical, virtual and cloud environments by 2015 Novell estimates based on IDC and Gartner data 5

Striking the Balance Is Hard Enough Fixing Manual Processes Needs to Be Done First Governance, Risk and Compliance (GRC) remains an intensely human effort. Two-thirds of budget are earmarked for people-related expenses (services plus head count). AMR Research 6

Manually Managed Compliance Drives Questions on How to Improve Operations How do I move away from spreadsheet-driven compliance and audits? Is there a better way to collect all the logs I need for an audit? How do I monitor access to critical systems, particularly in UNIX/Linux environments? 7

Solution Capabilities and Benefits Address Customer Challenges

Identity and Security Capabilities Identity and Access Compliance Security User Provisioning and Compliance Assurance Real-time Security and User Activity Monitoring Simplified Secure Access Continuous Compliance Log Secure Cloud Access 9

Identity and Security Capabilities Identity and Access Compliance User Provisioning and Compliance Assurance Simplified Secure Access Continuous Compliance Security Real-time Security and User Activity Monitoring Log Secure Cloud Access 10

The Identity-Infused Enterprise Core to Enterprise Security and Compliance User Provisioning Secure Access Compliance Assurance Identity Security Monitoring and Remediation 11 11 Log Continuous Compliance

Novell Compliance Capabilities to Fit Your Needs Achieve Continuous Compliance Drive to Compliance Assurance Novell Access Governance Suite Novell Sentinel Log Manager Novell Privileged User Manager Novell Compliance Platform Novell Compliance Platform extension for SAP environments Continuous Compliance Compliance Assurance Manual Processes Spreadsheet-driven compliance Manually collected audit logs 12 Identity and security integration with access controls Tight integration with access control and identity management Full visibility to IT risks No infrastructure holes or silos Identity and security integration Compatibility with IT GRC management for big picture view

Novell Compliance Capabilities Address Customer Challenges Compliance Assurance Challenges Addressed Efficiently address short-term auditing and reporting requests Automate system logs for compliance 13 Continuous Compliance Compliance Assurance Manual Processes Operate across heterogeneous environments

Compliance Assurance Are You Ready for Your Next Audit? Major Audit Flags Inability to certify that the right people have the right access to sensitive information Novell Access Governance Suite Inability to track who is logged into sensitive accounts, and when they log in Novell Sentinel Log Manager Inability to track the activities of people once they are logged into sensitive accounts or applications 14 Novell Solution Novell Privileged User Manager

Novell Access Governance Suite Simplifies how access to information resources is governed and certified, helping enterprises strike the balance between agility and control Novell Roles Lifecycle Manager Novell Compliance Certification Manager Simplifies how user access is managed, giving visibility to patterns and logical groupings Provides a complete, enterprise-wide view of access data, so you know exactly who has access to what Provides an automated process to ensure access is appropriate and compliant Provides access metrics to ensure roles are used effectively Streamlines the review, certification and reporting process Novell Access Request and Change Manager Provides a single business-friendly interface with embedded governance (approvals, policy checks, escalations) through which organizations can request and approve access rights By enabling self-service access requests to the line of business, enterprises can lower IT administration costs and streamline access delivery while maintaining compliance 15

Novell Compliance Capabilities Address Customer Challenges Continuous Compliance Challenges Addressed, monitoring and enforcement of IT controls Visibility to who has access to what 16 Continuous Compliance Compliance Assurance Manual Processes Ability to manage and mitigate risks before they impact business objectives

Continuous Compliance Knowing and Responding to What Is Going on in Your Enterprise Who is doing an activity? Identity Identity + Security Information and Event Monitoring What is the activity? Security Information and Event Monitoring Who is doing what? Knowing who is doing what is key to answering the questions Should they be doing it?, and if not, Can I stop them? 17

Continuous Compliance Why Does It Matter to You? 45% of security breaches are from those with no existing relationship with the enterprise to strike the balance, you need to put in place the other 55% come from insiders or business partners From people you have to give some level of trust Governance Processes Controls Roles / Relationships But how do you manage these? Through continuous compliance by knowing who's doing what Notes: Statistics derived from Verizon Business breach report, 2008 18

Continuous Compliance Multiple Paths to Meeting Your Strategic Goals Novell Compliance Platform 19 Novell Sentinel Novell Identity Manager Advanced Edition Novell Sentinel Log Manager Novell Identity Manager Standard Edition

Continuous Compliance Partnering with GRC Firms Like SAP SAP Business Objects Provides risk analysis and compliance processes across the enterprise Control user access within SAP applications Manage process for compliance and risk remediation Continuous controls monitoring for applications Compliance Platform Enterprise-wide control enforcement (passwords, rights, roles) Automated and enforced business security process Continuous controls monitoring of user access to enterprise resources The joint solution extends identity and security information across the enterprise 20

Novell Compliance Capabilities Address Customer Challenges Compliance Assurance Challenges Addressed Efficiently address short-term auditing and reporting requests Automate system logs for compliance Operate across heterogeneous environments Visibility to who has access to what Ability to manage and mitigate risks before they impact business objectives 21 Continuous Compliance, monitoring and enforcement of IT controls Manual Processes Challenges Addressed Compliance Assurance Continuous Compliance

Novell Compliance Solutions Customer Testimonials To make an SAP hosting solution viable, we absolutely needed to make the security watertight. Novell Compliance Platform enabled us to integrate powerful identity and security management capabilities, allowing customers to manage access rights for their own users with ease Warren Small, Managing Director, Basis One Novell Access Governance Suite will help us dramatically improve security with the ability to display complex reports in a user-friendly web interface. Too much information is overwhelming. When we make reports easier to review, we make it easy for business managers to certify users' access rights on much more regular basis. Mark W. Pfefferman, Assistant Vice President and Director, Identity and Access, Western and Southern Financial Group 22

Novell Compliance Overall Solution Benefits Turn risk management into a strategic asset Manage risk with real-time proactive prevention Bridge business processes and IT, including SAP environments Improve internal and external transparency across the enterprise Minimize security breaches, especially from privileged users Create a legally defensible environment Drive higher ROI with streamlined compliance efforts 23 Automate compliance-related processes Leverage existing investments in SAP systems Better manage privileged users to avoid costly audit violations Lower cost implementation

An Industry-Trusted Solution

An Industry Leader Novell is a recognized leader in: Provisioning Enterprise single sign-on Security information and event management (SIEM) User Provisioning SIEM Enterprise Single Sign On 25 Web Access

An Industry Leader Novell s individual products in IAM, SIEM, and security management can be effectively combined to create solutions to solve business problems. Companies will find that this approach can be very effective in meeting regulatory compliance demands. Sally Hudson, IDC 26

Nearly 6,000 Customers Agree 27

A Complete Solution

World-Class Partners And Services Support Deployment Training Partners More than 500 training partners Classroom training and self-study kits Online and on-demand training Customized training Systems Integrators Risk and compliance assessment Identity and security strategy Customized development Project management Support Partners 29 Industry awards and recognition More than 25 years of experience Global support centers and field teams High level, customizable services

Key Partnerships Global Strategic Partners Systems Integrators 30

www.novell.com/identityandsecurity 31

Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Appendix

bwin Global Gaming and Entertainment Website Novell Sentinel gives us all the tools we need to identify anomalies, detect intrusions and meet the log monitoring and auditing requirements of the PCI-DSS. Novell Sentinel has improved our ability to monitor and correlate security incidents, enabling us to take a more proactive approach to network security and helping us to demonstrate compliance. Oliver Eckel, Head of Corporate Security Challenge A leading provider of online gaming entertainment in 27 different languages Millions of customers, hundreds of applications and databases Inefficient PCI-DSS compliance management on a departmental basis Needed an automated, centralized solution for monitoring and managing multiple security log files 35 Solution Results Deployed Novell Sentinel across Microsoft Windows, Sun Solaris and Oracle environment Centralized monitoring into a single corporate function Created a single viewpoint for all security events Implemented Sentinel Advisor module for centralized security intelligence Centralized and automated network security monitoring and reporting Reduced time and effort involved in PCI-DSS compliance initiatives Enabled more proactive response to emerging security threats

Handelsbanken Major Nordic Corporate and Consumer Bank As well as the identity management engine itself, we needed a solution that would enable us to create a repository to handle roles and provisioning. Of all the solutions on the market, only Novell Identity Manager was sufficiently mature in both of these areas. Qamilla Syk, Operations Manager Challenge One of the largest banks in the Nordic region with 10,770 employees Deployed Novell Identity Manager to create a master repository of all user data No central repository for user information Synchronized user data across multiple systems, including legacy mainframe applications Identity information stored across multiple systems Needed to comply with financial regulations such as Basel II 36 Solution Novell Sentinel provides holistic view of all security and compliance activities Results Created a structured approach to identity management Increased control of roles and access rights throughout the organization Enabled employee self-service via a portal, reducing IT workload Improved IT auditing capabilities, facilitating regulatory compliance

Telecom Italia Italy's Largest Telecommunications Service Provider Novell Sentinel has given us for the first time the ability to monitor our entire network infrastructure. With the ability to channel all security events into a single view, it is much easier to analyse the root causes of problems and respond with the most appropriate actions. Giovanni Ciminari, Security Solutions Manager Challenge 37 Solution Results Company provides telecommunications services to more than 20 million customers Deployed Novell Sentinel on clustered Sun servers, capable of processing 3,000 events per second Five different systems providing security monitoring for different parts of the company Deployed Novell Sentinel agents to monitor firewalls, anti-virus software and operating systems Standardizing processes across all group companies to increase efficiency, reduce costs and facilitate regulatory compliance Built custom agents to monitor its GSM mobile networks and protect against denial of services attacks Comprehensive security coverage with a single point of control Faster response to security issues across the network In a single month, Novell Sentinel registered 120 million events and managed 800 security incidents Reduced workload for security monitoring team by 50 percent Simplified compliance with Italian government regulations

Catholic Healthcare West Eighth Largest Hospital System in the US Before implementing the Novell solution, we provisioned users in a hundred different ways. We didn't think we could streamline this process without substantially increasing our staff. With the Novell solution, we have a high quality, yet cost-effective solution that actually frees up much of our staff to work on other projects. Eric Leader, Chief Technology Architect Challenge Results 40,000 employees across 40 locations Consolidated its directories to centralize user management User identities in 1,400 separate applications on multiple platforms Enabled provisioning to grant users immediate access to applications Improve speed of user access Synchronized passwords between applications Simplified user access with a single ID and password Laid the foundation for complying with SarbanesOxley, HIPAA and other regulatory requirements Improved regulatory compliance with timely audits and immediate deprovisioning Increase security and compliance with regulatory requirements 38 Solution Centralized and automated identity management for 20,000 users Reduced user administration time by 70 percent Anticipated cost savings of US$1.5 million

Novell Compliance Platform Tightly integrated compliance and governance solutions Novell Access Manager Novell Identity Manager Solutions Novell Sentinel 39

Novell Access Governance Suite Business-driven accountability, visibility and certification Novell Compliance Certification Manager Novell Roles Lifecycle Manager Novell Access Request and Change Manager 40

Novell Privileged User Manager Allows enterprises to control, track and audit superuser access to UNIX, Linux and Windows hosts. Cross-platform Privileged User Centralized Policy Allows organizations to centrally define what commands users are authorized to run, at what time and from what location Allows enterprises to manage their entire UNIX, Linux and Windows server infrastructure with a single, easy-to-use tool Ensures consistent enforcement of security policies across UNIX, Linux and Windows systems Generates detailed logs of user activity for proving compliance Seamlessly integrates with Novell Identity Manager, Novell Access Governance Suite and Novell Sentinel Simplifies rule and policy creation through a flash-based, drag-and-drop interface Real-time Risk Analysis Conducts a real-time risk analysis of user commands as they are typed, reducing the time between command execution and discovery Provides color-coded risk ratings of all typed commands for easy identification of potentially harmful activity Gives auditors a system-wide view of user activity through key stroke logs and recorded session play back 41

The Two Technologies That Really Matter Identity 42 and Cloud

Risk to the Enterprise Is Rising Security Breaches Compliance Violations Growth Challenges Identity Theft Privacy Concerns Significant Risk, Cost and Exposure 43

Security The Primary Concern for Cloud Computing Question: Rate the challenges/issues of the cloud/on-demand model (1=not significant, 5=very significant) Percent Responding 3, 4 or 5 Security Performance Availability Hard to integrate with in-house IT Not enough ability to customize Worried cloud will cost more Bringing back in-house may be difficult Not enough major suppliers yet Source: Frank Gens and IDC Enterprise Panel, 2009 44

Novell Identity and Security Application Layer Integrating with SAP Infrastructure Business Applications IT GRC Access Governance Role Lifecycle Access Certification Infrastructure Layer Identity Identity Vault Identity Integration and Synchronization Provisioning and Workflows Reporting Delegated Administration Self-service Administration Access Access Request and Change Security Information and Event User Activity Monitoring Remediation Privileged User Authentication Event Correlation and Reporting Authorization 45

Intelligent Workload Intelligent workload management enables IT organizations to manage and optimize heterogeneous computing resources in a policydriven, secure and compliant manner across physical, virtual and cloud environments to deliver business services for end customers. 46 Intelligent WORKLOAD

The Customer Challenge: Manage a Siloed Infrastructure Internal Cloud (On-Premise) Governance and Compliance Governance and Compliance Governance and Compliance IT Service IT Service IT Service Business Service Business Service Business Service Physical Virtual Cloud Firewall 47 External Cloud (Off-Premise)

Intelligent Workload : From Silos to Services Internal Cloud (On-Premise) External Cloud (Off-Premise) Build Secure Governance and Compliance Firewall IT Service Manage Measure Business Service Physical 48 Virtual Cloud

WorkloadIQ : Integrating Identity to Turn Silos into Services Security and Compliance Security and Compliance General Purpose Operating System IT Service Business Service Isolated Identity Awareness 49 Purpose-Built Operating System IT Service Business Service

WorkloadIQ: Services Novell Services and Partners 50

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback