1 Hitachi ID Group Manager

Managing the User Lifecycle

Across On-Premises and
Cloud-Hosted Applications

Self service management of security group membership.

2 Agenda
Introductions.
Hitachi ID corporate overview.
Hitachi ID Suite overview.
Managing membership in large numbers of AD groups.
The Hitachi ID Group Manager solution.
Animated demonstration.

2017 Hitachi ID Systems, Inc. All rights reserved. 1

 Slide Presentation

3 Hitachi ID corporate overview

Hitachi ID delivers access governance

and identity administration solutions
to organizations globally.
Hitachi ID IAM solutions are used by Fortune
500
companies to secure access to systems
in the enterprise and in the cloud.
Founded as M-Tech in 1992.
A division of Hitachi, Ltd. since 2008.
Over 1200 customers.
More than 14M+ licensed users.
Offices in North America, Europe and
APAC.
Global partner network.

2017 Hitachi ID Systems, Inc. All rights reserved. 2

 Slide Presentation

4 Representative customers

5 Hitachi ID Suite

2017 Hitachi ID Systems, Inc. All rights reserved. 3

 Slide Presentation

6 Problem: Too many security groups

Medium to large AD environments have
thousands of security groups:
Control access to printers, shares and
folders.
Membership in mail distribution lists.
It is challenging to manage group
membership on this scale:
User needs constantly change.
Users do not understand groups or ACLs.
Users dont know which groups they need.
Who authorizes membership in each
group?

7 HiGM: Self service management of security group membership

Hitachi ID Group Manager enables users to request access to network resources such as
applications or file folders using an intuitive Web-based interface.
Behind the scenes, HiGM creates requests for security group membership and automatically tracks
authorization by the appropriate stake-holders.
HiGM makes administration of security entitlements simple and efficient and so fosters collaboration
and reduces security administration workload.

2017 Hitachi ID Systems, Inc. All rights reserved. 4

 Slide Presentation

8 HiGM features
Hitachi ID Group Manager enables self-service administration of user access to network resources
shares, folders, etc.:
Intercept:

The Windows "Access Denied" error dialog and send users to the appropriate workflow /
group membership request screen.
Browse:
Users find the resources they want using HiGM.
Request:
Users ask for access to a resource (no knowledge of groups required).
Map:
HiGM maps user requests to group membership.
Route:
A workflow request is created dynamically and sent to the groups owner plus anyone else
specified by policy.
Provision:

Upon approval, the user is added to the appropriate group.

Notify:
Users and authorizers are sent thank-you notes.

2017 Hitachi ID Systems, Inc. All rights reserved. 5

 Slide Presentation

9 Multi-master architecture

Native password
change
Password synch
trigger systems SaaS apps

AD, Unix, z/OS, Mobile

LDAP, iSeries proxy

z/OS - local agent Mobile UI lo ud
Manage C
Validate pw

Hitachi ID
servers
Load
balancers
Reverse
web
proxy Managed endpoints
VPN server
with remote agent:
Replication AD, SQL, SAP, Notes, etc
IVR server MS SQL databases
B
Hitachi ID ter
Notifications servers c en r
t a te
and invitations
Da cen
E-mail Tickets data
ote
Firewalls
system m
System of Re
Ticketing record
TCP/IP + AES system
A
HR n ter Managed
Various protocols
ce endpoints
D ata
Secure native protocol
Proxy server
HTTPS (if needed)

10 Intercept Access Denied Dialogs

Animation: ../../pics/camtasia/v10/higm-A-request-folder.mp4

11 Authorization of a request for security group membership

Animation: ../../pics/camtasia/v10/higm-B-request-approve.mp4

2017 Hitachi ID Systems, Inc. All rights reserved. 6

 Slide Presentation

12 Request approved, user can access the folder

Animation: ../../pics/camtasia/v10/higm-C-approved-open-file-nb.mp4

13 Hitachi ID Suite Overview

Hitachi ID Group Manager is a component of Hitachi ID Suite.
Hitachi ID Suite is designed to streamline management of users and passwords for enterprise users.
Three integrated IAM products, used by over 14M users, that can:
Discover and connect identities across systems and applications.
Securely and efficiently manage entitlements and credentials.
Secure and monitor access to privileged accounts.

14 Summary
Hitachi ID Group Manager helps organizations to more quickly, efficiently and intuitively manage
membership in large numbers of Active Directory groups:
Users focus on network resources, not groups.
Group owners, not IT, authorize requests for resource access.
IT security administrators manage the process, not individual requests.
Auditors can monitor current group membership and how users came to have the rights they do.
Learn more at Hitachi-ID.com/Group-Manager.
... or ... E-mail sales@Hitachi-ID.com

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com

www.Hitachi-ID.com Date: 2017-03-15 | 2017-03-15 File: PRCS:pres