1 / 34

Access Governance: The New Way to Approach Identity Management

Access Governance: The New Way to Approach Identity Management . Tom Crabb Senior Product Marketing Manager tcrabb@netiq.com June 18, 2012. Simple Sales Model. Solution Development. Proposal. Agreement. Identification and Alignment. Opportunity Creation. Needs Analysis.

jadyn
Download Presentation

Access Governance: The New Way to Approach Identity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Access Governance: The New Way to Approach Identity Management Tom Crabb Senior Product Marketing Manager tcrabb@netiq.com June 18, 2012

  2. Simple Sales Model SolutionDevelopment Proposal Agreement Identificationand Alignment OpportunityCreation NeedsAnalysis Enabling You to Succeed at Every Gate within the Process Access to Power How to have the right business conversations Solution Picture Mapping a NetIQ solution to exactly address a business pain or priority How to Close Successful Negotiating Win the Deal, without giving away the Crown Jewels! How to Open Doors Use Reference Stories and pre-call research to craft a winning Business Development approach Situational Fluency How to arm yourself with the right knowledge to talk at any level with confidence Finding What You Need, When You Need It How to locate and use the right Enablement content at the right time

  3. Situational Fluency Successful conversations with existing and potential customers are founded on your ability to show understanding of the world they live in, the business issues they face, and the ability to speak their language. This enablement session reviews the business drivers for Access Governance and how to conduct appropriate conversations. 15% of Business Leaders indicate that conversations they have with sales reps are of value to them. How valuable are your conversations?

  4. Preparing to Understand Your CustomerUnderstand them, Don’t just know them • Who are they? What do they do? • Size, industry, history, recent press, financial info, etc. • Key players, regulatory environment, business drivers • Why should you take the time to do this? • Identify the drivers, you identify the budget • Expand your contact strategy of who to talk to • Helps you tailor your conversation to the customer – talk about what is important to them • Differentiates you from your competitors – people don’t take the time to do this

  5. The Key Business Drivers

  6. The New Extended Enterprise RealityExtended Enterprise Presents Challenges In Three Dimensions Forrester Research, Inc. “Navigate The Future Of Identity And Access Management” - Eve Maler, March 22. 2012

  7. The New Extended Enterprise RealityExtended Enterprise Presents Challenges In Three Dimensions Forrester Research, Inc. “Navigate The Future Of Identity And Access Management” - Eve Maler, March 22. 2012

  8. How does the extended enterprise, change and complexityspecifically relate to selling Access Governance?

  9. Change and ComplexityWhat is causing organizations to rethink access governance? Regulations are ever changing • More Government and Industry oversight Attacks are increasing – inside and outside • Business and systems are more complex than ever The cloud is here • SaaS applications, anything as a service Everyone’s gone mobile • Personal computers, tablets, smart phones, etc. Budgets are shrinking • Business is more involved in IT, looking for transparency

  10. Regulatory & Oversight Pressures Internal Audit Board of Directors – Oversight Groups

  11. Mitigate Risk – Stay Out of the Press ~ $2 Billion Loss ~ $7 Billion Loss

  12. Opening Doors:Finding Opportunities

  13. Working with customers like you… • Leading Global Insurance Company – more than 43 million customers worldwide and 36,000 employees, EMEA HQ • Business Challenge: Difficulty in meeting government and industry regulations due to global distributed scope of business Needs Solution Results • Gain enterprise-wide visibility into identity and access data and consistently certify employee access privileges across the enterprise. • Within six months the company began seeing a return on their investment. The new solution will save the equivalent of 50 full-time employees in testing and documenting access alone. • Manual processes typically resulted in 3 to 5 percent of entitlements being revoked – with increased visibility and automation the level went beyond 10 percent and more than 22,000 inappropriate entitlements were revoked. • Multitude of regulations worldwide such as the US Sarbanes-Oxley act requires the company to ensure the integrity of information and prove compliance • Ensure entitlements granted to employees match the need/role and follow policy • Eliminate SoD policy violations along with inappropriate privileged access

  14. Working with customers like you… • Large Lending Institution – 25 million customers and over $234 billion in education loans and other financial services • Business Challenge: Compliance with SOX, SAS 70 Audits, and FISMA regulations Needs Solution Results • The financial services provider’s primary need was to more effectively and efficiently ensure FISMA compliance while also addressing other regulatory requirements. AGS allows administrators to detect and prevent unauthorized or inappropriate access to critical information. • AGS also automates access certification and simplifies the reports the business must review and validate. • Within six months the quarterly access certifications were automated for 52 applications and completely eliminated the need for the time consuming process previously done with spreadsheets and manual review. • They were also able to implement role based access to help streamline user administration • As a public company in the financial services sector it must comply with Sarbanes-Oxley, PCI-DSS and other industry regulations and standards. • The company conducts multiple SAS 70 audits annually to comply with vendor requirements and also must comply with FISMA due to its work with the US Government

  15. Accessing Power:Who Am I Selling To?

  16. The Sweet Spot for Access Governance Upcoming regulatory event or deadline or need to overcome an audit deficiency – need to comply with some regulation Highly regulated industry or entity: finance, banking, healthcare, or government. ExistingIdentity Manager customers or customers who understand the NetIQ vision and plan to buy other NetIQ solutions

  17. Who Am I Selling To?The roles will vary from organization to organization • Where do you start? • Service Manager/Business Partner for Finance • IDM/DRA contacts • Key Players • Information Security Team • Chief Information Security Officer • Director of Information Security • CFO / CFO’s Office • Internal Audit • IT Identity and Security Team

  18. Solution Picture:Mapping Value to Customer Pain

  19. Why Do People Buy Access Governance? • Compliance with governmental or industry regulations • Manual processes are not adequate anymore • Too slow, too expensive, inaccurate, etc. • Meaningful compliance vs. check box compliance • Audit deficiency • The auditor’s job is to find issues with the business – mitigate risk • Key to effective identity and regulatory management • Get IT out of the business of making business decisions • Basis for defining roles in the organization – business driven

  20. Access Certification is the Key ValueAccess Governance provides the needed visibility to the business What is being accessed? Who has access to what? When was the access granted? Where is the access originating from? Is the access appropriate? Why was the access granted?

  21. Key Access Governance Values • Access Certification • Who has access to what and is it appropriate for their role? • Attestation, comply with regulations and policies • Access Request • Risk Analysis • Role Based Management • Provisioning (when coupled with Identity Manager)

  22. Characteristics of a Good Opportunity • Customer Profile for Good Opportunity • Existing Identity Manager customer or new customer that understands the NetIQ vision and intends to add more NetIQ solutions • Large to very large customers (Can’t do it with a spreadsheet) • Regulated– government, industry, internal audit, etc. • High rate of change • Business is actively seeking a tool to help them do the work and get IT out of the business of making business decisions

  23. Summary

  24. The Expanding Enterprise Will Continue to Present New Challenges Forrester Research, Inc. “Navigate The Future Of Identity And Access Management” - Eve Maler, March 22. 2012

  25. What challenges are you facing?  What are the business initiatives you're currently working on?  What is driving change in your organization? Cloud computing, SaaS applications? eCommerce, partner initiatives? BYOD? Regulations? Breaches / security concerns? Relate these back to AGS Continuing The Conversation Forrester Research, Inc. “Navigate The Future Of Identity And Access Management” - Eve Maler, March 22. 2012

  26. Follow Simple Sales Model

  27. Who is NetIQ? NetIQ is a global software company focused on Identity, Security, Governance, and IT Operations Management solutions. Why is NetIQ the provider of choice? Customers and partners choose NetIQ to achieve business value from their IT systems because NetIQ consistently delivers the expected customer outcome with a focused, customer centered approach. What’s special about NetIQ? NetIQsolutions integrate seamlessly with existing infrastructures and employ a holistic, service foundation, which allows IT professionals to intelligently manage their business services. Sell NetIQWho we are makes us unique and differentiates our solution Excellent technology, exceptional customer service, and ease of doing business

  28. Terms You May Hear • Access Certification or Attestation • Who has access to what on my team? How do they do this today? • Access Request • How do I gain access to an application or resource? How is this presented to the user? • Sarbanes-Oxley, PCI-DSS, Basel, HIPAA, EU Directive on Privacy • Page 34 of the Identity Manager Sales Guide • Compliance • Adherence to established business policies or regulatory requirements • SoD • Separation of duties • IDM • Identity Management or Identity Manager – this is how they automate fulfillment requests

  29. What products make up this solution? Identity and Access Governance Access Governance Suite Identity Manager

  30. Enablement Offerings

  31. Providing Further Context to the Conversation • Access Governance Curriculum (end of June) • AGS Sales Essentials video • AGS ChalkTalks • AGS Conversation Card • Webcast recording • NetIQ U • Provo: June 11-13 just completed – next session: October • Amsterdam: June 18-20

  32. Questions?

More Related