Académique Documents
Professionnel Documents
Culture Documents
White paper
September 2008
Develop effective user management to demonstrate compliance efforts and achieve business value.
2
Overview
Contents Organizations are faced with the challenge of demonstrating compliance
while providing accurate, timely information to more users across more envi-
2 Overview
ronments than ever before — and to do all this while reducing overhead,
3 Understand the challenges of user
increasing productivity and expanding the number and variety of information
management
services across the enterprise.
4 Develop a strategic approach that
delivers quick value
Supporting a strategic approach, IBM solutions can help organizations
6 Expand user management and bridge
successfully develop and expand user management solutions from the depart-
IT with lines of business
mental level to enterprise-wide implementations. In support of their specific
10 Discover enterprise-wide security and
compliance, business and technical requirements, organizations can use IBM
compliance solutions from IBM
Tivoli® Identity Manager software and other IBM offerings to:
12 Alcatel-Lucent customer experience
13 Conclusion
• Automate, manage and audit the life cycle of user access rights across the IT infrastructure.
14 For more information
• Define and manage centralized authentication, access and audit policies.
15 About Tivoli software from IBM
• Enable single sign-on (SSO) across security domains.
• Provide centralized log management and event correlation.
Organizations also have to deal with the rising cost of user management
administration, including account provisioning and deprovisioning, recertifica-
tion of access rights, help-desk calls, password resets and other administrative
tasks, many of which are still manual-based. These costs can add up quickly
and will only increase as the number of users and services continues to grow
and IT infrastructures become larger and more complex.
Define
Support identity governance,
role and user rights, controls
recertification and reporting
Monitor,
audit, Enroll users and provide
report Enroll user self-service
and
proof
users
Enforce
access
control Issue and
manage user
rights
Tivoli Identity Manager and Tivoli Access Manager solutions provide key capabilities ranging from
initial user onboarding to final account retirement.
The Tivoli Identity Manager self-service console lets users manage their passwords and access
to corporate resources.
Develop effective user management to demonstrate compliance efforts and achieve business value.
8
Tivoli Identity Manager also helps bridge IT with lines of business by allowing
Highlights end users to request access to one business entitlement (for example, a sales
portal) rather than individual technical permissions (such as “Active Directory
group — UK3g8saleww_R”). These access entitlements streamline the admin-
istrative effort by grouping technical permissions into a reusable asset that is
pluggable into workflows and policies. At the same time, auditing becomes
much more intuitive as access entitlements represent meaningful assets rather
than cryptic technical permissions.
For organizations seeking extended role administration, role mining and segre-
gation of duties, Tivoli Identity Manager offers integration with several strategic
Ready for Tivoli partners. (Visit http://catalog.lotus.com/wps/portal/topal)
When it comes to actual deployment, the best strategy typically is to start with
a small user management solution and then grow larger incrementally. For
example, a single, departmental application can be used as the foundation
for more complex cross-system and cross-application implementations. In the
same way, request-driven user provisioning can be implemented first and then
replaced with role-based provisioning.
• Identify gaps in existing capabilities across people, processes, applications and data.
• Prioritize security initiatives according to business goals and technology requirements.
• Select technology based on specific budgetary goals and ROI requirements.
• Simplify and speed the planning and execution of enterprise-wide security programs.
• Provide repeatable, measurable planning processes.
• Achieve a desired security posture that meets business and compliance requirements.
Develop effective user management to demonstrate compliance efforts and achieve business value.
11
IBM Tivoli Security Information and Event Manager can help demonstrate
compliance and enhance security by providing log management, real-time
event correlation and user activity monitoring. This helps to streamline
management, control costs and increase IT productivity across a large,
heterogeneous IT infrastructure.
IBM Tivoli Access Manager for Operating Systems is designed to block ille-
gal access to business-critical applications, files and platforms. Unmanaged
Unmanaged access to super-user or “root”
accounts presents organizations with a access to super-user or “root” accounts presents organizations with a signifi-
significant security risk cant security risk. A policy-based access control solution like Tivoli Access
Manager for Operating Systems helps address these security risks by providing
centralized policy management, enforcement and comprehensive auditing.
Develop effective user management to demonstrate compliance efforts and achieve business value.
12
IBM Tivoli Access Manager for Enterprise Single Sign-On provides simple
authentication capability across diverse applications, data stores and environ-
ments. The product helps automate SSO, enhance security with automatic
password management, and extend audit and reporting capabilities in a quick,
simple-to-deploy solution.
The initiative replaces various user provisioning processes with one integrated,
standardized user management system. It provides Alcatel-Lucent with greater
visibility into system-wide user identities, and it also uses automated software
to streamline processes and tasks, thereby lowering IT support costs.
Develop effective user management to demonstrate compliance efforts and achieve business value.
13
Tivoli Identity Manager includes a password self-reset feature that allows users
to reset and synchronize their passwords online. With this one feature alone,
Alcatel-Lucent expects to reduce password-related calls to the IT service desk
by 70 percent and provide increased productivity for both system users and
support staff. Additionally, the new system can automatically close accounts
of employees who have left the company, helping to eliminate related security
risks and improve the data quality of the company directories.
Conclusion
As a recognized leader in identity and access management, Tivoli security
solutions can also be used with a large number of non-IBM enterprise soft-
ware solutions. Providing a broad, scalable solution for centralized security
management, Tivoli Identity Manager software can help:
• Demonstrate compliance across the entire user life cycle with comprehensive auditing and reports
on user access rights and activities.
• Increase ROI by quickly integrating new users and applications.
• Efficiently manage user accounts, access rights and privacy preferences through automation.
• Simplify complexity with consistent security policies and centralized administration.
• Support fully integrated, strategic security across the enterprise.
Develop effective user management to demonstrate compliance efforts and achieve business value.
14
IBM Corporation
Software Group
Route 100
Somers, NY 10589
U.S.A.
TIW14013-USEN-00