Roles, Recertification, Access Governance: The Lean Approach

  • TYPE: Workshop DATE: Friday, May 08, 2015 TIME: 09:00-12:30 LOCATION: AMMERSEE I
Friday Workshops

Experience shows that currently implemented solutions and architectures for the management of corporate identities and their access to resources tend to be overly complex, require substantial manual efforts and lack flexibility.

But flexibility is key when organisations of all types face fundamental changes. And it is key especially for both of the above given goals when the only constant factor is change. This includes changing requirements resulting from changing markets, changing business models and product strategies, from changing legal and regulatory requirements and organisational changes from restructuring to mergers and acquisitions.

Swiftly assigning the right access to the right people gets more and more important, and empowering the users’ expertise might be the decisive factor for agile companies succeeding against competitors. Next generation access management and access governance will most definitely look different from today’s existing complex role designs with scheduled access recertification campaigns and provisioning cycles that taken days instead of instantaneous access when required and approved.

This workshop will illustrate that the role of access management and access government is currently shifting from being an “internal IT and administration thing” to becoming a vital component of an overall technology strategy providing an important operational foundation layer for modern businesses, while ensuring security and governance far beyond the requirements by regulators and legislation.

Attendees will learn about:

  • Lean role design principles
  • Attribute-based access control
  • Complementing role design with access risk assessments
  • The deployment of a sureccess automation and access analytics
  • Strategies for leveraging organisational knowledge by empowering the user

To achieve this, the workshop will discuss current trends of developments in access management and governance while providing valuable information for deciding whether to transition towards leaner strategies.


Agenda

9:00 - 10:30

  • Access management, role design and Access Governance: Where we are and where to go
    • Access Governance: Status Quo in different sectors (Financial Industry, Telcos and others
    • Requirements for a next generation access governance
      • Change as the new normal
      • From extended enterprise to the new ABC
      • Changing legal requirements
      • changing business requirements
      • changing markets
      • changing organizations
      • changing business models
      • Flexibility and agility

10:30-11:00 Coffee Break

11:00 - 12:30

    • Understanding different role design approaches
      • Complex, but comprehensive enterprise models
      • Or lean, pragmatic approaches
      • Risk and access criticality
      • Flexibility and agility vs. regulatory compliance
      • Full coverage vs. 80%
        • Access risk assessment as part of the role design process
        • Roles tend to be volatile,
          • Agile role lifecycle managmement
          • Reassess risk

13:30 - 14:30

      • Context, risk and user empowerment
        • Risk based access and dynamic authorization
        • Context based authorisation and authentication
        • Empowering the user
          • Self service access request
          • Re-Approval instead of Re-Certification
          • Ask the expert: Approval by
            • Line Managers
            • System Owners
            • Risk management
          • Attribute-based role assignments
          • Automation and Analytics

14:30 - 15:00 Coffee Break

15:00 - 16:00

    • Best of all worlds: Getting „lean“, „pragmatic“ & „compliant“
      • Gradual transitions
      • Hybrid designs
      • Quick wins
        • Improved security
        • Simplified compliance processes
        • Easy adjustment to changed requirements
        • Direct support for business requirements
Log in to download presentations:  

Speakers:

Dr. Horst Walther, born 1951 in Berlin, works as a interim manager, management consultant and independent technical advisor for more than 30 years. His expertise focuses on the business to technology interface. At KuppingerCole he covers the domain of IAM-processes, roles, rules & policies...


Session Links

Quick Links

Stay Connected

Information

Congress

European Identity & Cloud Conference 2015

Language:
English
Registration fee:
€1980.00 $2475.00 S$3168.00
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
lk@kuppingercole.com
  • May 05 - 08, 2015 Munich, Germany

Partners

The European Identity & Cloud Conference 2015 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00