Summit Tracks
Real IAM Alternatives
This track examines the broader impact of IT security on IAM and incorporates ‘alternative’ technologies such as security information and event management (SIEM), data loss prevention (DLP), and network access control (NAC) into the IAM discussion.
Sessions
Trust But Verify; Best Practices in Fraud Prevention
14 November, 2011 (09:30 AM - 10:30 AM)
Identity vetting for credentialing and strong authentication of users once you issue credentials just isn’t sufficient anymore to protect enterprise systems. Indeed, the bad guys have beaten most identity proofing and authentication systems, and enterprises should not kid themselves into thinking their systems are sufficiently protected with just these measures. Instead a Trust but Verify approach is warranted, where users are ‘continually authenticated’ and their transactions continuously monitored.
Deploying User Activity Monitoring Technology for Security and Compliance
14 November, 2011 (01:45 PM - 02:45 PM)
User activity monitoring is essential for the early detection of targeted attacks, and has also become part of the standard of due care for a variety of regulations across all industry segments. Recent attacks and successful breaches point to the importance of early detection as a last line of defense. Fortunately, many organizations receive funding for security monitoring technology deployment in order to meet compliance requirements. This presentation provides advice on how to deploy security monitoring technologies such as Security Information and Event Management (SIEM), for privileged user and resource access monitoring.
Case Study:Identity at GE
14 November, 2011 (04:15 PM - 05:15 PM)
Attestation of users, devices and even data is increasingly critical to managing and securing highly transactional and virtualized environments. With the externalization and consumerization trends such as Any Device, Cloud, Collaboration and Workforce Mobility, we must look beyond legacy identity challenges of the enterprise, resist simply externalizing internal identity processes and develop a direction where identity becomes the true network perimeter. In this case study we will review: • The history of IAM at GE • Tipping point of IAM in the enterprise • Extending IAM inside and outside the enterprise
Head in the Cloud: The Evolution of Directory Services
15 November, 2011 (09:30 AM - 10:30 AM)
In the presentation, we’ll discuss the evolution of directory services, from classic LDAP, to virtual directories, to the new crop of directory synchronization products that can extend enterprise identity management to Cloud applications with minimal effort. We’ll also discuss the synergistic consolidation of additional identity management capabilities into directory services, including federation and finer-grained authorization. This Q&A session allows attendees to explore these questions.
Critical Infrastructure Protection, Smart Grid and Next-Generation Threats
15 November, 2011 (01:45 PM - 02:45 PM)
Critical Infrastructure Protection (CIP) is a critical requirement for global industries, including energy and utilities. Recent cyber attacks on those industries have risen dramatically in both scale and sophistication, raising the possibility of a wider threat to national security. This presentation addresses such key issues as:
Net IT Out: Access Management Market Dynamics: What It Is, How It Will Evolve and the Vendors That Serve It
15 November, 2011 (04:15 PM - 04:45 PM)
Today enterprises seek point solutions for access management. However, current tools that broker authentication and provide single sign-on, federation and authorization functions often overlap. Vendor products bundle solutions to maximize revenue, but enterprises that need to support multiple access functions are faced with daunting purchase decisions. • What are the components of the access market and how should enterprises plan for acquiring solutions? • How will access management offerings evolve? • Which vendors are well-positioned to serve the access management market?
Architecting IAM for Success: How to Improve Identity-Oriented Business Processes, Information Flows and Technology Implementations
16 November, 2011 (10:00 AM - 11:00 AM)
Focusing only on IAM tool selection can be a recipe for failed projects, wasted resources and lack of business alignment. By developing IAM architecture as part of broader security and enterprise architecture program, enterprises can strategically improve identity-oriented business processes, information flows and technology implementations.
