SlideShare une entreprise Scribd logo

IAM

Prof. Jacques Folon (Ph.D)
Prof. Jacques Folon (Ph.D)

cours donné en début 2014

Formation
1  sur  79
Télécharger pour lire hors ligne
Identity access management    Jacques  Folon   ! Partner  Edge  Consulting   ! Maître  de  conférences     Université  de  Liège     Chargé  de  cours     ICHEC  Brussels  Management  School     Professeur  invité     Université  de  Lorraine  (Metz)   ISFSC,  HE  F.Ferrer,  HE  LdB  (Bruxelles)   Institut  Arabe  des  Chefs  d’entreprises  (Tunis)   Institut  Africain  de  Management  (Ouagadougou)   !
Retrouvez-­‐moi  en  ligne   Jacques.folon@ichec.be https://www.facebook.com/folon.jacques http://www.scoop.it/u/jacques-folon http://www.linkedin.com/in/folon http://jacquesfolon.tumblr.com/ http://fr.slideshare.net/FOLON @jacquesfolon 2
Cette  présentation  est  sur       www.slideshare.net/folon   ! elle  est  à  votre  disposition
IAM 1. 2. 3. 4. 5. 6. 7. 8. 9. C’est  quoi  ?   Quel  est  le  contexte  actuel?   IAM  &  cloud  computing   Pourquoi  en  avons  nous   besoin?   To  do  list   IAM  et  vie  privée   IAM  et  contrôle   e-­‐discovery   Conclusion
1.  IAM  c’est  quoi  ? Single  Sign    On Password   Management Secure  Remote     Access Fede ratio n Role  based   Managemen t Provisioning Web  Services   Security   iting  & Aud ng eporti R Authorization DRM   Strong ication nt Authe es ctori Dire PKI Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

5 Questions 
 to ask your CISO
Q: What’s posted on this monitor? ! a – password to financial application b – phone messages c – to-do’s
Q: What determines your employee’s access? ! ! a – give Alice whatever Wally has b – roles, attributes, and requests c – whatever her manager says
Q: Who is the most privileged user in your enterprise? ! ! a – security administrator b – CFO c – the summer intern who is now working for your competitor
Q: How secure is your
 identity data? ! ! a – It is in 18 different secured stores b – We protect the admin passwords c – Privacy? We don’t hold credit card numbers
Q: How much are manual compliance controls costing your organization? ! a – nothing, no new headcount b – don’t ask c – don’t know
Today’s IT Challenges More Compliant Business • Increasing regulatory demands • Increasing privacy concerns • Business viability concerns More Agile Business More Secured Business • More accessibility for employees, customers and partners • Higher level of B2B integrations • Faster reaction to changing requirements • Organized crime • Identity theft • Intellectual property theft • Constant global threats
State Of Security In Enterprise • Incomplete • Multiple point solutions from many vendors • Disparate technologies that don’t work together ! • Complex • Repeated point-to-point integrations • Mostly manual operations ! • ‘Non-compliant’ • Difficult to enforce consistent set of policies • Difficult to measure compliance with those policies
Identity Management Values • Trusted and reliable security ! • Efficient regulatory compliance ! • Lower administrative and development costs ! • Enable online business networks ! • Better end-user experience
IAM    n’est  pas  uniquement  une  tâche   informatique  ! La gestion des identités consiste à gérer le cycle de vie des personnes (embauche, promotion, mutation, départ, etc.) au sein de la société et les impacts induits sur le système d’information (création de Comptes utilisateurs, attribution de Profils utilisateurs, mise en œuvre du contrôle d'accès, etc.). source  clusif   15
IAM    n’est  pas  uniquement  une  tâche   informatique  ! • Cette gestion des identités doit pouvoir être faite d'un point de vue fonctionnel par des non-informaticiens (exemple : Ressources Humaines, Maîtrise d’ouvrage, l’utilisateur lui-même) • et • d'un point de vue technique par des informaticiens (exemple : administrateur, Maîtrise d’œuvre). source  clusif   16
La solution de gestion d’identités doit être une solution globale sur la base d’une infrastructure centralisée avec une gestion fonctionnelle distribuée et qui intègre les fonctionnalités suivantes : ! • la gestion du référentiel central des utilisateurs (alimentation à partir de référentiels utilisateurs sources), • la gestion du référentiel central des ressources concernées par la gestion des droits d’accès, • la gestion des habilitations (gestion des Profils, Rôles, gestion des utilisateurs, workflow), • le provisioning (synchronisation des référentiels cibles de sécurité), • l’administration décentralisée, • l’auto-administration (gestion par les utilisateurs des mots de passe et des données privées), • l’audit et le reporting, • le contrôle d’accès (authentification, autorisation). source  clusif   17
Définition • What  is  Identity  Management  ?     “Identity  management  is  the  set   of  business  processes,  and  a   supporting  infrastructure,  for  the   creation,  maintenance,  and  use  of   digital  identities.”  The  Burton  Group   (a  research  firm  specializing  in  IT   infrastructure  for  the  enterprise)   • Identity  Management  in  this   sense  is  sometimes  called   “Identity  and  Access   Management”  (IAM)
Identity and Access Management is the process for managing the lifecycle of digital identities and access for people, systems and services. This includes:! User Management – management of large, changing user populations along with delegated- and self-service administration. Access Management – allows applications to authenticate users and allow access to resources based upon policy. Provisioning and De-Provisioning – automates account propagation across applications and systems. Audit and Reporting – review access privileges, validate changes, and manage accountability. CA! IAM : J. Tony Goulding CISSP, ITIL CA t ony.goulding@ca.com! 19
IAM  c’est  par  exemple… • “Bonjour  je  suis  Julie,  une   étudiante  d’INFOSAFE.”      (Identité)   • “Ceci  est  mon  mot  de  passe.”       (Authentification)   • “Je  veux  accéder  à  la  plateforme”       (Authorisation  accordée)   • “Je  veux  améliorer  la  note  de  mon   examen.”       (Autorisation  refusée)
Mais  c’est  aussi… • Un  nouveau  professeur   • Donc  une  adresse  email,  à   donner  dès  que  possible   • Un  mot  de  passe  sur  ICHEC   Campus   • Un  mot  de  passe  Intranet   • Un  mot  de  passe  IE  Campus   • Définir  les  autres  services   auxquel  il  a  accès
Quelles  sont  les  questions  à  se  poser?? • Les  personnes  sont-­‐elles  ce   qu’elles  disent  être?   • Sont-­‐elles  des  membres  réels   de  notre  communauté  ?   • Ont-­‐elles  reçu  les   autorisations  nécessaires  ?   • Le  respect  de  leurs  données   personnelles  est-­‐il  mis  en   place?
Exemples  de  questions – Quel  mot  type  de  mot  de  passe  donner?   – Quelles  sont  les  activités  autorisées?   – Quelles  sont  les  activités  interdites?   – A  quelle  catégorie  de  personne  cette  nouvelle   identité  doit-­‐elle  être  attachée?   – A  quel  moment  du  processus  d’entrée  les   autorisations  doivent-­‐elles  être  données?   – Quelles  modalités  de  contrôle  sont  mises  en  place?   Peut-­‐on  prouver  tout  cela  à  un  auditeur  ?
Le  triple  A  de  l’IAM Authentication! WHO ARE YOU? Authorization / Access Control! WHAT CAN YOU DO? Audit! WHAT HAVE YOU DONE? 24
Components  of  IAM • Administration   – – – – User  Management   Password  Management   Workflow   Delegation   – Account  Provisioning   – Account  Deprovisioning   – Synchronisation Authentication • Identity  Management   Administration – Authentication     – Authorization   Authorization • Access  Management   Reliable Identity Data Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

2.  Contexte  actuel   Quel  est  le  contexte  actuel   qui  est  à  la  base  du   développement  de  l’IAM?
Les  identités  multiples  selon  F  Cavazza 27
Les  identités  varient  selon  les  plateformes 28
Entre  l’identité  virtuelle  et  ... Dans ce contexte, l’amoncellement de parcelles laissées plus ou moins à l’abandon dessine un portrait par petites touches. Un peu comme les tableaux pointillistes : de manière unitaire, aucune des traces n’est réellement significative. Mais le tableau général, lui, représente le sujet dans son ensemble. À la vue de tous et pas forcément sous un angle souhaité… 29 http://www.buschini.com/2009/12/04/identite-­‐traditionnelle-­‐versus-­‐identite-­‐numerique/
• Internet  est  basé  sur  des   communications  anonymes   • Les  entreprises  participent  à  de   nombreux  réseaux  générant  de   multiples  identités   • Les  systèmes  internes  ont  parfois  des   systèmes  d’identifiants  différents   • Les  utilisateurs  sont  les  maillons  faibles   de  la  sécurité   • La  criminalité  informatique  augmente   • La  mise  en  place  de  contrôles  impose   l’identification   • La  gestion  des  traces  est  indispensables   • La  protection  de  la  vie  privée  impose   des  contrôles Welcome  to  a  digital  world  
Sujet  d’actualité…
Explosion  of  IDs #  of   Digital  IDs Business   Automation Partners   (B2B) Company   (B2E) Customers   (B2C) Mobility Internet Client  Server Mainframe ns io pp A t ca li Time Pre  1980’s 1980’s 1990’s 2000’s Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

The  Disconnected  Reality •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data Enterprise Directory •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data • “Identity  Chaos”     – – – – – – – – Nombreux  utilisateurs  et  applications     Nombreuses  ID   Plusieurs  identité  par  utilisateur   Plusieurs  log  in  et  mots  de  passe     Multiple  repositories  of  identity  information   Multiple  user  IDs,  multiple  passwords   Management  décentralisé   Conflits  business  <-­‐>  IT •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk
 HR Finance Office ! Infra   ! Application ! External app ! In-House   Application employee   Application
Multiple  Contexts Customer  satisfaction  &  customer  intimacy   Cost  competitiveness   Reach,  personalization Your  SUPPLIERS Your  CUSTOMERS Collaboration   Outsourcing   Faster  business  cycles;  process   automation   Value  chain Your  COMPANY  and
 your  EMPLOYEES M&A   Mobile/global  workforce   Flexible/temp  workforce Your  REMOTE  and
 VIRTUAL  EMPLOYEES Your  PARTNERS Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

Trends  Impacting  Identity Rising Tide of Regulation and Compliance   SOX, HIPAA, GLB, Basel II, 21 CFR Part 11, …   •$15.5 billion spend on compliance (analyst estimate) Deeper Line of Business Automation and Integration   One half of all enterprises have SOA under development   •Web services spending growing 45% Increasing Threat Landscape   Identity  theft  costs  banks  and  credit  card  issuers  $1.2  billion  in  1  yr   •$250 billion lost from exposure of confidential info Maintenance Costs Dominate IT Budget   On average employees need access to 16 apps and systems   •Companies spend $20-30 per user per year for PW resets Data  Sources:  Gartner,  AMR  Research,  IDC,  eMarketer,  U.S.  Department.  of  Justice
37
Pain  Points IT  Admin Too  many  user   stores  and   account  admin   requests   Unsafe  sync   scripts Developer Redundant   code  in  each   app   Rework  code   too  often End  User Too  many   passwords   Long  waits  for   access  to  apps,   resources Security/  Compliance Too  many   orphaned   accounts   Limited   auditing  ability Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk
 Business
 Owner Too  expensive   to  reach  new   partners,   channels   Need  for   control
3.  IAM  &  Cloud  computing
Cloud  Computing:  Definition • No  Unique  Definition  or  General  Consensus  about  what  Cloud   Computing  is  …   • Different  Perspectives  &  Focuses  (Platform,  SW,  Service  Levels…)   ! • Flavours:   – Computing  and  IT    Resources  Accessible  Online   – Dynamically  Scalable  Computing  Power     – Virtualization  of  Resources   – Access  to  (potentially)  Composable  &  Interchangeable  Services     – Abstraction  of  IT  Infrastructure            !  No  need  to  understand  its  implementation:  use  Services  &  their  APIs   – Some  current  players,  at  the  Infrastructure  &  Service  Level:          SalesfoRce.com,  Google  Apps,  Amazon,  Yahoo,  Microsoft,  IBM,  HP,  etc. 
 
 
 The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

Cloud  Computing:  Implications • Enterprise:          Paradigm  Shift  from  “Close  &  Controlled”  IT  Infrastructures  and  Services  to   Externally  Provided  Services  and  IT  Infrastructures     ! • Private  User:          Paradigm  Shift  from  Accessing  Static  Set  of  Services  to  Dynamic  &  Composable   Services     ! • General  Issues:   –  Potential  Loss  of  Control  (on  Data,  Infrastructure,  Processes,  etc.)   –  Data  &  Confidential  Information  Stored  in  The  Clouds   –  Management  of  Identities  and  Access  (IAM)  in  the  Cloud   –  Compliance  to  Security  Practice  and  Legislation     –  Privacy  Management  (Control,  Consent,  Revocation,  etc.)   –  New  Threat  Environments   –  Reliability  and  Longevity  of  Cloud  &  Service  Providers 
 
 
 The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

Identity  in  the  Cloud:  Enterprise  Case IAM  Capabilities     and  Services   Can  be     Outsourced  in   The  Cloud  …   Identity  & Credentials 
 Service Data   &  Confidential   Information Identity  &   Business   Apps/Service 
 Authentication   Authorization   Audit   Identity  & Credentials Enterprise Employee User  Account   Provisioning/   De-­‐provisioning Credentials Cloud     Data   Provider  #1 &  Confidential   User  Account   On  Demand   Information Provisioning/   Printing   CPUs De-­‐provisioning Service Identity  &   Authentication   CRM   Credentials Authorization   Service Data   Office   Audit Identity  &   Storage   Apps Credentials Data Service   &  Confidential   Identity  &   Cloud     Information … Credentials Provider  #2 Authentication   Authorization   Audit User  Account   Provisioning/   De-­‐provisioning Authentication   Authorization   Audit   Identity  & Credentials Service User  Account   Provisioning/   Service De-­‐provisioning Service  3 … … Internal  Cloud Data   &  Confidential   Backup   ILM  Information Service   Service … The     Internet The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

Identity  in  the  Cloud:  Enterprise  Case Issues  and  Risks  [1/2]   ! ! •  Potential  Proliferation  of  Required  Identities  &  Credentials  to  Access  Services   ! !    !  Misbehaviours  when  handling  credentials  (writing  down,  reusing,  sharing,  etc.)     ! •  Complexity  in  correctly  “enabling”  Information  Flows  across  boundaries          !  Security  Threats                  (Enterprise  !  Cloud  &  Service  Providers,  Service  Provider  !  Service  Provider,  …_   ! •  Propagation  of  Identity  and  Personal  Information  across  Multiple  Clouds/Services        !  Privacy  issues  (e.g.  compliance  to  multiple    Legislations,  Importance  of  Location,  etc.)      !  Exposure  of  business  sensitive  information                (employees’  identities,  roles,  organisational  structures,  enterprise  apps/services,  etc.)      !  How  to  effectively  Control  this  Data?   ! •  Delegation  of  IAM  and  Data  Management  Processes  to  Cloud  and  Service  Providers        !  How  to  get  Assurance  that  these  Processes  and  Security  Practice    are  Consistent  with                        Enterprise  Policies?              -­‐  Recurrent  problem  for  all  Stakeholders:  Enterprise,  Cloud  and  Service  Providers  …     
    !  Consistency  and  Integrity  of  User  Accounts  &  Information  across  various  Clouds/Services   
    !  How  to  deal  with  overall  Compliance  and  Governance  issues?   The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009
 
  
Identity  in  the  Cloud:  Enterprise  Case Issues  and  Risks  [2/2]   ! ! •  Migration  of  Services  between  Cloud  and  Service  Providers   ! ! ! !  !  Management  of  Data  Lifecycle     ! •  Threats  and  Attacks  in  the  Clouds  and  Cloud  Services        !  Cloud  and  Service  Providers  can  be  the  “weakest  links”  in  Security  &  Privacy          !  Reliance  on  good  security  practice  of  Third  Parties         
 
 
 The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

4.Pourquoi  en  avons  nous  besoin? •Sécurité   •Compliance   •Réduction  des  coûts   •Support  pour  l’audit   •Contrôle  d’accès
Source:  ftp://ftp.boulder.ibm.com/software/uk/productnews/tv/vh_-­‐_access_and_identity_management.pdf  
Economies  possibles • Directory  Synchronization   “Improved  updating  of  user  data:  $185  per  user/year”   “Improved  list  management:  $800  per  list”   -­‐  Giga  Information  Group   • Password  Management   “Password  reset  costs  range  from  $51  (best  case)  to  $147  (worst  case)  for   labor  alone.”  –  Gartner   • User  Provisioning   “Improved  IT  efficiency:  $70,000  per  year  per  1,000  managed  users”   “Reduced  help  desk  costs:  $75  per  user  per  year”   -­‐  Giga  Information  Group    
Can  We  Just  Ignore  It  All? • Today,  average  corporate  user   spends  16  minutes  a  day  logging  on   • A  typical  home  user  maintains  12-­‐18   identities   • Number  of  phishing    sites  grew  over   1600%  over  the  past  year   • Corporate  IT  Ops  manage  an  average   of  73  applications  and  46  suppliers,   often  with  individual  directories   • Regulators  are  becoming  stricter   about  compliance  and  auditing   • Orphaned  accounts  and  identities   lead  to  security  problems Source:  Microsoft’s  internal  research  and  Anti-­‐phishing  Working  Group  
IAM  Benefits Benefits today   (Tactical) Save money and improve operational efficiency Improved time to deliver applications and service Benefits to take you forward   (Strategic) New ways of working Improved time to market Enhance Security Regulatory Compliance and Audit Closer Supplier, Customer,   Partner and Employee relationships Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

5.  IAM  to  do  list • Création  et  suppression   automatique  de  comptes   • Gestion  des  traces   • Archivage  (durée??)   • Vie  privée   • Compliance     • Sécurité  <>  risques   • De  plus  en  plus  d’utilisateurs   • E-­‐business
Les  trois  éléments 52
6.  La  protection  des  données  personnelles
Source  :  https://www.britestream.com/difference.html.  
Les  informations  circulent     Qui  vérifie?
Qui  doit  avoir  accès  à  quoi?
 Limitations  légales  !  
Responsabilités  de  l’organisation
TELETRAVAIL  
Informations  sensibles

60
7.  IAM  et  Contrôle
Le  maillon  faible…
Données  reçues  et  transférées
• Que  peut-­‐on   contrôler?   • Limites?   • Correspondance   privée   • Saisies  sur  salaire   • Sanctions  réelles     • Communiquer  les   sanctions?
• Sécurité  organisationnelle   – Département  sécurité   – Consultant  en  sécurité   – Procédure  de  sécurité   – Disaster  recovery
• Sécurité  technique   – – – – – – Risk  analysis   Back-­‐up   Procédure  contre  incendie,  vol,  etc.   Sécurisation  de  l’accès  au  réseau  IT   Système  d’authentification  (identity  management)   Loggin  and  password  efficaces
• Sécurité  juridique   – Contrats  d’emplois  et   information   – Contrats  avec  les  sous-­‐ contractants   – Code  de  conduite   – Contrôle  des  employés   – Respect  complet  de  la   réglementation
Qui  contrôle  quoi  ?
8.  E-­‐discovery
Definition  of  e-­‐discovery • Electronic  discovery  (or  e-­‐discovery)  refers  to  discovery  in  civil   litigation  which  deals  with  information  in  electronic  format   also  referred  to  as  Electronically  Stored  Information  (ESI).     • It  means  the  collection,  preparation,  review  and  production  of   electronic  documents  in  litigation  discovery.     • Any  process  in  which  electronic  data  is  sought,  located,   secured,  and  searched  with  the  intent  of  using  it  as  evidence   in  a  civil  or  criminal  legal  case   • This  includes  e-­‐mail,  attachments,  and  other  data  stored  on  a   computer,  network,  backup  or  other  storage  media.  e-­‐ Discovery  includes  metadata.
Recommandations Organizations  should  update  and/or  create  information   management  policies  and  procedures  that  include:   – e-­‐mail  retention  policies,  On  an  individual  level,  employees  tend  to   keep  information  on  their  hard  drives  “just  in  case”  they  might  need   it.   – Work  with  users  to  rationalize  their  storage  requirements  and   decrease  their  storage  budget.   – off-­‐line  and  off-­‐site  data  storage  retention  policies,     – controls  defining  which  users  have  access  to  which  systems  andunder   what  circumstances,     – instructions  for  how  and  where  users  can  store  data,  and  •  backup   and  recovery  procedures.   – Assessments  or  surveys  should  be  done  to  identify  business  functions,   data  repositories,  and  the  systems  that  support  them.   – Legal  must  be  consulted.  Organizations  and  their  legal  teams  should   work  together  to  create  and/or  update  their  data  retention  policies   and  procedures  for  managing  litigation  holds.
9.  Conclusion • IAM  n’est  pas  uniquement  une   question  informatique  les  aspects   juridiques  et  de  gestion  sont   essentiels   • Attention  aux  aspects  compliance   • Plus  de  sécurité  nécessaire   – Cloud  computing   – Virtualisation   – Data  privacy   – archivage   • Transparence     • E-­‐discovery
L’IAM  est  aussi  une  opportunité Repenser  la  sécurité   Limiter  les  risques   Réduire  les  coûts   Repréciser  les  rôles  et   responsabilités   • Appréhender  les  risques  futurs • • • •
Et  demain? 76 http://www.novell.com/docrep/2013/09/The_Forrester_Wave_IAM_9_4_13.pdf
http://ts.fujitsu.com/rl/Fujitsu_Forum_2013/documentation/BOSB110a_20131030_v3_final_Security.pdf 77
Je suis prêt à répondre à vos questions
Jacques Folon   Jacques.folon@ichec.be

Recommandé

Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)Prof. Jacques Folon (Ph.D)
 
Identity access management
Identity access management Identity access management
Identity access management Prof. Jacques Folon (Ph.D)
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTProf. Jacques Folon (Ph.D)
 
Digital documents & e-discovery
Digital documents & e-discovery Digital documents & e-discovery
Digital documents & e-discovery Prof. Jacques Folon (Ph.D)
 
Identity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarIdentity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarBrian Campbell
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Pragmatic Identity and Access Management: Secure Your Business without Breaki...
Pragmatic Identity and Access Management: Secure Your Business without Breaki...Pragmatic Identity and Access Management: Secure Your Business without Breaki...
Pragmatic Identity and Access Management: Secure Your Business without Breaki...Enterprise Management Associates
 
50 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 050 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 0Ganesh Prasad
 

Recommandé

Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)Prof. Jacques Folon (Ph.D)
 
Identity access management
Identity access management Identity access management
Identity access management Prof. Jacques Folon (Ph.D)
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTProf. Jacques Folon (Ph.D)
 
Digital documents & e-discovery
Digital documents & e-discovery Digital documents & e-discovery
Digital documents & e-discovery Prof. Jacques Folon (Ph.D)
 
Identity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarIdentity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarBrian Campbell
 
Identity and Access Management 101
Identity and Access Management 101Identity and Access Management 101
Identity and Access Management 101Jerod Brennen
 
Pragmatic Identity and Access Management: Secure Your Business without Breaki...
Pragmatic Identity and Access Management: Secure Your Business without Breaki...Pragmatic Identity and Access Management: Secure Your Business without Breaki...
Pragmatic Identity and Access Management: Secure Your Business without Breaki...Enterprise Management Associates
 
50 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 050 data principles for loosely coupled identity management v1 0
50 data principles for loosely coupled identity management v1 0Ganesh Prasad
 
Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management Prof. Jacques Folon (Ph.D)
 
IAM
IAMIAM
IAMProf. Jacques Folon (Ph.D)
 
digital strategy and information security
digital strategy and information securitydigital strategy and information security
digital strategy and information securityProf. Jacques Folon (Ph.D)
 
Australia SharePoint Conference 2012 - Quest Governance Solutions
Australia SharePoint Conference 2012 - Quest Governance SolutionsAustralia SharePoint Conference 2012 - Quest Governance Solutions
Australia SharePoint Conference 2012 - Quest Governance SolutionsChris McNulty
 
How to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsHow to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsIvanti
 
Enterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
Enterprise Logging and Log Management: Hot Topics by Dr. Anton ChuvakinEnterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
Enterprise Logging and Log Management: Hot Topics by Dr. Anton ChuvakinAnton Chuvakin
 
Shadow IT Risk and Reward
Shadow IT Risk and RewardShadow IT Risk and Reward
Shadow IT Risk and RewardChris Haddad
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security OverviewNoah Jaehnert
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...Anton Chuvakin
 
Intro to Identity Management
Intro to Identity ManagementIntro to Identity Management
Intro to Identity ManagementHitachi ID Systems, Inc.
 
Unc cause 2010 Identity and Access Mgmt Panel
Unc cause 2010 Identity and Access Mgmt PanelUnc cause 2010 Identity and Access Mgmt Panel
Unc cause 2010 Identity and Access Mgmt PanelMark Scheible
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentationdanhsmith
 
The user s identities
The user s identitiesThe user s identities
The user s identitiesGiuliano Latini
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
Campus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2Kallex
 
Identity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptIdentity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptmamathajagarlamudi2
 
Introduction to digital strategy
Introduction to digital strategy Introduction to digital strategy
Introduction to digital strategy Prof. Jacques Folon (Ph.D)
 
Ifc jour 1 dpo
Ifc jour 1 dpoIfc jour 1 dpo
Ifc jour 1 dpoProf. Jacques Folon (Ph.D)
 

Contenu connexe

Similaire à IAM

Australia SharePoint Conference 2012 - Quest Governance Solutions
Australia SharePoint Conference 2012 - Quest Governance SolutionsAustralia SharePoint Conference 2012 - Quest Governance Solutions
Australia SharePoint Conference 2012 - Quest Governance SolutionsChris McNulty
 
How to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsHow to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsIvanti
 
Enterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
Enterprise Logging and Log Management: Hot Topics by Dr. Anton ChuvakinEnterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
Enterprise Logging and Log Management: Hot Topics by Dr. Anton ChuvakinAnton Chuvakin
 
Shadow IT Risk and Reward
Shadow IT Risk and RewardShadow IT Risk and Reward
Shadow IT Risk and RewardChris Haddad
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security OverviewNoah Jaehnert
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...Anton Chuvakin
 
Unc cause 2010 Identity and Access Mgmt Panel
Unc cause 2010 Identity and Access Mgmt PanelUnc cause 2010 Identity and Access Mgmt Panel
Unc cause 2010 Identity and Access Mgmt PanelMark Scheible
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentationdanhsmith
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Đỗ Duy Trung
 
Campus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2Kallex
 
Identity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptIdentity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptmamathajagarlamudi2
 

Similaire à IAM (20)

Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management
 
IAM
IAMIAM
IAM
 
digital strategy and information security
digital strategy and information securitydigital strategy and information security
digital strategy and information security
 
Australia SharePoint Conference 2012 - Quest Governance Solutions
Australia SharePoint Conference 2012 - Quest Governance SolutionsAustralia SharePoint Conference 2012 - Quest Governance Solutions
Australia SharePoint Conference 2012 - Quest Governance Solutions
 
How to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access RightsHow to Stay on Top of Users' Identities and their Access Rights
How to Stay on Top of Users' Identities and their Access Rights
 
Enterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
Enterprise Logging and Log Management: Hot Topics by Dr. Anton ChuvakinEnterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
Enterprise Logging and Log Management: Hot Topics by Dr. Anton Chuvakin
 
Shadow IT Risk and Reward
Shadow IT Risk and RewardShadow IT Risk and Reward
Shadow IT Risk and Reward
 
Web Security Overview
Web Security OverviewWeb Security Overview
Web Security Overview
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
How to Gain Visibility and Control: Compliance Mandates, Security Threats and...
 
Intro to Identity Management
Intro to Identity ManagementIntro to Identity Management
Intro to Identity Management
 
Unc cause 2010 Identity and Access Mgmt Panel
Unc cause 2010 Identity and Access Mgmt PanelUnc cause 2010 Identity and Access Mgmt Panel
Unc cause 2010 Identity and Access Mgmt Panel
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
 
The user s identities
The user s identitiesThe user s identities
The user s identities
 
Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?Single sign on (SSO) How does your company apply?
Single sign on (SSO) How does your company apply?
 
Campus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson University
 
The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2The Ball Launch on 2013 Microsoft TechDays Part 1/2
The Ball Launch on 2013 Microsoft TechDays Part 1/2
 
Identity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptIdentity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.ppt
 

Plus de Prof. Jacques Folon (Ph.D)

Rh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENTRh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENTProf. Jacques Folon (Ph.D)
 

Plus de Prof. Jacques Folon (Ph.D) (20)

Introduction to digital strategy
Introduction to digital strategy Introduction to digital strategy
Introduction to digital strategy
 
Ifc jour 1 dpo
Ifc jour 1 dpoIfc jour 1 dpo
Ifc jour 1 dpo
 
Cpas divers sujets
Cpas divers sujets Cpas divers sujets
Cpas divers sujets
 
Ferrer premier cours octobre 2021
Ferrer premier cours octobre 2021Ferrer premier cours octobre 2021
Ferrer premier cours octobre 2021
 
premier cours saint louis sept 2021
premier cours saint louis sept 2021premier cours saint louis sept 2021
premier cours saint louis sept 2021
 
Cmd premier cours sept 2021
Cmd premier cours sept 2021Cmd premier cours sept 2021
Cmd premier cours sept 2021
 
CPAS ET RGPD : direction et DPO
CPAS ET RGPD : direction et DPO CPAS ET RGPD : direction et DPO
CPAS ET RGPD : direction et DPO
 
le RGPD fossoyeur du marketing digital ?
le RGPD fossoyeur du marketing digital ?le RGPD fossoyeur du marketing digital ?
le RGPD fossoyeur du marketing digital ?
 
Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021Ifc gdpr strat digit mai 2021
Ifc gdpr strat digit mai 2021
 
Pandemie et vie privee
Pandemie et vie priveePandemie et vie privee
Pandemie et vie privee
 
GDPR & digital strategy
GDPR & digital strategyGDPR & digital strategy
GDPR & digital strategy
 
Cmd de la stratégie au marketing digital
Cmd de la stratégie au marketing digitalCmd de la stratégie au marketing digital
Cmd de la stratégie au marketing digital
 
Ichec ipr feb 2021
Ichec ipr feb 2021Ichec ipr feb 2021
Ichec ipr feb 2021
 
Strategy for digital business class #1
Strategy for digital business class #1Strategy for digital business class #1
Strategy for digital business class #1
 
E comm et rgpd
E comm et rgpdE comm et rgpd
E comm et rgpd
 
Cmd premier cours
Cmd premier coursCmd premier cours
Cmd premier cours
 
Cmd cours 1
Cmd cours 1Cmd cours 1
Cmd cours 1
 
Le dossier RGPD
Le dossier RGPDLe dossier RGPD
Le dossier RGPD
 
Rh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENTRh et data DANS LE MONDE APRÈS LE CONFINEMENT
Rh et data DANS LE MONDE APRÈS LE CONFINEMENT
 
RGPD et stratégie digitale
RGPD et stratégie digitaleRGPD et stratégie digitale
RGPD et stratégie digitale
 

Dernier

Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxDr.Ibrahim Hassaan
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 

Dernier (20)

Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
Gas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptxGas measurement O2,Co2,& ph) 04/2024.pptx
Gas measurement O2,Co2,& ph) 04/2024.pptx
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 

IAM

  • 1. Identity access management    Jacques  Folon   ! Partner  Edge  Consulting   ! Maître  de  conférences     Université  de  Liège     Chargé  de  cours     ICHEC  Brussels  Management  School     Professeur  invité     Université  de  Lorraine  (Metz)   ISFSC,  HE  F.Ferrer,  HE  LdB  (Bruxelles)   Institut  Arabe  des  Chefs  d’entreprises  (Tunis)   Institut  Africain  de  Management  (Ouagadougou)   !
  • 2. Retrouvez-­‐moi  en  ligne   Jacques.folon@ichec.be https://www.facebook.com/folon.jacques http://www.scoop.it/u/jacques-folon http://www.linkedin.com/in/folon http://jacquesfolon.tumblr.com/ http://fr.slideshare.net/FOLON @jacquesfolon 2
  • 3. Cette  présentation  est  sur       www.slideshare.net/folon   ! elle  est  à  votre  disposition
  • 4. IAM 1. 2. 3. 4. 5. 6. 7. 8. 9. C’est  quoi  ?   Quel  est  le  contexte  actuel?   IAM  &  cloud  computing   Pourquoi  en  avons  nous   besoin?   To  do  list   IAM  et  vie  privée   IAM  et  contrôle   e-­‐discovery   Conclusion
  • 5. 1.  IAM  c’est  quoi  ? Single  Sign    On Password   Management Secure  Remote     Access Fede ratio n Role  based   Managemen t Provisioning Web  Services   Security   iting  & Aud ng eporti R Authorization DRM   Strong ication nt Authe es ctori Dire PKI Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

  • 6.
  • 7. 5 Questions 
 to ask your CISO
  • 8. Q: What’s posted on this monitor? ! a – password to financial application b – phone messages c – to-do’s
  • 9. Q: What determines your employee’s access? ! ! a – give Alice whatever Wally has b – roles, attributes, and requests c – whatever her manager says
  • 10. Q: Who is the most privileged user in your enterprise? ! ! a – security administrator b – CFO c – the summer intern who is now working for your competitor
  • 11. Q: How secure is your
 identity data? ! ! a – It is in 18 different secured stores b – We protect the admin passwords c – Privacy? We don’t hold credit card numbers
  • 12. Q: How much are manual compliance controls costing your organization? ! a – nothing, no new headcount b – don’t ask c – don’t know
  • 13. Today’s IT Challenges More Compliant Business • Increasing regulatory demands • Increasing privacy concerns • Business viability concerns More Agile Business More Secured Business • More accessibility for employees, customers and partners • Higher level of B2B integrations • Faster reaction to changing requirements • Organized crime • Identity theft • Intellectual property theft • Constant global threats
  • 14. State Of Security In Enterprise • Incomplete • Multiple point solutions from many vendors • Disparate technologies that don’t work together ! • Complex • Repeated point-to-point integrations • Mostly manual operations ! • ‘Non-compliant’ • Difficult to enforce consistent set of policies • Difficult to measure compliance with those policies
  • 15. Identity Management Values • Trusted and reliable security ! • Efficient regulatory compliance ! • Lower administrative and development costs ! • Enable online business networks ! • Better end-user experience
  • 16. IAM    n’est  pas  uniquement  une  tâche   informatique  ! La gestion des identités consiste à gérer le cycle de vie des personnes (embauche, promotion, mutation, départ, etc.) au sein de la société et les impacts induits sur le système d’information (création de Comptes utilisateurs, attribution de Profils utilisateurs, mise en œuvre du contrôle d'accès, etc.). source  clusif   15
  • 17. IAM    n’est  pas  uniquement  une  tâche   informatique  ! • Cette gestion des identités doit pouvoir être faite d'un point de vue fonctionnel par des non-informaticiens (exemple : Ressources Humaines, Maîtrise d’ouvrage, l’utilisateur lui-même) • et • d'un point de vue technique par des informaticiens (exemple : administrateur, Maîtrise d’œuvre). source  clusif   16
  • 18. La solution de gestion d’identités doit être une solution globale sur la base d’une infrastructure centralisée avec une gestion fonctionnelle distribuée et qui intègre les fonctionnalités suivantes : ! • la gestion du référentiel central des utilisateurs (alimentation à partir de référentiels utilisateurs sources), • la gestion du référentiel central des ressources concernées par la gestion des droits d’accès, • la gestion des habilitations (gestion des Profils, Rôles, gestion des utilisateurs, workflow), • le provisioning (synchronisation des référentiels cibles de sécurité), • l’administration décentralisée, • l’auto-administration (gestion par les utilisateurs des mots de passe et des données privées), • l’audit et le reporting, • le contrôle d’accès (authentification, autorisation). source  clusif   17
  • 19. Définition • What  is  Identity  Management  ?     “Identity  management  is  the  set   of  business  processes,  and  a   supporting  infrastructure,  for  the   creation,  maintenance,  and  use  of   digital  identities.”  The  Burton  Group   (a  research  firm  specializing  in  IT   infrastructure  for  the  enterprise)   • Identity  Management  in  this   sense  is  sometimes  called   “Identity  and  Access   Management”  (IAM)
  • 20. Identity and Access Management is the process for managing the lifecycle of digital identities and access for people, systems and services. This includes:! User Management – management of large, changing user populations along with delegated- and self-service administration. Access Management – allows applications to authenticate users and allow access to resources based upon policy. Provisioning and De-Provisioning – automates account propagation across applications and systems. Audit and Reporting – review access privileges, validate changes, and manage accountability. CA! IAM : J. Tony Goulding CISSP, ITIL CA t ony.goulding@ca.com! 19
  • 21. IAM  c’est  par  exemple… • “Bonjour  je  suis  Julie,  une   étudiante  d’INFOSAFE.”      (Identité)   • “Ceci  est  mon  mot  de  passe.”       (Authentification)   • “Je  veux  accéder  à  la  plateforme”       (Authorisation  accordée)   • “Je  veux  améliorer  la  note  de  mon   examen.”       (Autorisation  refusée)
  • 22. Mais  c’est  aussi… • Un  nouveau  professeur   • Donc  une  adresse  email,  à   donner  dès  que  possible   • Un  mot  de  passe  sur  ICHEC   Campus   • Un  mot  de  passe  Intranet   • Un  mot  de  passe  IE  Campus   • Définir  les  autres  services   auxquel  il  a  accès
  • 23. Quelles  sont  les  questions  à  se  poser?? • Les  personnes  sont-­‐elles  ce   qu’elles  disent  être?   • Sont-­‐elles  des  membres  réels   de  notre  communauté  ?   • Ont-­‐elles  reçu  les   autorisations  nécessaires  ?   • Le  respect  de  leurs  données   personnelles  est-­‐il  mis  en   place?
  • 24. Exemples  de  questions – Quel  mot  type  de  mot  de  passe  donner?   – Quelles  sont  les  activités  autorisées?   – Quelles  sont  les  activités  interdites?   – A  quelle  catégorie  de  personne  cette  nouvelle   identité  doit-­‐elle  être  attachée?   – A  quel  moment  du  processus  d’entrée  les   autorisations  doivent-­‐elles  être  données?   – Quelles  modalités  de  contrôle  sont  mises  en  place?   Peut-­‐on  prouver  tout  cela  à  un  auditeur  ?
  • 25. Le  triple  A  de  l’IAM Authentication! WHO ARE YOU? Authorization / Access Control! WHAT CAN YOU DO? Audit! WHAT HAVE YOU DONE? 24
  • 26. Components  of  IAM • Administration   – – – – User  Management   Password  Management   Workflow   Delegation   – Account  Provisioning   – Account  Deprovisioning   – Synchronisation Authentication • Identity  Management   Administration – Authentication     – Authorization   Authorization • Access  Management   Reliable Identity Data Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

  • 27. 2.  Contexte  actuel   Quel  est  le  contexte  actuel   qui  est  à  la  base  du   développement  de  l’IAM?
  • 28. Les  identités  multiples  selon  F  Cavazza 27
  • 29. Les  identités  varient  selon  les  plateformes 28
  • 30. Entre  l’identité  virtuelle  et  ... Dans ce contexte, l’amoncellement de parcelles laissées plus ou moins à l’abandon dessine un portrait par petites touches. Un peu comme les tableaux pointillistes : de manière unitaire, aucune des traces n’est réellement significative. Mais le tableau général, lui, représente le sujet dans son ensemble. À la vue de tous et pas forcément sous un angle souhaité… 29 http://www.buschini.com/2009/12/04/identite-­‐traditionnelle-­‐versus-­‐identite-­‐numerique/
  • 31. • Internet  est  basé  sur  des   communications  anonymes   • Les  entreprises  participent  à  de   nombreux  réseaux  générant  de   multiples  identités   • Les  systèmes  internes  ont  parfois  des   systèmes  d’identifiants  différents   • Les  utilisateurs  sont  les  maillons  faibles   de  la  sécurité   • La  criminalité  informatique  augmente   • La  mise  en  place  de  contrôles  impose   l’identification   • La  gestion  des  traces  est  indispensables   • La  protection  de  la  vie  privée  impose   des  contrôles Welcome  to  a  digital  world  
  • 33.
  • 34. Explosion  of  IDs #  of   Digital  IDs Business   Automation Partners   (B2B) Company   (B2E) Customers   (B2C) Mobility Internet Client  Server Mainframe ns io pp A t ca li Time Pre  1980’s 1980’s 1990’s 2000’s Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

  • 35. The  Disconnected  Reality •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data Enterprise Directory •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data • “Identity  Chaos”     – – – – – – – – Nombreux  utilisateurs  et  applications     Nombreuses  ID   Plusieurs  identité  par  utilisateur   Plusieurs  log  in  et  mots  de  passe     Multiple  repositories  of  identity  information   Multiple  user  IDs,  multiple  passwords   Management  décentralisé   Conflits  business  <-­‐>  IT •Authentication •Authorization •Identity Data •Authentication •Authorization •Identity Data Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk
 HR Finance Office ! Infra   ! Application ! External app ! In-House   Application employee   Application
  • 36. Multiple  Contexts Customer  satisfaction  &  customer  intimacy   Cost  competitiveness   Reach,  personalization Your  SUPPLIERS Your  CUSTOMERS Collaboration   Outsourcing   Faster  business  cycles;  process   automation   Value  chain Your  COMPANY  and
 your  EMPLOYEES M&A   Mobile/global  workforce   Flexible/temp  workforce Your  REMOTE  and
 VIRTUAL  EMPLOYEES Your  PARTNERS Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

  • 37. Trends  Impacting  Identity Rising Tide of Regulation and Compliance   SOX, HIPAA, GLB, Basel II, 21 CFR Part 11, …   •$15.5 billion spend on compliance (analyst estimate) Deeper Line of Business Automation and Integration   One half of all enterprises have SOA under development   •Web services spending growing 45% Increasing Threat Landscape   Identity  theft  costs  banks  and  credit  card  issuers  $1.2  billion  in  1  yr   •$250 billion lost from exposure of confidential info Maintenance Costs Dominate IT Budget   On average employees need access to 16 apps and systems   •Companies spend $20-30 per user per year for PW resets Data  Sources:  Gartner,  AMR  Research,  IDC,  eMarketer,  U.S.  Department.  of  Justice
  • 38. 37
  • 39. Pain  Points IT  Admin Too  many  user   stores  and   account  admin   requests   Unsafe  sync   scripts Developer Redundant   code  in  each   app   Rework  code   too  often End  User Too  many   passwords   Long  waits  for   access  to  apps,   resources Security/  Compliance Too  many   orphaned   accounts   Limited   auditing  ability Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk
 Business
 Owner Too  expensive   to  reach  new   partners,   channels   Need  for   control
  • 40. 3.  IAM  &  Cloud  computing
  • 41. Cloud  Computing:  Definition • No  Unique  Definition  or  General  Consensus  about  what  Cloud   Computing  is  …   • Different  Perspectives  &  Focuses  (Platform,  SW,  Service  Levels…)   ! • Flavours:   – Computing  and  IT    Resources  Accessible  Online   – Dynamically  Scalable  Computing  Power     – Virtualization  of  Resources   – Access  to  (potentially)  Composable  &  Interchangeable  Services     – Abstraction  of  IT  Infrastructure            !  No  need  to  understand  its  implementation:  use  Services  &  their  APIs   – Some  current  players,  at  the  Infrastructure  &  Service  Level:          SalesfoRce.com,  Google  Apps,  Amazon,  Yahoo,  Microsoft,  IBM,  HP,  etc. 
 
 
 The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

  • 42. Cloud  Computing:  Implications • Enterprise:          Paradigm  Shift  from  “Close  &  Controlled”  IT  Infrastructures  and  Services  to   Externally  Provided  Services  and  IT  Infrastructures     ! • Private  User:          Paradigm  Shift  from  Accessing  Static  Set  of  Services  to  Dynamic  &  Composable   Services     ! • General  Issues:   –  Potential  Loss  of  Control  (on  Data,  Infrastructure,  Processes,  etc.)   –  Data  &  Confidential  Information  Stored  in  The  Clouds   –  Management  of  Identities  and  Access  (IAM)  in  the  Cloud   –  Compliance  to  Security  Practice  and  Legislation     –  Privacy  Management  (Control,  Consent,  Revocation,  etc.)   –  New  Threat  Environments   –  Reliability  and  Longevity  of  Cloud  &  Service  Providers 
 
 
 The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

  • 43. Identity  in  the  Cloud:  Enterprise  Case IAM  Capabilities     and  Services   Can  be     Outsourced  in   The  Cloud  …   Identity  & Credentials 
 Service Data   &  Confidential   Information Identity  &   Business   Apps/Service 
 Authentication   Authorization   Audit   Identity  & Credentials Enterprise Employee User  Account   Provisioning/   De-­‐provisioning Credentials Cloud     Data   Provider  #1 &  Confidential   User  Account   On  Demand   Information Provisioning/   Printing   CPUs De-­‐provisioning Service Identity  &   Authentication   CRM   Credentials Authorization   Service Data   Office   Audit Identity  &   Storage   Apps Credentials Data Service   &  Confidential   Identity  &   Cloud     Information … Credentials Provider  #2 Authentication   Authorization   Audit User  Account   Provisioning/   De-­‐provisioning Authentication   Authorization   Audit   Identity  & Credentials Service User  Account   Provisioning/   Service De-­‐provisioning Service  3 … … Internal  Cloud Data   &  Confidential   Backup   ILM  Information Service   Service … The     Internet The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

  • 44. Identity  in  the  Cloud:  Enterprise  Case Issues  and  Risks  [1/2]   ! ! •  Potential  Proliferation  of  Required  Identities  &  Credentials  to  Access  Services   ! !    !  Misbehaviours  when  handling  credentials  (writing  down,  reusing,  sharing,  etc.)     ! •  Complexity  in  correctly  “enabling”  Information  Flows  across  boundaries          !  Security  Threats                  (Enterprise  !  Cloud  &  Service  Providers,  Service  Provider  !  Service  Provider,  …_   ! •  Propagation  of  Identity  and  Personal  Information  across  Multiple  Clouds/Services        !  Privacy  issues  (e.g.  compliance  to  multiple    Legislations,  Importance  of  Location,  etc.)      !  Exposure  of  business  sensitive  information                (employees’  identities,  roles,  organisational  structures,  enterprise  apps/services,  etc.)      !  How  to  effectively  Control  this  Data?   ! •  Delegation  of  IAM  and  Data  Management  Processes  to  Cloud  and  Service  Providers        !  How  to  get  Assurance  that  these  Processes  and  Security  Practice    are  Consistent  with                        Enterprise  Policies?              -­‐  Recurrent  problem  for  all  Stakeholders:  Enterprise,  Cloud  and  Service  Providers  …     
    !  Consistency  and  Integrity  of  User  Accounts  &  Information  across  various  Clouds/Services   
    !  How  to  deal  with  overall  Compliance  and  Governance  issues?   The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009
 
  
  • 45. Identity  in  the  Cloud:  Enterprise  Case Issues  and  Risks  [2/2]   ! ! •  Migration  of  Services  between  Cloud  and  Service  Providers   ! ! ! !  !  Management  of  Data  Lifecycle     ! •  Threats  and  Attacks  in  the  Clouds  and  Cloud  Services        !  Cloud  and  Service  Providers  can  be  the  “weakest  links”  in  Security  &  Privacy          !  Reliance  on  good  security  practice  of  Third  Parties         
 
 
 The  Future  of  Identity  in  the  Cloud:  Requirements,  Risks  &  OpportunitiesMarco Casassa Mont marco.casassa-mont@hp.com HP Labs Systems Security Lab Bristol, UK - EEMA  e-­‐Identity  Conference,  2009

  • 46. 4.Pourquoi  en  avons  nous  besoin? •Sécurité   •Compliance   •Réduction  des  coûts   •Support  pour  l’audit   •Contrôle  d’accès
  • 48. Economies  possibles • Directory  Synchronization   “Improved  updating  of  user  data:  $185  per  user/year”   “Improved  list  management:  $800  per  list”   -­‐  Giga  Information  Group   • Password  Management   “Password  reset  costs  range  from  $51  (best  case)  to  $147  (worst  case)  for   labor  alone.”  –  Gartner   • User  Provisioning   “Improved  IT  efficiency:  $70,000  per  year  per  1,000  managed  users”   “Reduced  help  desk  costs:  $75  per  user  per  year”   -­‐  Giga  Information  Group    
  • 49. Can  We  Just  Ignore  It  All? • Today,  average  corporate  user   spends  16  minutes  a  day  logging  on   • A  typical  home  user  maintains  12-­‐18   identities   • Number  of  phishing    sites  grew  over   1600%  over  the  past  year   • Corporate  IT  Ops  manage  an  average   of  73  applications  and  46  suppliers,   often  with  individual  directories   • Regulators  are  becoming  stricter   about  compliance  and  auditing   • Orphaned  accounts  and  identities   lead  to  security  problems Source:  Microsoft’s  internal  research  and  Anti-­‐phishing  Working  Group  
  • 50. IAM  Benefits Benefits today   (Tactical) Save money and improve operational efficiency Improved time to deliver applications and service Benefits to take you forward   (Strategic) New ways of working Improved time to market Enhance Security Regulatory Compliance and Audit Closer Supplier, Customer,   Partner and Employee relationships Source:  Identity  and  Access  Management:  OverviewRafal  Lukawiecki  -­‐    Strategic  Consultant,  Project  Botticelli  Ltd  rafal@projectbotticelli.co.uk

  • 51. 5.  IAM  to  do  list • Création  et  suppression   automatique  de  comptes   • Gestion  des  traces   • Archivage  (durée??)   • Vie  privée   • Compliance     • Sécurité  <>  risques   • De  plus  en  plus  d’utilisateurs   • E-­‐business
  • 53. 6.  La  protection  des  données  personnelles
  • 55. Les  informations  circulent     Qui  vérifie?
  • 56. Qui  doit  avoir  accès  à  quoi?
 Limitations  légales  !  
  • 60. 60
  • 61.
  • 62. 7.  IAM  et  Contrôle
  • 64. Données  reçues  et  transférées
  • 65.
  • 66. • Que  peut-­‐on   contrôler?   • Limites?   • Correspondance   privée   • Saisies  sur  salaire   • Sanctions  réelles     • Communiquer  les   sanctions?
  • 67. • Sécurité  organisationnelle   – Département  sécurité   – Consultant  en  sécurité   – Procédure  de  sécurité   – Disaster  recovery
  • 68. • Sécurité  technique   – – – – – – Risk  analysis   Back-­‐up   Procédure  contre  incendie,  vol,  etc.   Sécurisation  de  l’accès  au  réseau  IT   Système  d’authentification  (identity  management)   Loggin  and  password  efficaces
  • 69. • Sécurité  juridique   – Contrats  d’emplois  et   information   – Contrats  avec  les  sous-­‐ contractants   – Code  de  conduite   – Contrôle  des  employés   – Respect  complet  de  la   réglementation
  • 72. Definition  of  e-­‐discovery • Electronic  discovery  (or  e-­‐discovery)  refers  to  discovery  in  civil   litigation  which  deals  with  information  in  electronic  format   also  referred  to  as  Electronically  Stored  Information  (ESI).     • It  means  the  collection,  preparation,  review  and  production  of   electronic  documents  in  litigation  discovery.     • Any  process  in  which  electronic  data  is  sought,  located,   secured,  and  searched  with  the  intent  of  using  it  as  evidence   in  a  civil  or  criminal  legal  case   • This  includes  e-­‐mail,  attachments,  and  other  data  stored  on  a   computer,  network,  backup  or  other  storage  media.  e-­‐ Discovery  includes  metadata.
  • 73. Recommandations Organizations  should  update  and/or  create  information   management  policies  and  procedures  that  include:   – e-­‐mail  retention  policies,  On  an  individual  level,  employees  tend  to   keep  information  on  their  hard  drives  “just  in  case”  they  might  need   it.   – Work  with  users  to  rationalize  their  storage  requirements  and   decrease  their  storage  budget.   – off-­‐line  and  off-­‐site  data  storage  retention  policies,     – controls  defining  which  users  have  access  to  which  systems  andunder   what  circumstances,     – instructions  for  how  and  where  users  can  store  data,  and  •  backup   and  recovery  procedures.   – Assessments  or  surveys  should  be  done  to  identify  business  functions,   data  repositories,  and  the  systems  that  support  them.   – Legal  must  be  consulted.  Organizations  and  their  legal  teams  should   work  together  to  create  and/or  update  their  data  retention  policies   and  procedures  for  managing  litigation  holds.
  • 74. 9.  Conclusion • IAM  n’est  pas  uniquement  une   question  informatique  les  aspects   juridiques  et  de  gestion  sont   essentiels   • Attention  aux  aspects  compliance   • Plus  de  sécurité  nécessaire   – Cloud  computing   – Virtualisation   – Data  privacy   – archivage   • Transparence     • E-­‐discovery
  • 75. L’IAM  est  aussi  une  opportunité Repenser  la  sécurité   Limiter  les  risques   Réduire  les  coûts   Repréciser  les  rôles  et   responsabilités   • Appréhender  les  risques  futurs • • • •
  • 78. Je suis prêt à répondre à vos questions