Documente Academic
Documente Profesional
Documente Cultură
2 Agenda
Hitachi ID corporate overview.
The user management lifecycle.
Effective user lifecycle management with the Hitachi ID Suite:
4 Representative Customers
5 Hitachi ID Suite
6 Business Challenges
Slow: Role changes:
More IT more too much paper, add/remove rights.
too many people.
users to manage. Expensive:
Policies:
enforced?
There are too many administrators Audit:
doing redundant work. are privileges appropriate?
challenges Org. relationships:
throughout the track and maintain.
user lifecycle.
Support cost.
User service.
Security. Reliable: Passwords:
notification of terminations. too many, too weak,
Fast: often forgotten.
response by sysadmins. Access:
Complete: Why cant I access that
deactivation of all IDs. application / folder / etc.
7 HiIM Features
Automation:
Provision joiners, deactivate leavers.
Multiple HR feeds.
Requests portal:
Self-service profile updates.
Delegated security change requests.
Security controls:
Access certification.
RBAC and SoD.
Reports on current entitlements, history.
Workflow process:
Authorizers.
Implementers.
Certifiers.
Integrations:
110+ bidirectional connectors, included.
Incident management, SIEM, e-mail interfaces.
Manage building access, physical assets.
Identity synchronization:
Consistent data among apps.
8 HiPM Features
Password synch:
Reduce the number of passwords per user.
Self service:
Password reset.
Clear lockout.
Smart card PIN reset.
Token PIN reset.
HDD key recovery.
Access from:
PC browser or login screen.
At the office or remote.
Smart phone or voice call.
Assisted service:
Password, token PIN, intruder lockout.
Policy enforcement:
Password complexity, expiry, history.
Non-password authentication.
Managed enrollment:
Security questions.
Login IDs.
Mobile phone numbers.
9 HiPAM Features
Auto-discovery:
Find systems, accounts.
Attach policy.
Random passwords:
Default is daily.
Secure storage:
Replicated (with fault tolerance/queue).
Encrypted.
Geographically distributed.
Access controls:
Policy: who can sign into which account?
Workflow controls:
One time request/approval/login.
Single sign-on:
Launch SSH, RDP, vSphere, SQL, etc.
Alternately: display password, temporary group membership,
temporary SSH trust/SUDO rights.
Application passwords:
Notify SCM, IIS, Scheduler, DCOM of new passwords.
API to eliminate embedded passwords.
Logging:
Requests, approvals, logins to privileged accounts.
Session monitoring:
Screen, keyboard, webcam, process ID, window title, etc.
10 Multi-Master Architecture
ord ,
sw nix
as , U 0, d,
ep
tiv nge AD S/39 P, o ste
a
N ha O DA 0 -h s
c L S 40 ud app
A ch
s y n ms
Clo aaS
ord yste
S
w
ss r s
Pa igge
pw tr
ate ith
Va
lid s w 90,
s tem OS/3
y : SA s
t s nt ce
ge ge r R rvi
ad cer Tar cal a , olde b se
Lo alan o
l nix e
b W h L,
Hitachi ID u wit SQ
server t ems : AD,
ys nt
se y t s ge etc
ver rox ge e a es,
Re eb p SQL Tar mot Not
w DB re AP,
S
N
VP erver n
s ad cer tio
Lo alan s ca B
pli
b tion ons SQL
ca ati
DB Re
nter
tifi vit e
IVR erver No nd in
t ac
Da
s a Hitachi ID
ts
ke server
Tic
m
ste ord r
ail
Sy f rec
o Fir
ew
all
ente
E-mystem c
t
ge ms ta
s
nt ste
m all Tar yste da
ide sy ew S te
mo
TCP/IP + AES Fir
Inc gmt
Various Protocols m
HR rA erv
er Re
Secure Native Protocol ente x y s ded)
c Pro f nee
ta (i
Da
HTTPS
11 Included Connectors
Many integrations to target systems included in the base price:
13 Competitive Advantages
500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com