Identity & Access Management / Governance is Key to Information Security

  •  TYPE: Track   DATES: May 14 - May 15, 2014
Conference Tracks

It never has been more obvious that Identity & Access Management/Governance (IAM/IAG) are the prerequisites for Information Security. Tax data theft in Swiss banks, with data being sold afterwards to the German state; the excessive access Edward Snowden had to documents; the excessive access Bradley Manning had to documents: these and many other incidents such as data loss, industrial espionage, or successful cyber-attacks stand for the need for better IAM/IAG. However, there is more: The daily trouble in many organizations when users do have access to systems and information they need; the ever-increasing audit pressure; the administrative costs of managing users and access entitlements manually; the need for managing access not only to on-premise applications but also the Cloud: It is about having IAM/IAG in place.

IAM/IAG is more than Directory Services, Identity Provisioning, or Access Governance. It is about a number of disciplines, with new hot topics emerging in these days, such as Privilege Management or Cloud IAM. It is about strong authentication of users and the ability to support BYOI (Bring Your Own Identity), enabling business partners and customers to rely on identities they already have. The new ABC (Agile Businesses: Connected) increases the IAM/IAG challenges. The “Identity Explosion”, a term Martin Kuppinger introduced back at EIC 2012, is a reality today. Organizations have to deal not only with their employees, but with business partners, customers, prospects, leads, etc. Instead of some Thousand or maybe some Hundred Thousands of users, it is about millions of users now. That all changes the IAM/IAG challenges and it changes the role of IAM/IAG for organizations. There is no way to open up your organization to deal with all these new users, without a strong IAM/IAG foundation. There is no way to become and stay compliant and secure (which not necessarily is 100% the same) without IAM/IAG in place. IAM/IAG is a key success factor within Information Security. It is a key success factor for today’s agile, connected businesses.

This track combines IAM/IAG strategy-related sessions.

Moderators:

Tracks:

The Future of Corporate IT

Sessions:

Strategic IT Planning: Foundations, Controls, Processes

Date: Wednesday, May 14, 2014 Time: 11:00-12:00 Location: AUDITORIUM

Strategic IT Planning: Foundations, Controls, Processes
The worst thing that can be done in IT is investing in “panic mode”. That typically happens when Information Security incidents happen. The second worst thing is having investments driven by specialists that are focused on a particular problem or system. That happens without well thought-out IT planning. The third worst thing is investing in the wrong technology because the business problem wasn’t understood. In this session, Prof. Dr. Sachar Paulus will share his knowledge...

Bridging the Gap between Business and IT: How to Translate IT Wording into Business Language
This panel is about discussing how to translate business wording such as technical resource names - "EX12FIN" – into business language: "Expense System for non-managers". Many IAM/IAG projects struggle with doing that translation. The panelists will discuss the need for mapping IT wording and business language where to do it who has to do it how to do it efficiently Bridging that gap means setting up an IAM/IAG organization that spans business and IT people. Thus,...

Identity Governance in Merge/Split Processes
In the financial sector, like in many other industries, change has become the new normal, with mergers and splits as a regular concern not only for modern banks.  Successfully managing a merging or splitting project involves not only technology and processes, but also people and governance.  A well planned and properly managed identity governance plan could drive those changes in a cost and time effective project where technology supports decisions and gives dynamism. ...

The IAM/IAG Organization that will Make your Project Succeed

Date: Wednesday, May 14, 2014 Time: 12:00-13:00 Location: AUDITORIUM

The IAM/IAG Organization that will Make your Project Succeed
How does the IAM/IAG organization look like that will make your project succeed? Do you need to split governance and execution? What about the business-facing layer of Access Governance and the technology-facing layer of Identity Provisioning – to you need to split your organization here as well? What about the management of users and access at the system level? How to handle this, how to integrate the Active Directory administrators and the SAP security professionals? Is IAM something...

Identity Management as Strategic Driver - A Bank´s Journey to the Cloud
Being one of the largest Google Apps customer and having integrated IT Risk, Fraud & Security in a single department has provided a new vision of how to leverage our experience to design and deploy new security services. Security not only enable new digital services but propose and promote new solutions to the business. Our view and experience in Inside and outside federation, Level of Assurance Authentication and related Authorization States, efficient Authentication of RESTful...

2020 Vision - IAM for the Next Decade
As attacks become more difficult to detect and defend against, it is clear that no organization is immune from security breaches, and the threats will only continue to grow. In response, we anticipate a fundamental shift around identity and access management (IAM) as enterprises cope with increased regulatory compliance requirements, insider and external threats, cloud/SaaS integration, and other trends. We also see cloud and mobility changing the way organizations implement user protection,...

IAM/IAG Strategic Planning

Sessions:

IAM/IAG: Balancing Existing Investments with your Future Needs

Date: Wednesday, May 14, 2014 Time: 14:30-15:30 Location: AUDITORIUM

IAM/IAG: Balancing Existing Investments with your Future Needs
Balancing existing investments with future needs – this is a tough challenge to solve. This is even more true for IAM/IAG, where organizations face a number of new challenges such as onboarding business partners and customers, collaborating in industry networks, or managing access to Cloud services securely. Clearly, there is the need of having a big picture in mind, defining a roadmap, and executing this step-by-step, while regularly adjusting the vision, strategy, and roadmap to new...

People, Processes, Solutions: Maturing IAM/IAG at Commerzbank AG
Refering to the core message in the keynote ´Mastering the IAG Challenge´, the focus here is on the main steps to be taken in setting up and maturing an IAM/IAG program. What are the key lessons in such an approach? What does it mean in detail to focus on people, process and only finally on solutions and why is it critical for that focus to be exactly in that order?

Access Governance Vendor Panel

Date: Wednesday, May 14, 2014 Time: 15:30-16:30 Location: AUDITORIUM

Access Governance Vendor Panel
The Access Governance market is maturing – and changing. While there are many vendors now that have a strong offering for IAG (Identity and Access Governance), there are various new features provided by the one or other vendor. Data Governance, Cloud Access Governance, integration of Privilege Management features, Access Inteliigence, etc. Aside of that, there is the more fundamental question of whether the better approach is integrating Identity Provisioning and Access Governance or...

The 5 Critical Tenets of Identity and Access Management
The IAM market is experiencing a renaissance with the emergence of new options for how and where to deploy IAM technology, both on-premises and as a service.  At the same time most organizations are struggling with how to best utilize the IAM solutions they have to manage their changing world of IT infrastructure.  New technologies like cloud and mobile are being mixed...

What Is the Level of Detail, an IAM Solution Must Cover?

Date: Wednesday, May 14, 2014 Time: 17:30-18:30 Location: AUDITORIUM

What Is the Level of Detail, an IAM Solution Must Cover?
The question about the level of detail, an IAM solution must cover, has been around since some time. But more than ever before, it is one of the most challenging questions in many IAM projects. On the one hand, audits are requesting end-to-end coverage (from the user to the individual file, document, folder). On the other hand, the amount of data is growing disproportionately with each implemented level. Some implementations stop the IAM administration at group-level in general in order...

Entitlement & Access Governance: How to do Data Governance Right?
Entitlement & Access Governance defines an approach that combines the cross-system view of Access Governance with system-level management of entitlements. However, there are various ways to keep your data under control. While some vendors address the challenge by expanding their Access Governance solutions, others tackle it from the system and data level. Which approach works better? And for whom? In this discussion, Borja Rosales of Druva and Pervez Goiporia of Oracle will discuss...

Access Governance & Privilege Management

Sessions:

Securing Elevated Privileges: Integrating Access Governance and Privilege Management

Date: Thursday, May 15, 2014 Time: 11:00-12:00 Location: AUDITORIUM

Securing Elevated Privileges: Integrating Access Governance and Privilege Management
Why these two areas can’t be handled separately. How to set up guidelines, processes, and organization to manage privileged accounts through their whole life cycle. How to integrate technically.

Early Check-in with Identity and Access Governance Best Practices

Securely Managing Privileged Users: Selecting the Solution that fits to your Needs

Date: Thursday, May 15, 2014 Time: 12:00-13:00 Location: AUDITORIUM

Securely Managing Privileged Users: Selecting the Solution that fits to your Needs
The KuppingerCole Leadership Compass provides a thorough and comprehensive analysis of the product offerings in a particular market segment. KuppingerCole compares these offerings based and identifies the overall leaders, product leaders, market leaders, and innovation leaders. Furthermore, KuppingerCole provides in-depth analysis per product and additional analytics that show the strengths of products for various customer challenges. KuppingerCole Leadership Compass documents help customers...

Privileged Account Analytics in the Context of Realtime Analytics - Challenges and Benefits
In this discussion between Roy Adar and Martin Kuppinger, we will look at the broader context of cyber-attacks, the structure of some of the known attack scenarios that have been identified, and ways to improve your cyber-attack resilience. Given that privileged accounts due to their highly elevated nature are a logical element in such attacks, monitoring these can be an important element in security strategies. We will put such analytics in the overall context of Realtime...

IAM/IAG Maturity

Sessions:

IAM/IAG Maturity Levels: Introducing the new KuppingerCole Maturity Level Ratings

Date: Thursday, May 15, 2014 Time: 14:30-15:30 Location: AUDITORIUM

IAM/IAG Maturity Levels: Introducing the new KuppingerCole Maturity Level Ratings
In this session, Martin Kuppinger will introduce the updated maturity levels for IAM/IAG. This define maturity levels for overall IAM/IAG implementations, but also various disciplines such as Identity Provisioning, Access Governance, Privilege Management, Access Management&Federation&Cloud IAM, and others. He will describe the most important requirements for achieving higher maturity levels and what it needs to at least reach an acceptable maturity levels. You should attend this...

From Chaos to Collaboration – Orchestrating Identity & Access Governance Properly
Identity & Access Governance (IAG) objectives go beyond simple re-certification of user entitlements, and they are involving various stakeholders ranging from business to IT. When dealing with identity data quality issues, risk assessments for resources, threat mitigation or role life-cycle management: Where can automated procedures relieve business officers, and how can responsible stakeholders collaborate in the best way? The panelists will make their proposals how IAG can be...

Maturity Assessment Dos and Dont´s

Date: Thursday, May 15, 2014 Time: 15:30-16:30 Location: AUDITORIUM

Maturity Assessment Dos and Dont´s
Rating the maturity of IAM/IAG programs is not easy. Who is the right one to do such rating? Which input is required? How to you ensure that the rating does not become more complex than the rest of the program? What to look at – what are the Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to look at and how to do it without years-long collection of such indicators? What are the right benchmarks you can use – and who can help you in benchmarking? And which lessons...

IAM/IAG Vendor & Solution Selection Process
Identity and access management software vendor selection is pervasive in corporations, living with the result of the acquisition is no short term affair; you look for a lasting relationship. Martin Waldbauer will describe in his best practice presentation, what the most important steps are to find a solution that really fits and have a productive vendor relationship.

Do's and Don'ts for a Successful Identity Management Project (Manpower)

Date: Thursday, May 15, 2014 Time: 17:00-18:00 Location: AUDITORIUM

Do's and Don'ts for a Successful Identity Management Project (Manpower)
This best practice presentation demonstrates how Manpower were able to successfully implement a process for periodical review and re-certification of user access rights and entitlements to fulfil SOX compliance requirements, within six months. The focus of the presentation is an agile and pragmatic approach from a company and system integrator´s perspective. The presentation covers the following topics: Goals and requirements of the project Selection of partners for the...

A Practitioner´s Recommendations for a Successful IAM Program

Quick Links

Stay Connected

Information

Congress

European Identity & Cloud Conference 2014

Language:
English
Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 13 - 16, 2014 Munich, Germany

Partners

The European Identity & Cloud Conference 2014 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00