Identity Management

6 November 2019

Business Design Centre




Session one- IAM for the Modern Enterprise

We explore how IAM can become a key enabler to organisations. Through cross-sector case studies and industry perspectives, we charter key IAM imperatives including accountability, transparency, user experience and managing trust, privileges and entitlements. The early morning session will also explore:

  • IAM implementation within enterprise environments
  • Identity administration and governance
  • Risk metrics and trends around privacy
  • The impact of identity management investment on top-line revenue
  • How to use IAM to achieve business goals and empower digital business
  • Operationalising identity intelligence for efficiency and risk mitigation
  • Identifying future trends in the IAM space
  • Cloud management models and IDaaS
  • Privileged Access Management – benefits and challenges
  • Disruptive technologies and IAM
  • Future-proofing IAM investment
  • Digital transformation and IAM
Conference Chair’s Opening Address
How can you support good governance and steer the technology required to support IAM?

Whilst ensuring that your organisation is continuously looking to the future in relation to the ever-changing threat landscape, so too must you develop your knowledge and understanding of how to achieve maximum value in your existing IAM architecture and infrastructure.

The result of an inability to grasp what constitutes a meaningful IAM system, its core functions and key characteristics, is project failure, serious cost implications, and even organisational fragmentation and disintegration.

We explore:

  • The challenge of diverse environments and disparate systems
  • Differentiating tactics from processes in IAM hierarchy
  • Combining the right technology, internal policies and people to achieve governance
  • Unifying access, authorisation, administration and authentication
Measuring IAM governance for business benefit

Measuring the risk of data breaches, whilst of fundamental importance, is an indirect means by which enterprises tend to assess the strength of existing governance structures.

To move beyond viewing compliance as the only important element of IAG, it’s vital to see it as the platform by which you can provide a seamless operating environment which can lead to growth as well as increase security and assess risk.

We address the steps required to measure governance performance indicators:

  • Organisational IAG maturity
  • Determining your key risk factors
  • Mapping your status quo
  • Defining and implementing controls
  • Establishing and monitoring goal and performance indicators
  • Monitoring and reviewing your approach with risk management
Dropping the silo mentality in cloud management

Whilst the service-based delivery of cloud services allows enterprises to acquire and deploy new applications with great ease, it does not take account of the impact this has on enterprise-wide legacy applications which tend to be superseded without appropriate migration of data and the reconfiguring of users who require access to new platforms. This has the effect of minimising resource utilisation and reducing the overall efficiency of the enterprise.

We explore cloud integration, iPaaS {integration platform as a service}, and how you can integrate data and applications from various sources in real-time without losing the ability to reuse and manage services and data.

Creating a responsive identity-aware ecosystem in the age of the identity platform

Identity-aware infrastructure aims to establish an environment in which identity and data have a contextual relationship which allows for identity policies to become more security aware and for security policies to become more identity-aware. This results in the captured context, which occurs during identity and security exchanges, being used to influence the enterprise ecosystem and lessen the need to rely on raw data.

We explore the shift from IAM to Identity Relationship Management, its impact on infrastructure technologies, the future direction and prescriptive recommendations.

  • The reality for the enterprise
  • The context-based identity management ecosystem
  • Five steps the enterprise must take to position for context-based identity management
Future proofing your IDM security posture

An overly rigid security architecture prevents your infrastructure from increasing in scale and adaptability, which in turn diminishes your potential for growth security.

To future proof your security operations, you must strategically align your people, processes and technology. By doing so, you will produce an adaptable and cohesive operational posture which can positively react to change, technology adoption and new and emerging threats.

This presentation will address the strategy required to adopt a future proof security culture.

Questions To The Panel Of Speakers
Morning Networking and Refreshments served in the Exhibition Area
Digital transformation in the context of IDM

Identity & Access Management Product Owner, RBS

Organisations must be able to use IDM the right way to survive and thrive the digital transformation wave.

First, we will source a suitable definition for digital transformation within the context of IDM. We will then discuss how digital transformation affects IDM in general, followed by the nature and disruptive capabilities of such areas as federation, secure data sharing, consumer data, and privacy, and how businesses can use each of these areas strategically to cut costs and improve customer experience.

The role of big data in security: Achieving value without adding to enterprise compartmentalisation

To address the exponential rate at which enterprises are processing data for the twinned issues of information security and revenue generation, many enterprises are adopting silo enabling tools which only add to the complexity of the enterprise network.

Dealing with siloed enabling tools, the lack of automation in detecting and acting against intrusion threats, and the disconnection between silo-based security and IT tools have become some of the most significant issues enterprises are facing. To tackle them, organisations are increasingly leveraging big data risk management systems to increase automation and improve operational efficiency.

We address:

  • Empowering organisations to make threats and vulnerabilities visible and actionable
  • Enabling them to prioritise and address high-risk security exposures before breaches occur
  • Protecting against and minimising the consequences of cyber-attacks
Questions to the Panel of Speakers
Delegates move to the Seminar Rooms
Seminar Sessions
Networking Lunch Served in the Exhibition Area

Session Two: Benchmarking your IAM Programme for Success

  • Machine identity capabilities
  • User managed access
  • Enterprise application integration
  • Adaptive authentication analysis in behavioural patterns
  • Risk-based authentication
  • CIAM landscape
  • IAM and PAM integration
Conference Chair’s Afternoon Address
Managing machine identity: Machine identity protection capabilities

Given that 80% of enterprises are currently struggling to protect machine identities, and 96% of companies believe that the protection of machine and human identities are of equal importance, there is an apparent disconnection in concern and action.

Enterprises currently spend billions annually on protecting human identities but almost nothing protecting the machines deployed to carry out vital business functions.

Whilst managing user identity has historically been human-centric, the substantial increase in machines on enterprise networks, the shifts in how enterprises engage with technology on different platforms and new computing capabilities which support such technological innovation, the need to protect machine identities has never been more urgent.

How to detect deviation from implemented IAM solutions: The value of risk-based authentication

Being able to detect when a user deviates from the norm is a key tool in maintaining network security. When an actor requests access, you need to have the flexibility to determine how typical the device, location and address from which the request has originated is for the purported user.

What many enterprises are unsure of is how a balance can be struck between a user-dependent system and a transaction-dependent one without hindering customer satisfaction. Here is where the importance of an intelligently designed autonomous risk-based authentication process can help determine the right model for your business.

We address:

  • How to monitor the connection profile of users including behaviours, favoured devices and IP geolocation
  • How to solve the threats to both the user and the system
  • Creating a scale of the risk potential of the user’s action
  • The importance of balancing security with usability
Enterprise application integration: A case study in successful project management

All large-scale organisations manage and maintain a diverse portfolio of information system applications designed to sustain a variety of functions and the operations they support. What is required, as the portfolio increases in size and scale, is to integrate such applications to support broader enterprise-wide business solutions effectively. Such solutions range from e-business, automated supply chain management, customer relationship management and enterprise resource planning.

The leading solution to the integration challenge is the adoption of enterprise application integration {EAI}.

The following case study provides a detailed account of successful EAI implementation and project management and highlights the architectural decisions that are vital to ensuring success.

Adaptive authentication in behavioural pattern analysis

Despite its apparent flaws and easily identifiable shortcomings, 62% of UK businesses still have no plans to move beyond using passwords as the primary source of authentication.

While the simplicity of password-protected authentication is user-friendly and modern, technologically innovative solutions -intimidating to the less technically minded-, adaptive technology works with the user rather than alienates them from the process. Whether it’s an employee or a customer looking to access the online enterprise platform, adaptive authentication works in the background by gathering additional, granular attributes designed to identify users and determine the appropriateness of their activity.

In today’s cyber climate, attackers can access user credentials with relative ease, what they can not do is mimic user behaviour which, with the appropriate adoption of behavioural pattern analytics, can measure truly unique micro-behaviours.

Questions to the Panel of Speakers
Afternoon Networking and Refreshments served in the Exhibition Area
Delivering on the demand for trusted digital customer experiences while maximising the online experience

The need to enhance the framework by which regulatory compliance is maintained and increase the extent to which you can profile your customer base for revenue generation means that security and risk professionals must keep a watchful eye on the changing CIAM landscape.

We explore new authentication methods designed to ensure compliance with the GDPR and the emergence of progressive profiling as a tool by which you can capture additional customer attributes and move beyond merely viewing CIAM as a means by which you create a social identity.

Integrating PAM with IAM

Enterprises typically implement PAM and IAM independently and therefore miss the opportunity for integration, which allows a more comprehensive account of user access, activity and network security.

While IAM allows IT teams to create and manage digital identities, what it does not allow for is visibility into privileged accounts. Equally true is the fact that IAM, as a stand-alone solution is unable to control privileged access to applications and databases, provide visibility into who has access to share accounts or monitor privileged account activity.

By integrating privilege with IAM, you will be able to achieve complete visibility within your organisation.

We address:

  • What is lacking in your identity access management implementation?
  • What is lacking with your privileged access management implementation?
  • The value of integrating IAM and PAM implementations
Future projections for the IAM market

The need to connect and manage complex structures of joined digital identities, which include compatibility, integration, and interoperability of data, is one of the significant challenges obstructing the growth of the global identity and access management market. This challenge is only made greater when we require increasing levels of IAM sophistication to combat the threat from hostile actors while seeking to achieve competitive advantage from such advancements in network security.

In our closing address, we explore the emerging trends within the IDM landscape and its implications for both suppliers and buyers.

Questions to the Panel of Speakers
Closing Remarks from the Conference Chair
Conference Closes

Please note:
Whitehall Media reserve the right to change the programme without prior notice.