identity management: protecting from the inside out michael fornal, security analyst providence...
TRANSCRIPT
IDENTITY MANAGEMENT: PROTECTING FROM THE INSIDE OUT
MICHAEL FORNAL, SECURITY ANALYSTPROVIDENCE HEALTH & SERVICES
SOURCE SEATTLE CONFERENCE 10.23.13 -10.24.13
Providence Health & Services
Very large Catholic healthcare system
33 hospitals in AK, CA, MT, OR, WA
65,000 employees
ATTENTION:
The information you are about to hear is from a Newbie in the InfoSec community who is still learning to manage his own Identity. If you disagree with any of the information that you hear here today PLEASE DON’T REMOVE HIS ACCESS to the InfoSec community!
Topics of Discussion
Why IDM needs to be a business need and not IT.
What can an IDM program do for your company.
How having an IDM program can help you to stay resilient.
What is Identity Management
In short it’s the ability to provide provisioning and governance of users within your environment.
This includes:
Password Management
Access Requests
Policy Enforcement
Why IDM is a business need and not an IT need.
Ensures that governance of access is being done correctly. Reduces risk to the company.
Satisfy compliance and privacy requirements.
Provides a cost saving measure by providing an efficientprocess for user provisioning.
What IDM can do for your company
Management of employee life cycle from beginning to end.
Provides an overall view of how effective yourpolicies are.
Centralize authentication and authorization of applications across an enterprise.
Gives greater transparency into who has access to what.
Reduce the fears that Executives and IT Managers have around Identity and Access Governance.
Management of employee life cycle
Add an employee Move an employee Employee leaves
Provides an overall view of how effective your polices are by:
Providing reports that show employee violations of polices.
Showing you where there could be potential conflicts with a role or group that could limit an employee’s productivity.
Centralize authentication and authorization of applications across
an enterprise
Provides accountability
Allows for the burden of account management to be taken off a department like applications support.
One piece of software can control access to all applications in an enterprise reducing redundancy.
Allows for greater transparency
Gives a high level of who has access and to what based on role or group.
Shows who your super users are and where your areas of high risk are.
High Privilege Group
Reduce managements fears around
Identity and Access Governance Executives fear that account management is being done incorrectly.
IT Managers fear for integrity of their data and applications.
Providing leadership with tangible results that allow them thenecessary transparency to see that the IAM program is working.
Report Summary
Privilege group membership report
Manager certification
Manager Certification cont.
How you can improve your security program with an IAM tool:
Allows for better creation of company security polices.
Used as a provisioning tool allows for better management of employee life cycle.
Reduce your attack surfaces.
Allows for better creation of company security polices by:
Where to use least privilege andwhere not to use. Performing audits and reports.
Giving you the information that you need to make better informed decisions.
Used as a provisioning tool allows for better management of employee life cycle
Setup everything from:
Password Management
Application Access
Closing of Accounts
Reduction in attack surface.
Able to clean up old accounts that could be used to access sensitive information.
Mitigates the insider threat especially in a dynamic environment
High privilege accounts can be monitored
Reduces the risk of super user accounts beingcreated by having it approved by another dept.
High Privilege Account Certification
Today’s Takeaways
An IDM tool in your enterprise gives you the benefits of a detective tool and a prevention tool.
IDM needs to be a cornerstone of a security programwithout it everything else will break down.
Gives the business confidence that process of governanceand access is being monitored and performed correctly.
Thank you!
Thanks for attending my talk today on Identity Management: Protecting from the inside out
Questions…?
Contact
On Twitter:@fornalm
Security blog: Fighting In.Security http://fightinginsecurity.wordpress.com/