http://www.IDMChecklist.com
The 4 Web Access Management Problems that Lead to Regulatory Fines (SlideShare).
SOX rules on web access management are clear. Is your firm at risk for regulatory fines?
Copyright (C) InfraMatix. All worldwide rights reserved.
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
The 4 Web Access Management Problems that Lead to Regulatory Fines (SlideShare)
1. Courtesy of InfraMatix
http://www.IDMChecklist.com
The 4 Web Access Management Problems that Lead to Regulatory Fines
2. The legislation reads, in part, that a company must verify
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
3. “…company transactions are properly authorized, recorded, and reported according
to GAAP, and that assets
are safeguarded from unauthorized use.”
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
4. The optimal word here is “authorized”
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
5. Web access management tools, like Oracle Access Manager or CA Single Sign-On, check two items:
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
9. Authorization is the process
of checking the user for
proper authority to access
the application
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
10. In identity management (IDM) systems, this authorization
is usually driven by “roles”
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
11. Roles are an abstraction
that sets the attributes, groups, and DN (Distinguished Name) of the user in LDAP (Lightweight Directory Access Protocol)
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
12. or Active Directory
(e.g., title=VP; cn=banking; ou=operations, dc=company, dc=com)
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
13. Web Access Management Mistakes
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
14. There are two general areas where a single sign-on,
web access system can
go wrong with regards
to granting access:
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
15. (1)problems in the access management tool itself
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
16. (2) problems with user provisioning
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
17. Replication and Sync Issues
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
18. In a high-availability environment, the web access manager load balances between LDAP or Active Directory user stores
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
19. These can have latency issues with replication
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
20. A change made in one server might not make it to another server for several hours
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
22. Any technical or procedural problems with the IDM system will leave people with access they should not have
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
23. Lack of a Common Approach
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
24. When the web access manager is responsible for authorization,
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
25. risks can be prevented unless the policies in the access manager are driven by roles granted by an IDM system
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
27. If the web access manager handles authorization for those, then these ERP systems need
to replicate the roles in those systems to the common
user store
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
28. Bottom Line
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
29. The take away message here
is that a web access management system should
be coupled with some kind of IDM system in order to reduce
the kinds of errors listed above
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
30. and, ultimately, regulatory fines
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
31. This gives one system control over the data used as the source for web access management
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
32. What is yourexperience
with web access
management products?
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix
33. Please share yourthought
in the Comments box below.
Sponsored by http://www.IDMChecklist.com
Veera Sandiparthi Founder of InfraMatix