Brainwave General Manager Cyril Gollain delivers this Solution Showcase session.
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
4. What we do
•
Our software helps our customers better control
compliance and assess the risks related to
permissions and access on any kind of resource
•
Who can access NASsecretverysecretdocument.xls?
•
Are there users who can access remotely to the
ERP and issue bank transfers?
•
Who left the Accounting Department and kept
access to our data over the last six months?
6. Access rights control:
Compliance is at stake!
• As stated by Deloitte in their GFSI Security Survey,
top external audit findings are about excessive
access rights, Segregation of duties breaches
and developper access to production systems
http://www.deloitte.com/gfsi/securitysurvey
6
10. Benefits
• Improve Data Quality
• Automate controls over fine-grained entitlements
• Even on very large scale (100M+ access rights, 1000s of SoD
rules…)
• Provide operational reporting on top of IAM
infrastructure
• Build business-oriented review / recertification
processes…
14. Identity GRC + OpenIDM
Automated
remediation actions
Manual operations
Automated provisioning
IT Resources
Accounts and fine-grained access rights information
Identities and access
rights assignments
HR and
organization-related
information
Access logs
•
•
•
•
•
14
Access rights reconciliation
Theoretical rights control
Account Recertification process
Remediation process
Controls & Insight
15. Integration with
OpenIDM
• Simple interface (REST services)
• easy to implement and maintain, easy to package
• Ability to automate remediation
• or to mix manual/automated scenarios
• Ability to demonstrate improvement over time
• Enforce remediation, track status, verify desired state
• Nice, customizable GUI and workflow processes