How Much Risk Is Too Much 129715
How Much Risk Is Too Much 129715
How Much Risk Is Too Much 129715
2
TODAY’S SPEAKER
Sumner Blount
Director of Security Solutions
CA Technologies
3
AGENDA
5 KEY RECOMMENDATIONS
My Goal: To give you ideas (not answers) to take back to your own
environment.
4
THE APPLICATION ECONOMY IS HERE
Half of enterprises today say the application economy is significantly disrupting
their industry—while 44% say it is doing the same to their own organization.1
-- CA Technologies with Vanson Bourne
Sources:
1. CA Vanson Bourne Study Apps are driving the business!
2. eMarketer study
3. McKinsey Global Institute, Disruptive Technologies, advances that will transform life, business and the global economy, May 2013
4. GMSA Intelligence, From Concept to Delivery, the M2M Market Today, Feb. 17, 2014
5
Where does Security Fit?
Customers / Citizens
Attacks will increasingly focus
on individuals
Partners
Employees /
Administrators
8
NEW REALITY FOR SECURITY
Cloud Services
Customers / Citizens
Applications move outside the
perimeter to the cloud
Partners
On Premise Apps
Employees /
Administrators
9
NEW REALITY FOR SECURITY
Cloud Services
Customers / Citizens
Existing and new applications
are mobile first
Partners
On Premise Apps
Employees /
Administrators
10
NEW REALITY FOR SECURITY
Cloud Services
Customers / Citizens
User Experience will
determine success
Partners
On Premise Apps
Employees /
Administrators
11
NEW REALITY FOR SECURITY
Cloud Services
Understanding and
Customers / Citizens managing the identity
context of the people and
resources involved is key to
Partners the future of security
On Premise Apps
Employees /
Administrators
12
IDENTITY IS AT THE CENTER OF THE OPEN ENTERPRISE
Employees /
Partners
13
THE WORLD OF
IDENTITY
MANAGEMENT &
GOVERNANCE…
…HAS GOTTEN MORE
COMPLEX
IDENTITY MANAGEMENT IS SHIFTING FROM BEING IT-CENTRIC TO
BUSINESS-CENTRIC…
15
BRIDGING THE GAP BETWEEN IT AND BUSINESS USERS
Business
IT-aware users
users
16
FUNCTIONAL REQUIREMENTS TO MEET THESE NEEDS
One-Stop Certification
Shop for campaign
identity info workflow
Business
Entitlements Risk scoring
Catalog & simulation
17
KEY CAPABILITY: BUSINESS ENTITLEMENT CATALOG
MOVING FROM IT TERMS….. ….TO BUSINESS TERMS
SVRFin33_Access Internet
Access
VPN_TANT01_GROUP23
DICTIONARY
SAP_View_Rep_BZ50
SAP
CRM
SAP_Portal_M45
HR_SEC_SYSJA01_
RPTA
HR
Portal
IM_PRVN_Portal_002
BIZOBJ_AUDIT_J100I
Online
AD_GROUP_002_All
Payroll
18
ANOTHER KEY CAPABILITY:
CONTEXTUAL, RISK-BASED SIMULATION AND ANALYSIS
• User authentication
• Analyze current context (device, geolocation, ToD, user
history) to determine risk level of authentication attempt
• If risk is high, reject request or require step-up authentication
19
BUT, THE IT USER HAS NEEDS TOO!
Fast Policy
provisioning enforcement
Compliance
Application reporting &
connectivity auditing
20
THE IDENTITY MANAGEMENT & GOVERNANCE LIFECYCLE
Business-
Oriented User
Experience
21
KEY IDENTITY MANAGEMENT CAPABILITIES
Management Business-
Oriented User
Experience
CAPABILITIES Requirements:
Automated provisioning… • Broad support for
…to on-premise & cloud apps
provisioning connectors
User self-service
IDENTITY to enterprise apps
MANAGEMENT • Simple user self-
& service across devices
GOVERNANCE
BUSINESS VALUE
LIFECYCLE
Increased efficiencies
Reduced Help Desk costs
Maintain business agility for
cloud adoption
22
KEY IDENTITY GOVERNANCE CAPABILITIES
Business- Governance
Oriented User
Experience
CAPABILITIES
Role mining & analytics
Requirements: Privilege clean-up
• Comprehensive role Access requests
Automated access certifications
mining and ongoing IDENTITY
privilege cleanup… MANAGEMENT
• Intuitive access requests &
and approvals GOVERNANCE
LIFECYCLE BUSINESS VALUE
Simplify user management
Highlights improper
entitlements
Simplified compliance
Prevents policy violations
23
WE ALSO GOVERN PRIVILEGED IDENTITIES?
BECAUSE…BREACHES ARE BECOMING MORE FREQUENT AND
DESTRUCTIVE
Cybercrime
Target—70 million credit cards stolen
Home Depot—56 million credit cards stolen
JP Morgan Chase—76 million account records stolen
Cyberespionage
Anthem—80 million personal records stolen
Forbes.com and unidentified health insurer—targeted (defense contractors, government workers)
information gathering of individual data
24
PRIVILEGED IDENTITIES ARE THE PRIMARY
ATTACK POINT
“Stealing and
exploiting
privileged
accounts is a
critical success
factor for
attackers in 100
percent of all
advanced
attacks,
regardless of
attack origin.”
- Cybersheath Security
Report, 2014
25
A DEFENSE-IN-DEPTH MODEL FOR BREACH PREVENTION
Simple deployment
In-depth protection for critical servers
Risk Analytics
Certifications
Proxy-based security
Host-based security
DEFENSE IN DEPTH
26
Recommendations
ENGAGE WITH THE BUSINESS TO HELP DRIVE ADOPTION
28
MAKE BUSINESS USERS RESPONSIBLE FOR GOVERNANCE
29
EXTEND GOVERNANCE TO PRIVILEGED USERS
30
LET THE BUSINESS GOVERN THE PROCESS
31
CONSIDERATIONS SUMMARY
32
QUESTIONS?
33
THANK YOU
FOR ATTENDING
THIS WEBINAR
LEARN MORE @
WWW.ISACA.ORG/WEBINARS