Keynotes

Martin Kuppinger will talk about the short-term and long-term trends in IAM and GRC, looking on what is likely to happen in 2009 and what will change over the course of the following years. He will highlight the move to a business-driven and service-oriented IAM and GRC as well as the impact Cloud Computing will have on IAM and GRC.

Martin Kuppinger will talk about the short-term and long-term trends in IAM and GRC, looking on what is likely to happen in 2009 and what will change over the course of the following years. He will highlight the move to a business-driven and... MORE 

As a horizontal technology, traditional identity & access management (IAM) solutions have been working very well in all kinds of enterprises and organizations. However, IAM provides a much higher potential and is thus acting more and more as an integral security layer in vertical solutions. State-of-the-art examples are the European Services Directive for the public sector, health information systems, electronic patient and case records for the healthcare sector, business partner networks for the car industry or biometric solutions for manufacturing execution systems. Furthermore, all industries have to meet different compliance requirements being subject to a continuously increasing complexity.

Consequently, IAM solutions are mutating from their role as support processes – such as administration processes – to the IT kernel processes. The presentation provides insight to this development by highlighting several trendsetting solution examples.

As a horizontal technology, traditional identity & access management (IAM) solutions have been working very well in all kinds of enterprises and organizations. However, IAM provides a much higher potential and is thus acting more and more... MORE 

Emerging technological and social trends will converge and deliver challenges with far-reaching implications for enterprise security. The IBM Security Outlook outlines the fundamental trends organizations can expect to see in the next several years, the catalysts behind those trends, and the ways in which organizations can identify and strategically balance their risk and opportunity. During this presentation, Ms. Lovejoy will review these trends and their impact, as well as describe practical, common-sense approaches for adressing security and compliance risk.

Emerging technological and social trends will converge and deliver challenges with far-reaching implications for enterprise security. The IBM Security Outlook outlines the fundamental trends organizations can expect to see in the next several... MORE 

With the implementation of an IdM tool, companies establish the central control of access rights administration of internal and external users. Therefore in terms of GRC, the audit of IdM systems is of prime importance. However, auditing means more than just the verification of the IdM’s internal security. By collecting and consolidating all the access rights for a wide variety of different systems and applications, it also provides the answers to a large number of complex GRC questions. The professional management and analysis of configuration and log data enables powerful audits to be performed on your IdM systems, ensuring compliance with your company’s security policies. In other words, Identity Management auditing can be seen as a vital part of your overall GRC strategy, helping to meet major requirements as set out by regulatory laws and standards, and providing vital information for Key Risk Indicators.

With the implementation of an IdM tool, companies establish the central control of access rights administration of internal and external users. Therefore in terms of GRC, the audit of IdM systems is of prime importance. However, auditing means... MORE 

When dealing with websites and online vendors, the price we're forced to pay in order to get differentiated service is to "hand over the data" -- often data that's sensitive, valuable, and personal. It fragments not only the pieces of information that represents us online, and not only our sense of control, but our actual influence over these relationships.

The Vendor Relationship Management movement has captured the imagination of many individuals who want a more equal partnership with their online partners, and many vendors who want to attract customers more successfully. Do "classic" user-centric identity approaches change the balance of power, or just make it easier for us to consent to data-sharing we have no say in anyway? What can developers of open-Internet solutions, with their drive towards simplicity, and enterprise deployers, with their need for robust access and entitlement management, learn from each other? In this talk we'll look at candidate approaches for fostering greater mutual respect among online parties.

When dealing with websites and online vendors, the price we're forced to pay in order to get differentiated service is to "hand over the data" -- often data that's sensitive, valuable, and personal. It fragments not only the pieces of... MORE 

IT managers are now faced with daunting challenges: to reduce costs while managing risk and compliance and at the same time improving organizational flexibility to operate in different ways. Attend this presentation to hear global examples of how new approaches can help meet these challenges.

IT managers are now faced with daunting challenges: to reduce costs while managing risk and compliance and at the same time improving organizational flexibility to operate in different ways. Attend this presentation to hear global examples of... MORE 

Especially in Western Europe we see lots of projects which implement access requests on a very detailed level. All access rights obtained through such processes are approved and by definition valid.

On the other hand, regulations press organizations to establish periodic access certifications. They mean a high workload for managers and data owners. However, the amount of work can effectively be reduced by integrating a validity stamp of access rights stemming from official access requests.

In both approaches roles can further enhance the overall processes with regards to efficiency, security and transparency.

The speech discusses the powerful combination of the proactive access request and aftercare access certifications, where both share a common set of policies, rules and roles.

Especially in Western Europe we see lots of projects which implement access requests on a very detailed level. All access rights obtained through such processes are approved and by definition valid.

On the other hand, regulations press... MORE 

When we talk about "best practice" governance, we are using the same words, but are we all talking about the same thing? When we talk about the convergence of GRC and Identity Management, do we have a common understanding of what they are and how they fit with business processes? This keynote looks at the question "what could an end-to-end business process governance model achieve and what might it look like?".

When we talk about "best practice" governance, we are using the same words, but are we all talking about the same thing? When we talk about the convergence of GRC and Identity Management, do we have a common understanding of what they... MORE 

Governance, Risk & Compliance puts a heavy burden on Business leaders, but much more questions the way that they did the IT department (or external service providers) let implement the business processes. But isn't IT Service Management, just like defined by ITIL, what business should be satisfied with? In this keynote, we will analyse how these two worlds match together and what we have to learn from it.

Governance, Risk & Compliance puts a heavy burden on Business leaders, but much more questions the way that they did the IT department (or external service providers) let implement the business processes. But isn't IT Service Management,... MORE