http://www.IDMChecklist.com The 4 Web Access Management Problems that Lead to Regulatory Fines (SlideShare). SOX rules on web access management are clear. Is your firm at risk for regulatory fines? Copyright (C) InfraMatix. All worldwide rights reserved.

1. Courtesy of InfraMatix
http://www.IDMChecklist.com
The 4 Web Access Management Problems that Lead to Regulatory Fines

2. The legislation reads, in part, that a company must verify
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

3. “…company transactions are properly authorized, recorded, and reported according
to GAAP, and that assets
are safeguarded from unauthorized use.”
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

4. The optimal word here is “authorized”
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

5. Web access management tools, like Oracle Access Manager or CA Single Sign-On, check two items:
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

6. Credentials
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

7. Credentials are the user ID
and password
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

8. Authorization
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

9. Authorization is the process
of checking the user for
proper authority to access
the application
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

10. In identity management (IDM) systems, this authorization
is usually driven by “roles”
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

11. Roles are an abstraction
that sets the attributes, groups, and DN (Distinguished Name) of the user in LDAP (Lightweight Directory Access Protocol)
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

12. or Active Directory
(e.g., title=VP; cn=banking; ou=operations, dc=company, dc=com)
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

13. Web Access Management Mistakes
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

14. There are two general areas where a single sign-on,
web access system can
go wrong with regards
to granting access:
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

15. (1)problems in the access management tool itself
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

16. (2) problems with user provisioning
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

17. Replication and Sync Issues
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

18. In a high-availability environment, the web access manager load balances between LDAP or Active Directory user stores
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

19. These can have latency issues with replication
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

20. A change made in one server might not make it to another server for several hours
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

21. Offboarding
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

22. Any technical or procedural problems with the IDM system will leave people with access they should not have
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

23. Lack of a Common Approach
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

24. When the web access manager is responsible for authorization,
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

25. risks can be prevented unless the policies in the access manager are driven by roles granted by an IDM system
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

26. Proprietary Provisioning
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

27. If the web access manager handles authorization for those, then these ERP systems need
to replicate the roles in those systems to the common
user store
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

28. Bottom Line
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

29. The take away message here
is that a web access management system should
be coupled with some kind of IDM system in order to reduce
the kinds of errors listed above
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

30. and, ultimately, regulatory fines
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

31. This gives one system control over the data used as the source for web access management
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

32. What is yourexperience
with web access
management products?
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

33. Please share yourthought
in the Comments box below.
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix

34. Copyright © InfraMatix
Is Your Company Adequately Protected from Security Risks?
Download the Free 8 Point Identity Management Checklist Now at http://www.IDMChecklist.com