Identity Governance & Administration

  • TYPE: Expert Talk DATE: Thursday, May 16, 2019 TIME: 14:30-15:30 LOCATION: WINTERGARTEN
Expert Stage Part IV


The challenges companies face today due to the volatile innovation speed of IT, new business ideas and increasing requirements from law or regulatory authorities can only be met when companies will use best-practices. We believe that companies will not have the time and resources to invest too heavily into custom built solutions because otherwise the future challenges of the markets will not be met.

Best-practices are to be understood as means to build a solid foundation in terms of basic technologies, processes and interfaces. Using best-practices means benchmarking every requirement against similar existing solutions. When using best-practices accordingly they deliver operational stability, transparency for administrators, users and audit. In short: best-practices can build the foundation to enable an agile approach to all technical and regulatory issues on the horizon. Best-practices enable a path to the future.

To make this happen in our industry – and not only in single projects but overall - product companies as OMADA and consulting companies must embrace this idea and help the customers with new ideas.

IdentityPROCESS+ is Omada’s best-practice answer for IGA processes. It is a process framework build based on customer interaction and proven success. Of course, there will always exist use cases not covered by IdentityPROCESS+. But this is not the vision. A best-practice approach heads for an 80% coverage leaving enough options for doing adjustments or the integration of new technologies earlier than a standard is available.

IdentityPROCESS+ and successfully proven implementation concepts and methodologies enable customers to benchmark the requirements against best-practices. This finally leads to getting rid of old habits and practices to recharge and enable the company to attack the challenges by starting from a solid position.
Risk management, of course, is another key management discipline which is much easier when using standards or proven best-practices.

OMADA believes that the competition, as well as most companies, can accept the topics addressed in IdentityPROCESS+ as valid best-practices even if the solution partly differs from company to company. Hopefully the industry evolves to a best-practice standard approach to ease the challenges to come for our customers.

Key takeaways:

  • Increase awareness of the need of best-practices
  • Increase knowledge about existing best-practice IGA process framework
  • Understand the interplay of using best-practices and solving innovation challenges
  • Get arguments to move to more best-practices and standards in own company


Ph.D. in physics from TU München. 20+ years in cross-functional IT functions as CISO, CIO and consultant focussing on the business-IT transition. He initiated and took responsibility for several IGA and security projects in different companies, now working as a senior business advisor...

Access certification is the process of validating access rights within systems. This compulsery process is at the cornerstone of most of the security policies and

compliance framework; however, it can be a very daunting process for some organizations with dispersed systems, workforce, and partners which do not have tools, resources, and a centralized identity directory. With access certification, organizations and regulations aim to formally validate users within systems and ensure their access rights are appropriate.

Access certifications are no longer limited to reviewing an IAM role model. Both digital transformation initiatives and new compliance constraints such as GDPR raised the need to deploy access certifications campaigns accross the company to migitate new risks: Who can access to personal data? Who can leverage privileged accounts? Are those SoD risks properly mitigated? Are those third party managed systems access rights aligned with the security policy?, ... Long story short: Access certification is a clever way of industrializing controls to mitigate risks and ensure compliance.

This raised new challenges: How to be able to review any kind of information, whether or not it is managed through a legacy IAM system, and more importantly, how to make those acess certification campaigns work, given the fact that a business user will spend no more than 3 minutes to review thoses entries...

During this conference, we will describe a framework used to successfully deploy access certifications campaigns within months and we will demonstrate through a live demo that it is possible to efficiently review 2000 entries within 3 minutes with the help of Identity Analytics algorithms.

Key takeways:

- An actionable framework to successfully deploy access certifications campaigns

- An inovative way of reviewing thousands of entries within minutes

- Access certification interfaces that business users love


Sebastien Faivre is co-founder and CTO of the Brainwave company. He owns a Master 2 degree in telecommunication. He is a seasoned IAM professional with more than 20 years working in the cyber-security space, prior to Brainwave Sebastien used to work as Product Manager, Presales Director, VP of...


After completing BS in computer science in 2001, Erkan joined Alcatel and oversaw complex transformation projects in Europe and MEA. Joined Kron as a founder in 2007. After completion of his MBA he was appointed as the CEO of Kron , the maker of Single Connect PAM suite, and oversaw global...

Log in to download presentations:  


Session Links

Munich, Germany


European Identity & Cloud Conference 2019

Registration fee:
€2100.00 $2625.00 S$3360.00 23100.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 14 - 17, 2019 Munich, Germany