SlideShare ist ein Scribd-Unternehmen logo

CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture

CloudIDSummit
CloudIDSummit

Jennifer Darwin, Senior Manager, Sallie Mae Jennifer Darwin will discuss how Sallie Mae used identity management to address its compliance and security challenges. This identity governance case study will discuss how Sallie Mae was able to address more than 3,000 security controls (including FISMA and FFIEC regulations), while simultaneously eliminating critical security vulnerabilities associated with user access privileges, including SoD policy violations, entitlement creep and orphan accounts. She will also provide best practices to help companies achieve the same results.

TechnologieBusiness
1 von 16
Downloaden Sie, um offline zu lesen
FINANCIAL SERVICES CASE STUDY: Improving Compliance & Risk Posture With Next-gen IAM Speaker: Jennifer Darwin, Manager of IAM, Corporate Information Security CLOUD IDENTITY SUMMIT JULY 2013
2 ABOUT SALLIE MAE ▶  The nation’s #1 financial services company specializing in education ▶  Over 10 million student and parent customers, more than 9,000 employees and 2,000 contractors ▶  Manages $207 billion in education loans & 529 college- savings plans ▶  The company’s saving programs, planning resources and financing options have helped more than 31 million people make the investment in higher education
3 ▶  Comply With Major Regulations –  FISMA, SOX, GLBA, PCI and SAS-70’s (Sallie Mae) –  FFIEC and State of Utah (Sallie Mae Bank ) –  SEC, FINRA & FTC (Upromise Rewards and Investments ) ▶  Enhance Efficiencies Through Automated Provisioning –  Some relatively high turnover functions create demand for more rapid SLAs –  Restructuring creates short-term demand –  New business initiatives require rapid but controlled response ▶  Reduce Operational Risk –  Eliminate redundant, sub-optimal processes and centralize controls in one place across the enterprise –  Prevent/detect fraud - manual processes and hand-offs make security policy enforcement challenging KEY BUSINESS DRIVERS
4 ▶  Increase efficiency through Automation ▶  Improve effectiveness through process Optimization ▶  Improve Quality of compliance activities PROJECT STRATEGY Ariba ADP Workday Databases Mainframe Exchange AD App 1 App 2 App 3 Etc.
5 PROJECT OVERVIEW Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte
6 PROJECT OVERVIEW: IMPLEMENT ROLE-BASED ACCESS Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte Enterprise Roles
7 PROJECT OVERVIEW: STREAMLINE ACCESS CERTIFICATIONS Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte Automated Access Certification
8 PROJECT OVERVIEW: FOCUS ON ACCESS REQUEST FORMS Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte Application Access Request Form
9 RESULTS: CLEARLY DEFINED USER ROLES Phase  1 Phase  2 Phase  3 Phase  4 Phase  5 250 2500 5000 6000 6500 #  of  Users  with  Enterprise  Roles #  of  Users
10 RESULTS: ENHANCED PROVISIONING Original State Current State Future State Request Request Request Provision Provision Provision Duration Provisioning Efficiencies 33% Reduction 60% Reduction (est.)
11 RESULTS: STREAMLINED ACCESS CERTIFICATION PROCESS
12 RESULTS: 64% IMPROVEMENT ACHIEVED, EXCEEDING EXPECTATIONS! Separate, manual spreadsheets Single repository, solution enabled Before After INTEGRATED 400 •  64% overlap removed •  400 Integrated Requirements •  Common Framework using 16 Functional Risk Areas •  Full traceability to 160+ mandates •  Includes FISMA, ICE, PCI DSS, GLBA, etc. •  Over 1100 Controls •  Different frameworks; different risk areas •  Inconsistent traceability to mandates •  Incomplete coverage of mandates PCI 240 FISMA 200 ICE (for IT) 400 GLBA / FFIEC 250 FACTA 14
13 ▶  More than 700 applications on-boarded ▶  Over 6,500 users in a job role (approximately 75% of the company) ▶  Seven segregation of duty or monitoring processes implemented ▶  Access certification improvements institutionalized –  This consists of over 20,000 user entitlements to be reviewed this year WHERE WE ARE NOW
14 ▶  Continue to expand current project scope –  Goal is to have 90% of the company in enterprise roles –  Goal is to have 24 certifications scheduled ▶  Continue expanding project scope to include even more SaaS and hosted apps –  ADP, Ariba, Workday –  Looking at externally hosted apps too (FIS, FNI, FDR) ▶  Moving to make Workday becoming our authoritative source –  Corporate HR system moving to Workday – tentatively scheduled for Q4 2014 WHERE WE WANT TO BE BY Q4 2013
15 ▶  Do Enterprise Roles First –  Simplifies the implementation of all IAM components and reduces future rework –  Team MUST include someone who has successfully deployed Enterprise Roles ▶  Well Defined Roadmap –  Requires shared vision from business and executives –  Part of broader program ▶  Achieve Quick Wins –  Showing results is critical to keep momentum of multi-year program LESSONS LEARNED/BEST PRACTICES User Provisioning Enterprise Roles Access Requests Access Certification Can be leveraged across…
16 Jennifer Darwin 317.598.4104 jennifer.a.darwin@salliemae.com THANK YOU AND QUESTIONS

Empfohlen

BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..Continuity and Resilience
 
How to Manage a Product Medical Device Recall Efficiently and Effectively
How to Manage a Product Medical Device Recall Efficiently and EffectivelyHow to Manage a Product Medical Device Recall Efficiently and Effectively
How to Manage a Product Medical Device Recall Efficiently and EffectivelyAnita Anzo
 
UWNewDealDGIQConferenceCopy-Final
UWNewDealDGIQConferenceCopy-FinalUWNewDealDGIQConferenceCopy-Final
UWNewDealDGIQConferenceCopy-FinalBill Yock
 
Identity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersIdentity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersAndrew Ames
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in ActionCloudIDSummit
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Uk french national id card presentation
Uk french national id card presentationUk french national id card presentation
Uk french national id card presentationSaiful Chowdhury
 
CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...
CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...
CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...CloudIDSummit
 

Empfohlen

BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..BCM Regulations and Learnings from across the globe..
BCM Regulations and Learnings from across the globe..Continuity and Resilience
 
How to Manage a Product Medical Device Recall Efficiently and Effectively
How to Manage a Product Medical Device Recall Efficiently and EffectivelyHow to Manage a Product Medical Device Recall Efficiently and Effectively
How to Manage a Product Medical Device Recall Efficiently and EffectivelyAnita Anzo
 
UWNewDealDGIQConferenceCopy-Final
UWNewDealDGIQConferenceCopy-FinalUWNewDealDGIQConferenceCopy-Final
UWNewDealDGIQConferenceCopy-FinalBill Yock
 
Identity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersIdentity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersAndrew Ames
 
CIS14: PingAccess in Action
CIS14: PingAccess in ActionCIS14: PingAccess in Action
CIS14: PingAccess in ActionCloudIDSummit
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Uk french national id card presentation
Uk french national id card presentationUk french national id card presentation
Uk french national id card presentationSaiful Chowdhury
 
CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...
CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...
CIS 2015 Modernize IAM with UnboundID and Ping Identity - Terry Sigle & B. Al...CloudIDSummit
 
Workshop on Identity & Access Management.
Workshop on Identity & Access Management.Workshop on Identity & Access Management.
Workshop on Identity & Access Management.cisoplatform
 
Presentation gdpr ahti
Presentation gdpr ahtiPresentation gdpr ahti
Presentation gdpr ahtiSofie van der Meulen
 
Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Smart Grid Interoperability Panel
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & servicesJISC Netskills
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts WSO2
 
Landscape of Web Identity Management
Landscape of Web Identity ManagementLandscape of Web Identity Management
Landscape of Web Identity ManagementFraunhofer AISEC
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTGlobal Online Trinings
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?C/D/H Technology Consultants
 
Sap IDM Praesentation
Sap IDM PraesentationSap IDM Praesentation
Sap IDM Praesentationlgoess
 
CIS14: PingAccess 101
CIS14: PingAccess 101CIS14: PingAccess 101
CIS14: PingAccess 101CloudIDSummit
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionCA API Management
 
Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)Prof. Jacques Folon (Ph.D)
 
SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management OverviewSAP Technology
 
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTFUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTForgeRock
 
IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities ForgeRock
 
Healthcare business process partnering for success. ver. 1.3
Healthcare business process partnering for success. ver. 1.3Healthcare business process partnering for success. ver. 1.3
Healthcare business process partnering for success. ver. 1.3HarshVardhan1
 
Certified Information System Auditor- CISA
Certified Information System Auditor- CISACertified Information System Auditor- CISA
Certified Information System Auditor- CISAKnowledgehut
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 CA CISA Jayjit Biswas
 
Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case StudiesAxis Technology, LLC
 
Lexcomply - Compliance Management Solutions
Lexcomply - Compliance Management SolutionsLexcomply - Compliance Management Solutions
Lexcomply - Compliance Management SolutionsLexComply
 
Business Proposal - IT Project
Business Proposal - IT ProjectBusiness Proposal - IT Project
Business Proposal - IT ProjectSharad Srivastava
 
Customer Process & Decision Transformations
Customer Process & Decision TransformationsCustomer Process & Decision Transformations
Customer Process & Decision TransformationsProlifics
 

Weitere ähnliche Inhalte

Andere mochten auch

Workshop on Identity & Access Management.
Workshop on Identity & Access Management.Workshop on Identity & Access Management.
Workshop on Identity & Access Management.cisoplatform
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & servicesJISC Netskills
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts WSO2
 
Landscape of Web Identity Management
Landscape of Web Identity ManagementLandscape of Web Identity Management
Landscape of Web Identity ManagementFraunhofer AISEC
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTGlobal Online Trinings
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?C/D/H Technology Consultants
 
Sap IDM Praesentation
Sap IDM PraesentationSap IDM Praesentation
Sap IDM Praesentationlgoess
 
CIS14: PingAccess 101
CIS14: PingAccess 101CIS14: PingAccess 101
CIS14: PingAccess 101CloudIDSummit
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionCA API Management
 
SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management OverviewSAP Technology
 
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTFUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTForgeRock
 
IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities ForgeRock
 

Andere mochten auch (15)

Workshop on Identity & Access Management.
Workshop on Identity & Access Management.Workshop on Identity & Access Management.
Workshop on Identity & Access Management.
 
Presentation gdpr ahti
Presentation gdpr ahtiPresentation gdpr ahti
Presentation gdpr ahti
 
Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
 
Landscape of Web Identity Management
Landscape of Web Identity ManagementLandscape of Web Identity Management
Landscape of Web Identity Management
 
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOTSailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
Sailpoint Training | Best Sailpoint IdentityIQ Online Course -GOT
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
 
Sap IDM Praesentation
Sap IDM PraesentationSap IDM Praesentation
Sap IDM Praesentation
 
CIS14: PingAccess 101
CIS14: PingAccess 101CIS14: PingAccess 101
CIS14: PingAccess 101
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
 
Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)
 
SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management Overview
 
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENTFUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
FUTURE-PROOFING CONSUMER IDENTITY AND ACCESS MANAGEMENT
 
IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities IAM for the Masses: Managing Consumer Identities
IAM for the Masses: Managing Consumer Identities
 

Ähnlich wie CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture

Healthcare business process partnering for success. ver. 1.3
Healthcare business process partnering for success. ver. 1.3Healthcare business process partnering for success. ver. 1.3
Healthcare business process partnering for success. ver. 1.3HarshVardhan1
 
Certified Information System Auditor- CISA
Certified Information System Auditor- CISACertified Information System Auditor- CISA
Certified Information System Auditor- CISAKnowledgehut
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 CA CISA Jayjit Biswas
 
Lexcomply - Compliance Management Solutions
Lexcomply - Compliance Management SolutionsLexcomply - Compliance Management Solutions
Lexcomply - Compliance Management SolutionsLexComply
 
Business Proposal - IT Project
Business Proposal - IT ProjectBusiness Proposal - IT Project
Business Proposal - IT ProjectSharad Srivastava
 
Customer Process & Decision Transformations
Customer Process & Decision TransformationsCustomer Process & Decision Transformations
Customer Process & Decision TransformationsProlifics
 
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...Oracle
 
Connected Campus: Integrating with Systems of Record webinar
Connected Campus: Integrating with Systems of Record webinarConnected Campus: Integrating with Systems of Record webinar
Connected Campus: Integrating with Systems of Record webinarSalesforce.org
 
GSS Healthcare - RCM Services
GSS Healthcare - RCM ServicesGSS Healthcare - RCM Services
GSS Healthcare - RCM ServicesRakesh Naidu
 
4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficienciesKaizenlogcom
 
4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficienciesKaizenlogcom
 
4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficienciesKaizenlogcom
 
Adaptive Case Management Awards Ceremony 2016
Adaptive Case Management Awards Ceremony 2016Adaptive Case Management Awards Ceremony 2016
Adaptive Case Management Awards Ceremony 2016Future Strategies Inc.
 
Getting SOX Compliant with Salesforce
Getting SOX Compliant with SalesforceGetting SOX Compliant with Salesforce
Getting SOX Compliant with Salesforcedreamforce2006
 

Ähnlich wie CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture (20)

Healthcare business process partnering for success. ver. 1.3
Healthcare business process partnering for success. ver. 1.3Healthcare business process partnering for success. ver. 1.3
Healthcare business process partnering for success. ver. 1.3
 
Certified Information System Auditor- CISA
Certified Information System Auditor- CISACertified Information System Auditor- CISA
Certified Information System Auditor- CISA
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
 
Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case Studies
 
Lexcomply - Compliance Management Solutions
Lexcomply - Compliance Management SolutionsLexcomply - Compliance Management Solutions
Lexcomply - Compliance Management Solutions
 
Business Proposal - IT Project
Business Proposal - IT ProjectBusiness Proposal - IT Project
Business Proposal - IT Project
 
Customer Process & Decision Transformations
Customer Process & Decision TransformationsCustomer Process & Decision Transformations
Customer Process & Decision Transformations
 
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
 
Connected Campus: Integrating with Systems of Record webinar
Connected Campus: Integrating with Systems of Record webinarConnected Campus: Integrating with Systems of Record webinar
Connected Campus: Integrating with Systems of Record webinar
 
Case Studies
Case StudiesCase Studies
Case Studies
 
GSS Healthcare - RCM Services
GSS Healthcare - RCM ServicesGSS Healthcare - RCM Services
GSS Healthcare - RCM Services
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
Hitachi ID Access Certifier
Hitachi ID Access CertifierHitachi ID Access Certifier
Hitachi ID Access Certifier
 
4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies
 
4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies
 
4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies4 best practices_using finance applications for better process efficiencies
4 best practices_using finance applications for better process efficiencies
 
Adaptive Case Management Awards Ceremony 2016
Adaptive Case Management Awards Ceremony 2016Adaptive Case Management Awards Ceremony 2016
Adaptive Case Management Awards Ceremony 2016
 
Introduction to CAI
Introduction to CAIIntroduction to CAI
Introduction to CAI
 
Getting SOX Compliant with Salesforce
Getting SOX Compliant with SalesforceGetting SOX Compliant with Salesforce
Getting SOX Compliant with Salesforce
 
Resume
ResumeResume
Resume
 

Mehr von CloudIDSummit

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content HighlightsCloudIDSummit
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CloudIDSummit
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2CloudIDSummit
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CloudIDSummit
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CloudIDSummit
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CloudIDSummit
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCloudIDSummit
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCloudIDSummit
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CloudIDSummit
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCloudIDSummit
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...CloudIDSummit
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCloudIDSummit
 

Mehr von CloudIDSummit (20)

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
 

Kürzlich hochgeladen

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Kürzlich hochgeladen (20)

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

CIS13: How IAM Improved Sallie Mae's Compliance and Risk Posture

  • 1. FINANCIAL SERVICES CASE STUDY: Improving Compliance & Risk Posture With Next-gen IAM Speaker: Jennifer Darwin, Manager of IAM, Corporate Information Security CLOUD IDENTITY SUMMIT JULY 2013
  • 2. 2 ABOUT SALLIE MAE ▶  The nation’s #1 financial services company specializing in education ▶  Over 10 million student and parent customers, more than 9,000 employees and 2,000 contractors ▶  Manages $207 billion in education loans & 529 college- savings plans ▶  The company’s saving programs, planning resources and financing options have helped more than 31 million people make the investment in higher education
  • 3. 3 ▶  Comply With Major Regulations –  FISMA, SOX, GLBA, PCI and SAS-70’s (Sallie Mae) –  FFIEC and State of Utah (Sallie Mae Bank ) –  SEC, FINRA & FTC (Upromise Rewards and Investments ) ▶  Enhance Efficiencies Through Automated Provisioning –  Some relatively high turnover functions create demand for more rapid SLAs –  Restructuring creates short-term demand –  New business initiatives require rapid but controlled response ▶  Reduce Operational Risk –  Eliminate redundant, sub-optimal processes and centralize controls in one place across the enterprise –  Prevent/detect fraud - manual processes and hand-offs make security policy enforcement challenging KEY BUSINESS DRIVERS
  • 4. 4 ▶  Increase efficiency through Automation ▶  Improve effectiveness through process Optimization ▶  Improve Quality of compliance activities PROJECT STRATEGY Ariba ADP Workday Databases Mainframe Exchange AD App 1 App 2 App 3 Etc.
  • 5. 5 PROJECT OVERVIEW Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte
  • 6. 6 PROJECT OVERVIEW: IMPLEMENT ROLE-BASED ACCESS Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte Enterprise Roles
  • 7. 7 PROJECT OVERVIEW: STREAMLINE ACCESS CERTIFICATIONS Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte Automated Access Certification
  • 8. 8 PROJECT OVERVIEW: FOCUS ON ACCESS REQUEST FORMS Compliance Management Employee Customer Business Partner HR & Other Authoritative Sources Enterprise Roles Access Management BusinessEvents Business Role - IT Roles - - Entitlements User Provisioning Apps&Users Copyright ©2010 by Deloitte Application Access Request Form
  • 9. 9 RESULTS: CLEARLY DEFINED USER ROLES Phase  1 Phase  2 Phase  3 Phase  4 Phase  5 250 2500 5000 6000 6500 #  of  Users  with  Enterprise  Roles #  of  Users
  • 10. 10 RESULTS: ENHANCED PROVISIONING Original State Current State Future State Request Request Request Provision Provision Provision Duration Provisioning Efficiencies 33% Reduction 60% Reduction (est.)
  • 11. 11 RESULTS: STREAMLINED ACCESS CERTIFICATION PROCESS
  • 12. 12 RESULTS: 64% IMPROVEMENT ACHIEVED, EXCEEDING EXPECTATIONS! Separate, manual spreadsheets Single repository, solution enabled Before After INTEGRATED 400 •  64% overlap removed •  400 Integrated Requirements •  Common Framework using 16 Functional Risk Areas •  Full traceability to 160+ mandates •  Includes FISMA, ICE, PCI DSS, GLBA, etc. •  Over 1100 Controls •  Different frameworks; different risk areas •  Inconsistent traceability to mandates •  Incomplete coverage of mandates PCI 240 FISMA 200 ICE (for IT) 400 GLBA / FFIEC 250 FACTA 14
  • 13. 13 ▶  More than 700 applications on-boarded ▶  Over 6,500 users in a job role (approximately 75% of the company) ▶  Seven segregation of duty or monitoring processes implemented ▶  Access certification improvements institutionalized –  This consists of over 20,000 user entitlements to be reviewed this year WHERE WE ARE NOW
  • 14. 14 ▶  Continue to expand current project scope –  Goal is to have 90% of the company in enterprise roles –  Goal is to have 24 certifications scheduled ▶  Continue expanding project scope to include even more SaaS and hosted apps –  ADP, Ariba, Workday –  Looking at externally hosted apps too (FIS, FNI, FDR) ▶  Moving to make Workday becoming our authoritative source –  Corporate HR system moving to Workday – tentatively scheduled for Q4 2014 WHERE WE WANT TO BE BY Q4 2013
  • 15. 15 ▶  Do Enterprise Roles First –  Simplifies the implementation of all IAM components and reduces future rework –  Team MUST include someone who has successfully deployed Enterprise Roles ▶  Well Defined Roadmap –  Requires shared vision from business and executives –  Part of broader program ▶  Achieve Quick Wins –  Showing results is critical to keep momentum of multi-year program LESSONS LEARNED/BEST PRACTICES User Provisioning Enterprise Roles Access Requests Access Certification Can be leveraged across…