SlideShare ist ein Scribd-Unternehmen logo

Myths, Failures and the Future of Identity Governance

Als PPT, PDF herunterladen
IBM Security
IBM Security

It is a myth that every IT audit has to be both time consuming and costly. When an organization is unprepared for an audit, it often ends in failure, but it doesn’t have to be this way. The future of identity governance is a system that can both provision and audit user access. IBM Security Identity Governance helps maintain strong control over user access to applications and carefully monitor how the entitlements align with business roles and responsibilities. In this presentation, you will learn how to: - Automate compliance checks - Streamline user access reviews - Avoid common mistakes that result in failed audits and frustrated users - Secure your environment from internal threats View the on-demand recording: https://attendee.gotowebinar.com/recording/3811232022107911170

Technologie
1 von 21
© 2015 IBM Corporation IBM Security 1© 2015 IBM Corporation Myths, Failures and the Future of Identity Governance Andy Land Director of Products
© 2015 IBM Corporation IBM Security 2 Myth #1: Identity Governance projects are long and painful  In the past, identity governance projects have been categorized as a long painful process – Weeks/months of meetings and 3rd party consulting fees  Long implementations that rarely get 100% complete  Lots of time spent turning the information into actionable items  Inability to determine “who approved what and when”
© 2015 IBM Corporation IBM Security 3 A Business-Centric Approach Can Have Governance in Place in a Matter of Months Rather Than Years  Business-centric activity based roles can speed up the processes  The right governance solution can bring intelligence out of the box  Bridging the communication gap facilitates collaboration between necessary parties  Ability to translate audit rules into actionable controls  When implemented, automation and repeatability speed up the processes
© 2015 IBM Corporation IBM Security 4 Myth #2: IT and the Audit Team Speak the Same Language  IT and audit are often speaking very different languages – Auditors speak in business-centric languages – IT staff speaks with specific IT entitlements  Who “owns” Identity Governance?  C-level executives are often not aware of the language barriers and need answers to seemingly basic questions – Do our employees have access to the proper applications?  CISO, CRO, Application Managers, IT Managers, Auditors and LOB Managers often hold one piece of the puzzle but not the entire picture – “The Pain Chain”  Lack of insight to guide user access approval and recertification decisions
© 2015 IBM Corporation IBM Security 5 The Right Identity Governance Solution Can Transform IT Lingo into Business Language  The “Rosetta Stone”  Identity Governance can help Business users and IT Staff communicate on the same terms  Business Activities provide layman’s terms for entitlements – Critical for Separation of Duties  Helps management and end users to definitively certify access
© 2015 IBM Corporation IBM Security 6 Myth 3: Everyone Loves Spreadsheets  Identity Governance is normally a maddening array of spreadsheets created by auditors  Spreadsheets get lost, are hard to keep consistent and make life difficult for those using the data  Role analytics and optimization are much more difficult on a spreadsheet than a dynamic visual map  One centralized solution would save significant time and energy
© 2015 IBM Corporation IBM Security 7 The Right Identity Governance Solution Can Transform These Spreadsheets Into Actionable Processes and Controls  Decreased time from information to action  Makes the auditor and IT staff lives easier  Dynamic role mapping capabilities provide the necessary information for role optimization  End users can now “see” SoD violations and make educated decisions  Capability to tie business activities to enterprise risk
© 2015 IBM Corporation IBM Security 8 Role Modeling Role Modeling Define SoD on Roles Define SoD on Roles Entitlement Collection Entitlement Collection Role Based SoD  Design Roles, then set SoD rules  Requires IT and Business to agree  Where did it work? Myth #4: You Need Roles to Define Separation of Duties Anxiety level
© 2015 IBM Corporation IBM Security 9 Role Modeling Role Modeling Entitlement Collection Entitlement Collection Activity Based SoD Activity Based SoD Activity Based SoD  Roles are only for granting access  SoD design does not require Roles  IT and Business do not need to agree A New Activity Based SoD Anxiety level
© 2015 IBM Corporation IBM Security 10 Myth #5: Compliance is the Only Reason for Identity Governance  Identity governance has been traditionally viewed as a check mark – Pass Audits – Remain regulation compliant  This mindset ignores the fact that the “identity” can be the gateway into an organization and can leave businesses susceptible to breaches if not properly governed
© 2015 IBM Corporation IBM Security 11 Identity Governance Should Provide Controls Against Insider Threats  Improper levels of access have been involved in many breaches – Intentional malicious activity (Insider threat) – Accidental (Well intentioned users doing the wrong things)  Orphan accounts are the perfect target for hackers  With mobile employees, contractors, business partners and consultants, it has become increasingly more important that users have access to the proper applications and entitlements
© 2015 IBM Corporation IBM Security 12 Failure #1: The 91 Day Audit Cycle  Repeating 90 day audit cycles – No chance to catch breath  Manual spreadsheets and non-integrated Identity Management solutions can lead to confusion and elongate the audit cycle  Constant communication back and forth between this business/auditors and IT  Long audit processes hinder the possibility to optimize roles and governance  Costly and time consuming
© 2015 IBM Corporation IBM Security 13 Identity Governance Should Provide Automation and Repeatability  Rather than using spreadsheets, automated processes are put into place with one unified solution  Speeds up the audit process and provides time to analyze identity data and to optimize roles/processes  These processes are repeatable  Helps regulatory compliance as well as fortifying the security posture  Integration with Identity Management and other solutions can greatly improve visibility Identity Lifecycle •Access request •Access enforcement Entitlement Lifecycle •Role / entitlement management •Access request •Access certification Risk Lifecycle •Compliance / access risk / SoD Identity Governance and Administration
© 2015 IBM Corporation IBM Security 14 Failure #2: The Law of Herding Cats  Arguably the most difficult part of Identity Governance is the coordination and cooperation of multiple groups, processes and organizations  Each is responsible for a piece of the puzzle – Cooperation and data sharing is necessary in order to facilitate the total picture of identity governance  Not only does each group have different information, but they are also speaking different languages
© 2015 IBM Corporation IBM Security 15 Identity Governance Solutions Should Be The Universal Translator  Managers can understand exactly what access they are certifying/re-certifying – Ex. An employee who has moved from sales to marketing should not continue to have access to sales applications  IT Staff, Auditors, Application owners and CISOs now know which users have access to which applications AND whether or not these are the proper applications  Business-Centric terms make it easy to find “Toxic” SoD combinations
© 2015 IBM Corporation IBM Security 16 Identity Intelligence: Collect and Analyze Identity DataIdentity Intelligence: Collect and Analyze Identity Data The Future is Now: A business-driven approach to Identity Governance Administration  Cost savings  Automation  User lifecycle  Key on premise applications and employees Analytics  Application usage  Privileged activity  Risk-based control  Baseline normal behavior  Employees, partners, consumers – anywhere Governance  Role management  Access certification  Extended enterprise and business partners  On and off-premise applications How to gain visibility into user access? How to prioritize compliance actions? How to make better business decisions? Identity and Governance Evolution 1 2 3
© 2015 IBM Corporation IBM Security 17 IBM Security Identity Governance and Administration Delivering actionable identity intelligence  Align Auditors, LoB and IT perspectives in one consolidated Governance and Administration offering  Easy to launch Access Certification and Access Request to meet compliance goals with minimal IT involvement  Enhanced Role Mining and Separation of Duties Reviews using visualization dashboard and business-activity mapping  In-depth SAP Governance with Separation of Duties (SoD), access risk and fine-grained entitlements reviews  Easy to deploy virtual appliances for multiple customer adoptions – Standalone Identity Governance – Integrate with existing Identity Management – Modernize legacy Identity management with integrated governance and administration Common Integration Adapters Identity Governance and Administration Platform VIRTUAL APPLIANCE IT Security Team Auditors / Risk Managers LoB Managers / Employees Cloud Computing Mobile Applications Desktop and Server Data Mainframe Access Fulfillment Self Service Portal Risk/ Access Visibility Access Certification
© 2015 IBM Corporation IBM Security 18 IBM is a Leader in the 2015 Gartner Magic Quadrant for Identity Governance and Administration Source: Gartner (January 2015) This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from http://www.gartner.com/technology/reprints.do?id=1-27CNZU9&ct=150112&st=sb. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner, Inc. Positions IBM as a LEADER in Identity Governance and Administration (IGA) "The IGA market is transforming legacy, on-premises IAM products. IGA vendors are investing heavily to meet client needs in ease of use, mobility, business agility, and lower total cost of ownership. User provisioning and access governance functions continue to consolidate.” Gartner, Inc. “Magic Quadrant for Identity Governance and Administration” by Felix Gaehtgens, Brian Iverson, Steve Krapes, January 2015 Report #G00261633
© 2015 IBM Corporation IBM Security Systems 19 Learn more about IBM Security Identity Governance and Administration 2015 Gartner Identity Governance and Administration Magic Quadrant IBM Security Intelligence. Integration. Expertise. Watch IBM Security Identity Governance DEMOS Access Request Management (part 1) (part 2) Access Recertification Role Mining and Modeling Policy Modeling Visit our website to view solution briefs, whitepapers, and other assets IBM Security Identity Governance and Management Website Follow our blogs (SecurityIntelligence.com) IBM Security Is a Leader, Again, in the New 2015 Gartner IGA Magic Quadrant What Leading Analysts are Saying About IBM’s Acquisition of CrossIdeas
© 2015 IBM Corporation IBM Security 20 IBM Security @ Interconnect will feature today’s hottest security topics including Cloud & Mobile Security, Security Analytics & Fraud Protection, Identity & Access Management, Application & Data Security Strategies, Advanced Threat Detection & Prevention and more IBM Security @ Interconnect delivers:  Three Days of keynotes and general sessions featuring industry thought leaders  100+ Security Sessions including hands-on labs and certification testing  Solution Expo featuring demonstrations of the latest products and services from IBM Security and our partners  More Networking Events than ever to expand and strengthen your sphere of influence Register at ibm.com/interconnect today!
© 2015 IBM Corporation IBM Security 21 www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY

Empfohlen

Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
Sarah Moore
 
Identity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterpriseIdentity Management: Risk Across The Enterprise
Identity Management: Risk Across The Enterprise
Perficient, Inc.
 
ITIL and CMMI for service
ITIL and CMMI for serviceITIL and CMMI for service
ITIL and CMMI for service
BoonNam Goh
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity Management
JISC Netskills
 
Cross-examination Made Simple (Part 2)
Cross-examination Made Simple (Part 2)Cross-examination Made Simple (Part 2)
Cross-examination Made Simple (Part 2)
Michael DeBlis III, Esq., LLM
 
10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana
Christian Buckley
 
RMLL 2014 - LDAP Synchronization Connector
RMLL 2014 - LDAP Synchronization ConnectorRMLL 2014 - LDAP Synchronization Connector
RMLL 2014 - LDAP Synchronization Connector
Clément OUDOT
 

Empfohlen

Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
Sarah Moore
 
Identity Management: Risk Across The Enterprise
Identity Management: Risk Across The EnterpriseIdentity Management: Risk Across The Enterprise
Identity Management: Risk Across The Enterprise
Perficient, Inc.
 
ITIL and CMMI for service
ITIL and CMMI for serviceITIL and CMMI for service
ITIL and CMMI for service
BoonNam Goh
 
Open Source & Identity Management
Open Source & Identity ManagementOpen Source & Identity Management
Open Source & Identity Management
JISC Netskills
 
Cross-examination Made Simple (Part 2)
Cross-examination Made Simple (Part 2)Cross-examination Made Simple (Part 2)
Cross-examination Made Simple (Part 2)
Michael DeBlis III, Esq., LLM
 
10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana10 Steps Toward Information Governance Nirvana
10 Steps Toward Information Governance Nirvana
Christian Buckley
 
RMLL 2014 - LDAP Synchronization Connector
RMLL 2014 - LDAP Synchronization ConnectorRMLL 2014 - LDAP Synchronization Connector
RMLL 2014 - LDAP Synchronization Connector
Clément OUDOT
 
Connected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusConnected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity Bus
Prabath Siriwardena
 
Présentation de l'offre IAM de LINAGORA LinID
Présentation de l'offre IAM de LINAGORA LinIDPrésentation de l'offre IAM de LINAGORA LinID
Présentation de l'offre IAM de LINAGORA LinID
Michel-Marie Maudet
 
Identity & Access Governance versus Process Agility
Identity & Access Governance versus Process AgilityIdentity & Access Governance versus Process Agility
Identity & Access Governance versus Process Agility
Horst Walther
 
user interface skill presentation
user interface skill presentationuser interface skill presentation
user interface skill presentation
Pavithra N
 
Portfolio WRM
Portfolio WRMPortfolio WRM
Portfolio WRM
Wilson Meneses
 
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Burton Lee
 
Buyers Guide for Governance
Buyers Guide for GovernanceBuyers Guide for Governance
Buyers Guide for Governance
Courion Corporation
 
Advanced persistent threats(APT) - Infographic
Advanced persistent threats(APT) - InfographicAdvanced persistent threats(APT) - Infographic
Advanced persistent threats(APT) - Infographic
Happiest Minds Technologies
 
IBM Identity Governance & Intelligence
IBM Identity Governance & Intelligence IBM Identity Governance & Intelligence
IBM Identity Governance & Intelligence
유 김
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPA
LDAPCon
 
Identity Governance Solutions
Identity Governance SolutionsIdentity Governance Solutions
Identity Governance Solutions
Nitai Partners Inc
 
Oracle Identity Governance Technical Overview - 11gR2PS3
Oracle Identity Governance Technical Overview - 11gR2PS3Oracle Identity Governance Technical Overview - 11gR2PS3
Oracle Identity Governance Technical Overview - 11gR2PS3
Atul Goyal
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
IBM Security
 
Security & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things WebinarSecurity & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things Webinar
ForgeRock
 
The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management
ForgeRock
 
Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 

Weitere ähnliche Inhalte

Andere mochten auch

user interface skill presentation
user interface skill presentationuser interface skill presentation
user interface skill presentation
Pavithra N
 
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Burton Lee
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPA
LDAPCon
 

Andere mochten auch (15)

Connected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity BusConnected Identity : The Role of the Identity Bus
Connected Identity : The Role of the Identity Bus
 
Présentation de l'offre IAM de LINAGORA LinID
Présentation de l'offre IAM de LINAGORA LinIDPrésentation de l'offre IAM de LINAGORA LinID
Présentation de l'offre IAM de LINAGORA LinID
 
Identity & Access Governance versus Process Agility
Identity & Access Governance versus Process AgilityIdentity & Access Governance versus Process Agility
Identity & Access Governance versus Process Agility
 
user interface skill presentation
user interface skill presentationuser interface skill presentation
user interface skill presentation
 
Portfolio WRM
Portfolio WRMPortfolio WRM
Portfolio WRM
 
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
Lasse Andresen - ForgeRock - Stanford - Feb 7 2011
 
Buyers Guide for Governance
Buyers Guide for GovernanceBuyers Guide for Governance
Buyers Guide for Governance
 
Advanced persistent threats(APT) - Infographic
Advanced persistent threats(APT) - InfographicAdvanced persistent threats(APT) - Infographic
Advanced persistent threats(APT) - Infographic
 
IBM Identity Governance & Intelligence
IBM Identity Governance & Intelligence IBM Identity Governance & Intelligence
IBM Identity Governance & Intelligence
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPA
 
Identity Governance Solutions
Identity Governance SolutionsIdentity Governance Solutions
Identity Governance Solutions
 
Oracle Identity Governance Technical Overview - 11gR2PS3
Oracle Identity Governance Technical Overview - 11gR2PS3Oracle Identity Governance Technical Overview - 11gR2PS3
Oracle Identity Governance Technical Overview - 11gR2PS3
 
Identity Governance: Not Just For Compliance
Identity Governance: Not Just For ComplianceIdentity Governance: Not Just For Compliance
Identity Governance: Not Just For Compliance
 
Security & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things WebinarSecurity & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things Webinar
 
The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management The Future is Now: What’s New in ForgeRock Identity Management
The Future is Now: What’s New in ForgeRock Identity Management
 

Mehr von IBM Security

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 

Mehr von IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Kürzlich hochgeladen (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Myths, Failures and the Future of Identity Governance

  • 1. © 2015 IBM Corporation IBM Security 1© 2015 IBM Corporation Myths, Failures and the Future of Identity Governance Andy Land Director of Products
  • 2. © 2015 IBM Corporation IBM Security 2 Myth #1: Identity Governance projects are long and painful  In the past, identity governance projects have been categorized as a long painful process – Weeks/months of meetings and 3rd party consulting fees  Long implementations that rarely get 100% complete  Lots of time spent turning the information into actionable items  Inability to determine “who approved what and when”
  • 3. © 2015 IBM Corporation IBM Security 3 A Business-Centric Approach Can Have Governance in Place in a Matter of Months Rather Than Years  Business-centric activity based roles can speed up the processes  The right governance solution can bring intelligence out of the box  Bridging the communication gap facilitates collaboration between necessary parties  Ability to translate audit rules into actionable controls  When implemented, automation and repeatability speed up the processes
  • 4. © 2015 IBM Corporation IBM Security 4 Myth #2: IT and the Audit Team Speak the Same Language  IT and audit are often speaking very different languages – Auditors speak in business-centric languages – IT staff speaks with specific IT entitlements  Who “owns” Identity Governance?  C-level executives are often not aware of the language barriers and need answers to seemingly basic questions – Do our employees have access to the proper applications?  CISO, CRO, Application Managers, IT Managers, Auditors and LOB Managers often hold one piece of the puzzle but not the entire picture – “The Pain Chain”  Lack of insight to guide user access approval and recertification decisions
  • 5. © 2015 IBM Corporation IBM Security 5 The Right Identity Governance Solution Can Transform IT Lingo into Business Language  The “Rosetta Stone”  Identity Governance can help Business users and IT Staff communicate on the same terms  Business Activities provide layman’s terms for entitlements – Critical for Separation of Duties  Helps management and end users to definitively certify access
  • 6. © 2015 IBM Corporation IBM Security 6 Myth 3: Everyone Loves Spreadsheets  Identity Governance is normally a maddening array of spreadsheets created by auditors  Spreadsheets get lost, are hard to keep consistent and make life difficult for those using the data  Role analytics and optimization are much more difficult on a spreadsheet than a dynamic visual map  One centralized solution would save significant time and energy
  • 7. © 2015 IBM Corporation IBM Security 7 The Right Identity Governance Solution Can Transform These Spreadsheets Into Actionable Processes and Controls  Decreased time from information to action  Makes the auditor and IT staff lives easier  Dynamic role mapping capabilities provide the necessary information for role optimization  End users can now “see” SoD violations and make educated decisions  Capability to tie business activities to enterprise risk
  • 8. © 2015 IBM Corporation IBM Security 8 Role Modeling Role Modeling Define SoD on Roles Define SoD on Roles Entitlement Collection Entitlement Collection Role Based SoD  Design Roles, then set SoD rules  Requires IT and Business to agree  Where did it work? Myth #4: You Need Roles to Define Separation of Duties Anxiety level
  • 9. © 2015 IBM Corporation IBM Security 9 Role Modeling Role Modeling Entitlement Collection Entitlement Collection Activity Based SoD Activity Based SoD Activity Based SoD  Roles are only for granting access  SoD design does not require Roles  IT and Business do not need to agree A New Activity Based SoD Anxiety level
  • 10. © 2015 IBM Corporation IBM Security 10 Myth #5: Compliance is the Only Reason for Identity Governance  Identity governance has been traditionally viewed as a check mark – Pass Audits – Remain regulation compliant  This mindset ignores the fact that the “identity” can be the gateway into an organization and can leave businesses susceptible to breaches if not properly governed
  • 11. © 2015 IBM Corporation IBM Security 11 Identity Governance Should Provide Controls Against Insider Threats  Improper levels of access have been involved in many breaches – Intentional malicious activity (Insider threat) – Accidental (Well intentioned users doing the wrong things)  Orphan accounts are the perfect target for hackers  With mobile employees, contractors, business partners and consultants, it has become increasingly more important that users have access to the proper applications and entitlements
  • 12. © 2015 IBM Corporation IBM Security 12 Failure #1: The 91 Day Audit Cycle  Repeating 90 day audit cycles – No chance to catch breath  Manual spreadsheets and non-integrated Identity Management solutions can lead to confusion and elongate the audit cycle  Constant communication back and forth between this business/auditors and IT  Long audit processes hinder the possibility to optimize roles and governance  Costly and time consuming
  • 13. © 2015 IBM Corporation IBM Security 13 Identity Governance Should Provide Automation and Repeatability  Rather than using spreadsheets, automated processes are put into place with one unified solution  Speeds up the audit process and provides time to analyze identity data and to optimize roles/processes  These processes are repeatable  Helps regulatory compliance as well as fortifying the security posture  Integration with Identity Management and other solutions can greatly improve visibility Identity Lifecycle •Access request •Access enforcement Entitlement Lifecycle •Role / entitlement management •Access request •Access certification Risk Lifecycle •Compliance / access risk / SoD Identity Governance and Administration
  • 14. © 2015 IBM Corporation IBM Security 14 Failure #2: The Law of Herding Cats  Arguably the most difficult part of Identity Governance is the coordination and cooperation of multiple groups, processes and organizations  Each is responsible for a piece of the puzzle – Cooperation and data sharing is necessary in order to facilitate the total picture of identity governance  Not only does each group have different information, but they are also speaking different languages
  • 15. © 2015 IBM Corporation IBM Security 15 Identity Governance Solutions Should Be The Universal Translator  Managers can understand exactly what access they are certifying/re-certifying – Ex. An employee who has moved from sales to marketing should not continue to have access to sales applications  IT Staff, Auditors, Application owners and CISOs now know which users have access to which applications AND whether or not these are the proper applications  Business-Centric terms make it easy to find “Toxic” SoD combinations
  • 16. © 2015 IBM Corporation IBM Security 16 Identity Intelligence: Collect and Analyze Identity DataIdentity Intelligence: Collect and Analyze Identity Data The Future is Now: A business-driven approach to Identity Governance Administration  Cost savings  Automation  User lifecycle  Key on premise applications and employees Analytics  Application usage  Privileged activity  Risk-based control  Baseline normal behavior  Employees, partners, consumers – anywhere Governance  Role management  Access certification  Extended enterprise and business partners  On and off-premise applications How to gain visibility into user access? How to prioritize compliance actions? How to make better business decisions? Identity and Governance Evolution 1 2 3
  • 17. © 2015 IBM Corporation IBM Security 17 IBM Security Identity Governance and Administration Delivering actionable identity intelligence  Align Auditors, LoB and IT perspectives in one consolidated Governance and Administration offering  Easy to launch Access Certification and Access Request to meet compliance goals with minimal IT involvement  Enhanced Role Mining and Separation of Duties Reviews using visualization dashboard and business-activity mapping  In-depth SAP Governance with Separation of Duties (SoD), access risk and fine-grained entitlements reviews  Easy to deploy virtual appliances for multiple customer adoptions – Standalone Identity Governance – Integrate with existing Identity Management – Modernize legacy Identity management with integrated governance and administration Common Integration Adapters Identity Governance and Administration Platform VIRTUAL APPLIANCE IT Security Team Auditors / Risk Managers LoB Managers / Employees Cloud Computing Mobile Applications Desktop and Server Data Mainframe Access Fulfillment Self Service Portal Risk/ Access Visibility Access Certification
  • 18. © 2015 IBM Corporation IBM Security 18 IBM is a Leader in the 2015 Gartner Magic Quadrant for Identity Governance and Administration Source: Gartner (January 2015) This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from http://www.gartner.com/technology/reprints.do?id=1-27CNZU9&ct=150112&st=sb. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner, Inc. Positions IBM as a LEADER in Identity Governance and Administration (IGA) "The IGA market is transforming legacy, on-premises IAM products. IGA vendors are investing heavily to meet client needs in ease of use, mobility, business agility, and lower total cost of ownership. User provisioning and access governance functions continue to consolidate.” Gartner, Inc. “Magic Quadrant for Identity Governance and Administration” by Felix Gaehtgens, Brian Iverson, Steve Krapes, January 2015 Report #G00261633
  • 19. © 2015 IBM Corporation IBM Security Systems 19 Learn more about IBM Security Identity Governance and Administration 2015 Gartner Identity Governance and Administration Magic Quadrant IBM Security Intelligence. Integration. Expertise. Watch IBM Security Identity Governance DEMOS Access Request Management (part 1) (part 2) Access Recertification Role Mining and Modeling Policy Modeling Visit our website to view solution briefs, whitepapers, and other assets IBM Security Identity Governance and Management Website Follow our blogs (SecurityIntelligence.com) IBM Security Is a Leader, Again, in the New 2015 Gartner IGA Magic Quadrant What Leading Analysts are Saying About IBM’s Acquisition of CrossIdeas
  • 20. © 2015 IBM Corporation IBM Security 20 IBM Security @ Interconnect will feature today’s hottest security topics including Cloud & Mobile Security, Security Analytics & Fraud Protection, Identity & Access Management, Application & Data Security Strategies, Advanced Threat Detection & Prevention and more IBM Security @ Interconnect delivers:  Three Days of keynotes and general sessions featuring industry thought leaders  100+ Security Sessions including hands-on labs and certification testing  Solution Expo featuring demonstrations of the latest products and services from IBM Security and our partners  More Networking Events than ever to expand and strengthen your sphere of influence Register at ibm.com/interconnect today!
  • 21. © 2015 IBM Corporation IBM Security 21 www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY