Identity Management

17 September 2019

Van Der Valk Hotel, Utrecht




Session one- Architecting the success of your IAM Programme

  • Holistic identity management – managing privileged access, segregating duties
  • Planning for success – how to implement a successful IAM project
  • Understanding authentication strategies
  • Managing a distributed workforce, applications, infrastructureThe challenge of a distributed workforce
  • Embracing disruptive technologies
  • Proactive monitoring and risk management –  Operationalising identity intelligence for efficiency and risk mitigation
  • Implementing successful next-generation identity architectures and technologies
  • How to use IAM to achieve business goals and drive digital transformation
  • Taking a decentralised approach to Blockchain for identity management
Conference Chair’s Opening Address

Robert Garskamp, Entrepreneur, Advisor on Digital Identity Matters and Founder of the IDnextplatform

Why breaking down siloes is fundamental for a future-ready identity infrastructure

Reducing, and ultimately eliminating, the possibility of departmental access management silo-fication is of the great importance if you are to develop and maintain a truly holistic IAM strategy. Such silo-fication can affect information security, application development, and regulatory compliance.

The key to overcoming such tendencies is to emphasise corporate IT governance goals over departmental business practices. This is particularly true given that access is often required across multiple platforms by a single actor regardless of the origin of the request.

Breaking down silos does not simply streamline access management processes, it increases productivity, the opportunity for innovation, operational efficiency, and produces a real tangible business benefit.

In this opening address, we will discuss:

  • Breaking down silos across the organisation
  • Taking a more holistic approach to security
  • The opportunities and risks of new and emerging technologies
Centralising Access Control: Addressing the challenge of an increasingly distributed workforce

Angelos Varthalitis, CIO, Transdev Nederland

The globalised nature in which organisations are structured and operate means that the ways in which products are developed, information shared and collaboration achieved is via digital means. One of the ways in which global enterprises are addressing this is by developing a centralised IAM solution.

The issue is how to implement a comprehensive, centrally managed IAM solution that centralises the visibility and control needed for a distributed workforce to an enterprise IT security team.

The role of automation in access management

Related to the issue of an increasingly distributed workforce and the lack of a centralised IAM system is that of manual provisioning and de-provisioning. Failure to implement a centralised IAM system will result in enterprise IT staff being preoccupied with manual IAM processes, a loss of productivity for users seeking access to vital business applications and increase the possibility of former staff maintaining access to highly sensitive information. This can be particularly distressing if they have joined a competitor.

We address:

  • Sourcing an IAM solution which can automate provisioning and de-provisioning
  • The security consequences of not addressing access legacy issues
  • Eliminating human error prevalent in manual processes
  • The benefits of automating access rights of employees, partners, contractors, vendors, and guests
How to securely manage identities at scale in the cloud

Sébastien Stormacq, Technical Evangelist, AWS

Managing identities and authorisations is a core requirement for all apps. Modern applications are required to securely manage hundreds of thousands or millions of identities.

In this talk, you will learn how you can leverage fully managed, serverless services in the cloud to securely manage your user pools.

During this hands-on talk, I will show attendees how to create and manage a pool, how to integrate hosted user interface in your mobile or web app, how to manage identity federation using OAuth, OpenID or SAML and how to apply RBAC rules for fine-grained access control to native cloud resources such as APIs, files on Amazon S3 or data stored in Amazon DynamoDB. All this with minimum coding, less than 10 lines of code in total.

• Why use a fully managed service to manage your identities
• How to integrate your mobile and web apps with your cloud-based user pools
• How to leverage identity federation with a minimal code change

Endpoint Security: Identifying multiple actors, protecting assets and ensuring compliance

Mandating that employees, contractors, and third-party actors abide by traditional access point policies which require working from a company laptop or desktop workstation which is directly plugged into the network is no longer possible in the age of global enterprise.

The key issues which are prevalent in today’s business environment are IT agility in response to this growing challenge and maintaining user productivity whilst protecting business assets.

We look at the available solutions which are designed to address:

  • Secure grant and revoke access management
  • Corporate application accessibility
  • The trend towards IoT and what it means for IAM
  • The scalability challenge of network demand
Questions To The Panel Of Speakers
Morning Networking and Refreshments served in the Exhibition Area
Automate Everything!

Daniel Friman, DevOps Chapter Lead for Information Security and PKI, ING

Automation comes into play in an increasing number of aspects in our organizations and it is gradually becoming the normal way of managing IT.

In this presentation, we will dive into the automated management of infrastructure, systems, and applications. We will start with a brief orientation of automation terminology and then discuss benefits and drawbacks.

There is a lot to consider with automated testing, provisioning, deployment, self-service, and operations. Have you have overlooked opportunities?

Balancing security with usability: Adopting the right MFA strategy for you

As your organisation increases in size and scale so too does your workforce, the data you have in your possession and the requirements of your workforce to access that data to perform key business functions. Equally true is the need for your MFA strategy to be in line with your unique business requirements.

Getting the balance between usability, security and accessibility can be difficult as you upscale your IDM architecture. When considering how to achieve such balance its important to consider what risks you are trying to mitigate, the simplicity of the authentication process and the impact on customer experience.

Questions to the Panel of Speakers and Delegates move to the Seminar Rooms
Seminar Sessions
Networking Lunch Served in the Exhibition Area

Session TWO – Benchmarking for Success: Managing and Improving your IAM programme

  • Identifying and overcoming challenges in your identity architecture
  • Deploying state-of-the-art tools for better lifecycle management
  • The interaction of IAM with Blockchain, AI, IoT and Machine Learning
  • Identity economics – performance, scale, ROI Regulatory compliance tools
    Blockchain in IDM
Conference Chair’s Afternoon Address
Identity analytics for improved intelligence and anomaly detection
  • Do you know who is accessing your applications, data and what for?
  • What they are entitled to do whilst doing so?
  • Do you know what the purpose of all the accounts, groups and permissions is found in all your systems and applications?

We explore:

  • Building an inventory
  • Access identity & entitlement data
  • Control layers
  • Known risks (and unknown)
  • Deploying analytics for anomaly detection
Demystifying regulatory requirements

The primary driver behind IAM cost is ensuring corporate governance structures are in line with regulatory measures. Given that much of the pressure to provide information which proves compliance falls on the IT department, with each regulation needing to be addressed methodically, via proper analysis and study, this can result in labour intensive processes and lost production elsewhere.

One of the ways in which the potential for limiting, and even eliminating such manual processes, particularly when it comes to auditing, is implementing automated solutions for a specific purpose.

We address:

  • Automated auditing
  • Simplify regulatory conformance processes
  • Generating comprehensive reports needed to prove compliance
The shrinking security perimeter in enterprise identity management: The value of micro-perimeters

The key to addressing the diminishing of the traditional security perimeter in which employees typically accessed business applications via the corporate network with the use of a browser is to both increase the scale of your perimeters whilst also shrinking the space in which the perimeter sits.

By shrinking the security perimeter to each individual application, enterprise IT can control a user’s access to the application from anywhere and any device. This also supports the growing breed of applications which use web APIs to enable integration and support multiple user engagement applications on mobile and Cloud.

In addition to this, it is of vital importance that your mobile device management security policy has within it the need to have an established micro-perimeter for each device which interacts with the enterprise network. Failure to do so with result in hostile actors who have gained access to a mobile device being able to traverse the entirety of your data sets undetected for days, weeks, months and even years.

The role of AI and machine learning in personal data security

Many believe we are entering a new era of behavioural tracking with the advent, and ever increasingly advanced capabilities of AI and machine learning in data security.

The ultimate desire for any organisation, from the boardroom to the IT department, is to have a truly panoptic view of the identity access architecture and infrastructure. Whilst there is no such thing as a truly impenetrable design for security which cannot be accessed no matter the foe, the successful adoption of AI and machine learning in identity management will provide you with a truly revolutionary approach to defending your users, assets and detecting suspicious activity.

We explore:

  • Identifying your business need
  • The rules and logic that follows from identification
  • Establishing a baseline of normal user behaviour and associating those to individual actors
  • Seeking and identify unusual deviations and potentially suspicious activity which might signal malicious intent
  • Continuously monitoring how users and devices access data, applications and other critical assets
Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
What can effective user lifecycle management do for you?

The value in ULM implementation, which is tied to adopting a holistic approach to IDM, is clear. What is not clear is the techniques required to establish a truly one user, one identity, one infrastructure framework.

When exploring the techniques required, its important to keep in mind what it is you want to achieve. In short, the end goal is to develop a standard infrastructure through which the various elements of ULM can be presented, followed by the replacement of various identities with a single, authenticated credential for every user.

We address:

  • Developing a common infrastructure from which the various components of the User Lifecycle Management solution can be launched, centrally configured, managed and reported
  • Replacing multiple online identities with a single, secure, trusted and efficiently managed credential for each user
Building your digital identity network on blockchain

Employees generally have little or no control over the information that comprises their identities. Once you have distributed your identity online it becomes entangled in the ether of the enterprise network. This is particularly true when we look at the lack of visibility provided by cloud apps which interact with other data process sources without your knowledge and ability to supervise. Just as significant is the ability of mobile devices to share data with third party actors without your explicit consent.

Without visibility into the exchange of identity attributes across the enterprise for authentication, verification and authorization, individuals are vulnerable to identity fraud.

An emerging solution designed to address this problem is building your digital identity on blockchain.

We explore:

  • Establishing trust among businesses by leveraging shared ledgers
  • Smart contracts and governance to standardize management
  • Reducing the cost, risk, time and complexity of decentralized identity management
Maximising ROI from your IAM investment

Exploring ways in which you can calculate the ROI of your IAM programme, with specifics on how you can measure productivity and review costs associated with:

  • Provisioning and de-provisioning
  • Identity administration
  • Compliance and audit
  • Security breaches, risks and damages
Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.