Identity & Access Management Unlocking the Business Value

Similar documents
Identity & Access Management Enabling e-government. Identity & Access Management (IAM) Defined

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

CHOOSE THE RIGHT IDENTITY & ACCESS MANAGEMENT SOLUTION

<Insert Picture Here> Externalizing Identity

Identity Management Solutions for Oracle E-Business Suite. An Oracle White Paper January 2008

Information Systems Strategy

Believe in a higher level of IT Security SECUDE Business White Paper. How to Improve Business Results through Secure Single Sign-on to SAP

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Identity Governance and Administration

Enterprise Architecture and COBIT

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

The SAM Optimization Model. Control. Optimize. Grow SAM SOFTWARE ASSET MANAGEMENT

Simplify and Secure: Managing User Identities Throughout their Lifecycles

Buyers Guide to ERP Business Management Software

Identity and Access Management. Program Primer

Achieve Powerful Business Benefits by Streamlining Document Workflows

Building a Roadmap to Robust Identity and Access Management

GDPR: Centralize Unstructured Data Governance Across On-premises and Cloud

Enterprise Collaboration Patterns

BT Identity and Access Management Quick Start Service

Fujitsu Workplace Anywhere Delivering a service as mobile as your people need to be

Oracle Identity & Access Management

EXECUTIVE VIEW. NetIQ SecureLogin. KuppingerCole Report. by Martin Kuppinger April by Martin Kuppinger

DE-RISK YOUR INVESTMENT IN AN INFORMATION MANAGEMENT STRATEGY.

How Can I Better Manage My Software Assets And Mitigate The Risk Of Compliance Audits?

Entitlement Management

Oracle Identity und Access Management

Information Lifecycle Management Solution from IBM

Aladdin etoken Market Trends and Opportunities

NSW DIGITAL GOVERNMENT STRATEGY. digital nsw DRIVING WHOLE OF GOVERNMENT DIGITAL TRANSFORMATION DESIGNING IN OUR NSW DIGITAL FUTURE

Solutions. Cash & Logistics Intelligent and Integrated Solutions to Optimize Currency Levels, Reduce Expenses and Improve Control

SOA Governance is For Life, Not Just a Strategy

Session 2B Application of Robotic Process Automation on Actuarial Function. Pu Sheng, FSA

Open the door and unlock opportunities with the Cisco Services Icebreaker Program. What s hidden in your Cisco Installed Base? TD Azlan, Services

Brainwave USER ACCESS REVIEW CERTIFICATION AND RECERTIFICATION IN A NUTSHELL

Embedding Operational Risk

LICENCE TO PRINT Computacenter helps organisations minimise costs and maximise productivity with flexible print solutions PRINT SUPPLY

Identity and Access Management

MANAGED PRINT MANAGED PRINT

Fujitsu Workplace Anywhere Delivering a service as mobile as your people need to be

Identity and Access Managementas-a-Service: Protecting Digital Relationships

The Agile Enterprise May 2012

An Oracle White Paper March Access Certification: Addressing and Building On a Critical Security Control

CHAPTER 3 ENTERPRISE SYSTEMS ARCHITECTURE

Enterprise Architecture Development

Purchase to Pay One process, one solution

Who s having an identity crisis?

BUYER S GUIDE. Identity Management and Governance

Do You Have a Winning Hand? Driving Total Value of Ownership through Strategic Procurement

Translate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.

Spend Under Management. Key Process Indicators (KPIs) to Guide Your Journey

Fulfilling CDM Phase II with Identity Governance and Provisioning

SOLUTION BRIEF RSA IDENTITY GOVERNANCE & LIFECYCLE SOLUTION OVERVIEW ACT WITH INSIGHT TO DRIVE INFORMED DECISIONS TO MITIGATE IDENTITY RISK

EMEA TMC client conference Developing a tax technology architecture. The Crystal, London 9-10 June 2015

October, USDA Identity, Credential and Access Management. Why the FICAM Roadmap is Important!

Alloy Navigator Enterprise 8

How do I remain nimble and efficient?

Information and Communication Technologies Strategic Plan 2016/ /20

Passit4Sure.OG Questions. TOGAF 9 Combined Part 1 and Part 2

Reduce the time & labor to process and archive documents. Reduce document cycle times. Create audit trails of document handling activities

Interagency Advisory Board Meeting Agenda, May 27, 2010

Windows 10: Digital transformation platform

Key Benefits of Novell ZENworks 10 Configuration Management. Enterprise Edition

SAP at Accenture. The Journey of Running Accenture on a Single Global Instance

ForgeRock Identity Management

Buyer s Guide for a User Provisioning Solution. An Oracle White Paper April 2007

Customized Client Onboarding for Clearing Firms with OpenAdvantage From Doxim

Collaborative border management

IT Strategy. Defining the future of IT. David Cawthray Assistant Director: Information Technology v1.

White Paper Describing the BI journey

SOLUTION BRIEF CA MANAGEMENT CLOUD FOR MOBILITY. Overview of CA Management Cloud for Mobility

FINACLE SERVICES: API MANAGEMENT USING CA API GATEWAY

Developing a new model of HR Services

Back to School for Business Services how to get it right?

Released under NSW GIPA Act GIPA Application TRA Page 1

WHITE PAPER. Guiding principles and dimensions of testing transformation

Your Business. The Cloud. Business Cloud.

Architecting an On Demand Enterprise with the Federal Enterprise Architecture (FEA) Andras R. Szakal Chief Architect, IBM Federal Software, S&D

Securing the Future with Physical Identity and Access Management

Information Technology Analysis Hydro-Quebec Management Presentation. October 30th 2004

Quantifying the Value of Software Asset Management

By Tom Bishop, CTO, BMC Software, and Ken Turbitt, global best practices director, BMC Software

The Case for the SIO. A guide to navigate the new challenges of Service Management. kpmg.ca

Accenture Architecture Services. DevOps: Delivering at the speed of today s business

IBM Sterling B2B Integrator

A holistic approach to insurance automation

RICS Facilities Management. 18 March, 2016

The Future of Retail Banking

UNDERSTANDING THE NEED FOR A HELP DESK SOLUTION. How to select the right help desk solution for your organization

Our Corporate Strategy Information & Intelligence

Certified Identity Governance Expert (CIGE) Overview & Curriculum

Western Australian Public Sector Reform The technology dimension of amalgamations

Bank of Ireland. Service Integration as a means to govern a multivendor. 11 th October 2013

IT Strategic Plan

ONECOMMUNITY ENTERPRISE SOFTWARE FOR NOT-FOR-PROFIT AND COMMUNITY SERVICE ORGANISATIONS

SECURE SSO TO OFFICE 365 & OTHER CLOUD APPLICATIONS WITH A CLOUD-BASED AUTHENTICATION SOLUTION

Enterprise Asset Management. Enterprise Asset Management 1

Transform Your Business Content Management Capability

BUYER S GUIDE: CUSTOMER IDENTITY & ACCESS MANAGEMENT (CIAM)

Transcription:

Identity & Management Unlocking the Business Value Accenture, its logo, and High Performance Delivered are trademarks of Accenture.

Unlocking the Value of Identity and Management Defining the IAM challenge today Optimising the value delivered with IAM capabilities Establishing a value-driven IAM transformation journey 2

IAM covers a broad scope of challenges that includes enabling the internal organisation, working with business partners, and servicing customers Identity Lifecycle Management Maintaining an accurate, up to date, accessible inventory of all users, their credentials and information at appropriate levels of trust Identity and Management is the job of understanding the identities that interact with your organisation and enforcing the appropriate access rights Internal Maintaining and enforcing access of internal users to business resources to enable business productivity, provide security and segregation of duties controls Business Partner Maintaining and enforcing access of business partners to various channels to enable business to business productivity and commerce, maintain federated security and appropriate controls Entitlements Credentials Control Customer / Citizen Maintaining and enforcing access of external users to all channels in the organisation to streamline customer or citizen interactions, provide data privacy and minimize fraud Audit & Compliance

There are several business drivers that are placing an increasing number of requirements on an organisation s IAM capabilities Business Driver Description IAM Needs to Growing IT Security Costs Strong pressure to reduce cost Complex security processes Multiple systems & solutions Lots of reporting Drive down costs through Rationalisation Standardisation Reduced fraud Regulatory Compliance within IT Security Mergers & Acquisitions Added compliance & regulatory pressure Still the # 1 reason companies invest PCI, HSPD-12, etc Increased M&A activity driving I&AM. Provide a truly auditable information access solution Provide strong top-down control over access of different user types. Integrate existing IA&M solutions and drive down associated costs. Risk of Security Breach Need to balance the risk Security breaches continue to be costly (fines, reputation, publicity) Provide strong access management controls Minimise the risk of security breaches Provide irrefutable information to authorities. Enabling New Business Capabilities Everyone is looking to reduce cost, organisations need an edge. Ability to quickly partner with other organisations Support new business capabilities through integration of business partners, suppliers or client firms. 4

The evolution of Information Technology is making it increasingly challenging to effectively deliver IAM capabilities Resources The complexity of IAM is increasing significantly as a result of the growing number of identities that an organisation has to manage in conjunction with the increasing number of resources to which an organisation must control access. # of In recent years there has been an explosion in the number of digital identities that an organization is required to manage. Mainframe Desktops Email Web Applications ecommerce Business Partners Citizens Customer Mergers and Acquisitions Globalization # of Resources The number of resources, assets and data requiring protection has increased dramatically. Directories to core directories and networks Infrastructure to physical assets, servers & databases in the environment Structured Data Entitlements to structured data within applications Applications Coarse grained access to applications across the enterprise Remote Unstructured Data to unstructured data across the enterprise Opening of Borders Cross Channel Scope of IAM Evolution of IT 5

Many organizations today have implemented a variety of different IAM solutions in an attempt to address specific pain points Meta-Directory Self Administration Kerberos PKI Biometrics Provisioning Virtual Directory Help Desk Password Sync Passwords Smart Cards LDAP Directory Tokens Customer Database esso Web SSO Federation CRM Asset Inventory Entitlements Credentials Control VPN AuthZ Payroll Business Partner Audit & Compliance Procurement RBAC HR Control Lists Certification Distributed Auditing Delegated Administration Self Administration 6

Unlocking the Value of Identity and Management Defining the IAM challenge today Optimising the value delivered with IAM capabilities Establishing a value-driven IAM transformation journey 7

High performing organisations maximise the value of their IAM investment by developing strong IAM capabilities that are well aligned with the needs of the business Well Aligned Needs help: Assessing and standardising existing capabilities Decommissioning redundant IAM systems FRAGMENTED Redundant processes and technologies implemented throughout the organisation Custom solutions often baked in to applications OPTIMIZED Rationalised identity services optimised for business needs High levels of integration with users and applications across the organisation Needs help: Evaluating emerging technologies Strategy & release planning Evaluating cost containment tactics Needs help: Business Alignment Program mobilisation and capability planning Building out IAM core services Loosely Aligned UNSTRUCTURED Lack of focus and priority by business and IT leadership Limited IAM capabilities based on antiquated and/or inadequate solutions Immature IAM Capability MISALIGNED Over-engineered solutions that struggle to demonstrate value Poorly defined, and/or complex business processes Heavy Infrastructure, and limited application focus Mature Needs help: Business process reengineering Functionality enhancements Communications, Training, and Awareness 8

There are several common opportunity areas to improve IAM capabilities that can increase the value delivered to an organisation Value Levers Example Opportunity Areas Risk & Compliance Implement a cross-organisation Segregation of Duties framework for all business critical applications Reduce the risk of inappropriate use of system level administration access by securing the review and assignment process controls. Increase the trust levels of organizational identity systems by implementing a risk-based approach for identity validation & establishment. Business Value of I&AM Cost Reduction Reduce admin costs such as password reset and access request costs by implementing user self-service and automation of account provisioning activities on for high volume systems. Reduce the annual cost of compliance by standardising access request & review processes. Reduce the cost of service per customer by implementing self service capabilities. Business Enablement Reduce barriers of entry for joint venture & business partner endeavours by enabling federated identity capabilities. Increase competitive advantage with customer base by providing a more personalised and secure user experience. Increase productivity of work force by reducing the managerial time spent reviewing & approving the appropriateness of user access 9

Enhancing IAM capabilities can help with cost takeout initiatives across an organisation Internal Business Partner Customer Identity Lifecycle Management Risk & Compliance The cost associated with storing, maintaining and accessing identity related data and managing the full identity life cycle. Credentials The cost associated with managing the life cycle of credentials and their ancillary support items ( e.g. password reset helpdesk calls). Business Value of I&AM Cost Reduction Entitlements The cost associated with the administration of accounts in an organisation and the financial impact of incorrectly allocated entitlements. Control The costs associated with performing authentication and authorisation checks on users before allowing them access to company resources or data. Business Enablement Audit and Compliance The costs associated with the data collection and creation of reports for regulatory compliance such as Sarbanes Oxley. 10

Rationalising the processes and tools used to manage the lifecycle of identities can help organisations reduce the cost of redundant systems Identity Lifecycle Management Reduce costs of maintaining separate identity lifecycle management process by integrating them into existing business processes Credentials Reduce costs by minimising duplicate credentials through effective management of the core identities that interact with your business Entitlements Automatic role based provisioning aligned to a single view of identity allows productivity to increase as users have access to the right systems to complete their role activities Control Audit and Compliance Reducing the complexity and cost associated with audit activities by understanding the full breadth of actions a single identity can have across a large number of accounts and systems 11

Internally, there are significant cost savings that can be achieved within an organisation associated with annual compliance and high volume help desk requests Internal Credentials Consolidate user repositories to a single logical instance Standardize on a single IAM COTS vendor a negotiate a cross-organisation, full suite license agreement Reduce the development time for new services by standardising and sharing security components Entitlements Control Audit and Compliance Reduce user access administration costs by automating account provisioning activities for high volume systems Reduce IAM support costs by Implementing a lower cost resource model for tier 2 and tier 3 support functions Reduce help desk & password reset costs by implementing user self-service solutions Implementing Enterprise/Web SSO provides decreased re-authentication activities and reduces help desk and password reset costs Reduce the annual cost of compliance by standardising access requests & review processes Automate and streamline manually-intensive access certification processes 12

You can reduce the costs working with partners by leveraging IAM capabilities to establish circles of trust that enables a higher self of governance Business Partner Credentials Entitlements Control Reduce administration costs by allowing suppliers/business partners to manage their own users Reduce the number of credentials that need to be managed by supporting federation capabilities Reduce support and helpdesk costs by automating access request and approval processes Reduce IAM support costs by Implementing a lower cost resource model for tier 2 and tier 3 support functions Increase business partner utilisation by reducing on-boarding times with automated provisioning Reduce the development time for new services by standardising and sharing security components Rationalize existing identity related hardware/software by implementing a common federation service Audit and Compliance Reduce the annual cost of compliance by standardising access requests & review processes Automate and streamline manually-intensive access certification processes 13

Mature IAM capabilities can help reduce the cost to serve customers by enabling user self-service and automated Customer Credentials Entitlements Control Improve single view of the customer and improve productivity by reducing the number of systems sales staff need to access to collect customer information Rationalize existing identity related hardware/software by implementing a common set of shared IAM services for all customer facing applications Reduce help desk call times by automating identity validation processes Reduce help desk calls by enabling user password self-service solutions Reduce user access administration costs by automating account provisioning activities for high volume systems Reduce help desk calls by provisioning the right access first time with automated entitlement provisioning Reduce help desk & password reset costs by implementing user self-service solutions Reduce the development time for new business services by standardising and sharing security components Audit and Compliance Simplify audit activities across systems by standardizing and centralising audit capabilities 14

Unlocking the Value of Identity and Management Defining the IAM challenge today Optimising the value delivered with IAM capabilities Establishing a value-driven IAM transformation journey 15

An approach to delivering value with IAM that is focused on business transformation Business led, not security or compliance led The business has ownership of IAM activities and delivers them in cooperation with the technology stream. The business case is built upon strong and validated metrics and is used to obtain high level management buy-in. A transformation approach focused on delivering a defined set of projects that meet business objectives Discrete projects aligned to business objectives are managed as part of a transformation program. Strict governance is implemented from the outset alongside an industrialized delivery methodology. Process centric, not technology centric All aspects of the solution including the people and process elements are considered, not just the technical side. Simple process improvements can deliver greater value than complex technical systems. Application focused, not infrastructure focused The integration approach is both top-down and bottom-up focused. This approach ensures coverage and impact for the large majority of all applications, not just a few infrastructure systems. It is based upon delivering value and not automating functions without understanding the impact and value that will be realised. Practical solutions, not architectural masterpieces A strong understanding of real business requirements form the foundation for the solution design. Where often solutions are over-engineered to meet non existent requirements, 16

A typical IAM journey will help organisations gain control, reduce costs, and then drive additional value to the business Typical IAM Transformation Journey Risk Cost Business benefit Gain Control & Compliance Reduce Costs Enable the Business Low Medium High Basic governance and process controls put in place to meet compliance requirements Implement solutions to reduce to simple, high volume administration requests (i.e. password reset). Streamlined compliance processes and basic technology tools implemented to reduce manual compliance costs. High volume business processes reengineered and automated as a standard service. Core identity data and hardware is rationalised across the organisation. Focus on leveraging the standardised identity services to enable new business ventures. 17

Organizations must first understand their existing IAM capabilities and evaluate their change initiatives to develop a value-driven transformation roadmap IAM Capability Maturity Model Mature Defined Basic Entitlements Credentials Audit & Compliance Control Understanding the maturity of the existing capabilities is an important step to ensure that full leverage is achieved from the investments made to-date. IAM Project Assessment Business Value Quick Win Project B Project C Quick Win Strategic Project A Project D Misaligned Evaluating the planned, or in-flight IAM change initiatives can help organisations ensure that they are prioritising their investments to maximise the business value delivered. A value driven transformation roadmap provides a comprehensive list of prioritised change initiatives that enable an organisation to deliver incremental value Investment 18

Questions & Comments Dave Ruzicka Office: +61 3 9838 8487 Mobile: +61 413 382 212 Email: david.l.ruzicka@accenture.com

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback