How does the IAM/IAG organization look like that will make your project succeed? Do you need to split governance and execution? What about the business-facing layer of Access Governance and the technology-facing layer of Identity Provisioning – to you need to split your organization here as well? What about the management of users and access at the system level? How to handle this, how to integrate the Active Directory administrators and the SAP security professionals? Is IAM something that needs to be handled apart from the rest of Information or IT (Technology) Security?
Having the right organization in place is key to success. Defining responsibilities and accountabilities for guidelines, processes, and technology right will help you in succeeding. Having clear interfaces between various layers and to the business is as important as having a well-defined interface to IT Governance and Corporate Governance.
In this session, Martin Kuppinger will explain his view on the ideal IAM/IAG organization, based on his experience from a vast number of advisory projects and customer feedback.
Being one of the largest Google Apps customer and having integrated IT Risk, Fraud & Security in a single department has provided a new vision of how to leverage our experience to design and deploy new security services.
Security not only enable new digital services but propose and promote new solutions to the business.
Our view and experience in Inside and outside federation, Level of Assurance Authentication and related Authorization States, efficient Authentication of RESTful calls, tokenization, mobile security authorization app, risk based authentication, research on new detection algorithms applied to fraud and authentication risk.
As attacks become more difficult to detect and defend against, it is clear that no organization is immune from security breaches, and the threats will only continue to grow. In response, we anticipate a fundamental shift around identity and access management (IAM) as enterprises cope with increased regulatory compliance requirements, insider and external threats, cloud/SaaS integration, and other trends. We also see cloud and mobility changing the way organizations implement user protection, with threat-aware Identity and Access Management becoming the key line of defense of the organization´s multiple perimeters.
In this session, Ravi Srinivasan, Director, IBM Security Strategy and Product Management, and Martin Kuppinger will discuss these emerging security trends and approaches you should consider to improve your IAM security posture for the next decade.