In this session, Martin Kuppinger will show the KuppingerCole IAM blueprint. This blueprint serves as a high-level architectural view on IAM, mapping use cases, capabilities, and technical building blocks. It helps organizations to understand where to best split the IAM. It helps understanding which building blocks are required for supporting urging business demands and thus prioritizing investments. It helps aligning Enterprise IAM and Consumer IAM initiatives. This big picture provides the foundation for planning and adjusting your IAM programme.
Strategic overview of the Identity landscape and trends. Digital identity used to be mainly revolving around a simple user account, with the objective to claim access to a system. How is digital identity evolving in the technical landscape of today, and how do biometrics, new legislation and new authentication technologies, self-sovereign identity and other elements play together to solve business problems most banks are confronted with?
Some of the practical use cases and scenarios.
As GDPR is officially in place as of May 2018, many organizations have already taken the steps to formalize security requirements and security implementation to effectively comply with the GDPR legislation. This includes putting security controls in place that can safeguard the rights and privacy of the data subjects (the citizens and employees) as well as helping the data controllers and processors minimize the risks of storing and handling sensitive PII (Personal Identifiable Information) data.
This effort spans across different business processes, IT domains, and applications. In order to reach the broad spectrum a requirements and technologies organizations will need to implement a strong data protection program. A vital component in this program is a dynamic access control capability. The purpose of the access control mechanism is to enforce a common, consistent and contextual sensitive access control model across PII data and sensitive transactions.
In this presentation, we will highlight both the business and technical aspects of why and how a dynamic access control mechanism can help organizations, and how policy based authorization can play a key role in a GDPR-driven Data Protection program.
Key Takeaways: