View
7
Download
0
Category
Preview:
Citation preview
AUTOLIV. A GLOBAL IDENTITY AND ACCESS MANAGEMENT SOLUTION /
AUTOLIV. UNA SOLUCIÓN GLOBAL DE GESTIÓN DE IDENTIDADES Y ACCESOS
SIA INTERNATIONAL
JOSÉ A. MORALES RAMOS
Autoliv BKI
Ernesto Arnal
AUTO Lindblad In Vårgårda
Autoliv - was founded in Vårgårda, Sweden, in 1953
Autoliv’s History
Autoliv in Brief
� Sales and technology leader
� Sales: US $7.2 billion
� Fortune 500 company
� Sales to all major vehicle manufacturers
� ~80 facilities in 29 countries
� 10 technical centers in 9 countries and 21 crash test tracks
� ~43,000 associates whereof 4,000 in R,D&E
Autoliv in Brief
RoW
38%Japan
Europe
29%
North America
11%
11%
11%
China
Autoliv in the World
USA
Mexico
Brazil
Australia
South Africa
EUROPE
• Estonia
• France
• Germany
• Hungary
• Italy
• Netherlands
• Poland
• Romania
• Russia
• Spain
• Sweden
• Turkey
• UK
India
ChinaJapan
Indonesia
Canada
S.Korea
Malaysia
PhilippinesThailand
TaiwanTunisia
Autoliv in Brief
Superior Global Presence– All Major Vehicle Brands
Customers
Complete Safety
System Supplier
Steering Wheel
Driver Airbag
Pelvis & ThoraxSide Airbag
Inflatable CurtainPassenger Airbag
Seatbelt Systems
Rear Side Airbags
Electronic Control Unit (ECU)
Knee Airbag
Vision System
Pedestrian Protection
Night Vision System
Satellite Sensor
Anti-Whiplash System
Anti Sliding AirbagOther Important Products:Child SeatsActive Seatbelts
Driver Assist Radar
Autoliv Values
� Life - we have a passion for saving lives.
�Customers - we are dedicated to providing satisfaction for our customers and value for the driving public.
�Employees - we are committed to the development of our employees’ skills, knowledge and creative potential.
� Innovation - we are driven for innovation and continuous improvement.
�Ethics - we adhere to the highest level of ethical and social behavior.
�Culture - we are founded on global thinking and local actions.
We Care
Vision, Mission & Values
SIA INTERNATIONAL
h Founded in 1989 with more than 21 years experience in the IT market
h Solution Provider with recognized position in Security, Storage and Management
h Focus in large organizations: Government, Financial, Telco and Industry
h Business model based upon specialization and customer focus
h Quality and Process Management
SIA INTERNATIONAL VALUES
• CORPORATIVE CULTURE:
• Customer Focus and long term relationship
• Specialization for delivering real value
Flexibility to adapt our Solutions to Customer situation and expectations
• Innovation driven (UNE 166002 Certification)
• Collaborative Framework to empower employees and
customer relationship
• FOCUS IN PROCESS MANAGEMENT AND QUALITY
ASSURANCE
• EXPERIENCE AND RESOURCES
2011-November 10ISACA Valencia - V Congress
An extensive expertise within IAM space.
Background. Before IAM.
� IAM projects are somehow polyhedral with multiple perspectives, services and values
� IAM projects are not just technology, they require other skills:
– Organization
– Integration
– Project Management
Background. Why do I need an IAM infrastructure?
IT & NON IT
RESOURCES
No
mobility
Long waits
Availability
Too many
systems
Multiple
Passwords
Poor
usability
Users
Administrators
Security
admin per
platform
Manual
processes
Policies are not
implemented
Dedicated
staff for each
system
New
requirements
all the time
Lack of
security
processes
Lack of
control
and
auditing
Security
holes
High costs
No
scalability Managers
Background. IAM expected benefits.
IT & NON IT RESOURCES
No mobility
Long waits
Availability
Too many systems
Multiple Passwords
Poor usability
Users
Administrators
Security admin per platform
Manual processes
Policies are not implemented
Dedicated staff for each system
New requirements all the time
Lack of security processes
Lack of control and auditing
Security holes
High costs
No scalability Managers
PerspectivesAuditability
EfficiencyAutomation
Usability
Compliancy
Costs and Complexity
Reduction
IT & NON IT RESOURCES
2011-November 14ISACA Valencia - V Congress
IAM benefits
COST
REDUCTION
SERVICE LEVEL
USABILITYRISK
MITIGATIONCOMPLIANCY
Authentication & Password Mgmnt � � � � � � � � �
Consolidation � � � � � � � � �
Provisioning & Workflow � � � � � � � � � � � �
SSO � � � � � � � � � �
Access Control � � � � � � � � � � �
Auditing � � � � � � � � �
IAM and ROI
2011-November 15ISACA Valencia - V Congress
ADMINISTRATION COST
HELP DESK COSTS
AUDIT COST
USER PRODUCTIVITY
MERGE & ACQUISITIONS
EMPLOYEE RELOCATION
IAM. Implementation approach.
Key Deployment Factors
• A Phased Project Model starting with AUTOLIV Europe.
• The first step is to select the appropriate technology solution based on AUTOLIV requirements and “killer criteria”
• Prioritize SAP system, so that the IAM service will really help SAP deployment in Europe territory
• Knowledge Transfer will allow AUTOLIV staff to be self-sufficient and correctly manage its own infrastructure.
• Project Management to ensure the most appropriate use of both resources and time to achieve project goals
• In next phases, these common architecture and procedures will allow to incorporate new territories (America, Asia), systems (ERP JD Edwards, QAD), local applications, new services (SSO, GRC integration)
Autoliv IT Strategy and IAM
• Global, worlwide distributed company.
• Iinformation systems consolidatoni estrategy.
• Regional data center consolidating both corporate basic access, ERP, CRM, …
• SAP as corporate ERP.
• Identity and Access Management as a consequence for central user, roles and access governance.
Project Scope Europe Territory
End Systems: � Active Directory� SAP: through SAP CUA� ERP DIACAR: AS/400 connector� Movex ERP: LDAP and Database connectors� Softm: AS/400 connector� Autoliv Shared Applications Portal: LDAP and Database connectors� Hyperion: database connector
Functional:
� Definition of a corporate profiling� Centralized identity repository� Integration with HR system as a source of authoritative data� Accounts and passwords synchronization and account provisioning� Identity life cycle definition� Workflow design for request, authorization and approval of resources� Implementation of an autonomous password recovery mechanism for end users� Implementation of audit mechanisms provided by the product
Recommendations� Start with your business
processes
� Break your IAM strategy into 3-6 month projects:
– Europe, America, Asia
– ERP
– Local Applications
� Minimize customization in the first phases
� Implement incrementally, slowly expanding scope
� Show immediate wins
Recommendations
� Data Quality: Data cleansing is always a bigger issue than expected
� Role definition: Roles are important, but don’t expect to cover 100%
� Functionality vs. priority vs. ROI: Vendors catch up on features in pace with market demand. The right technology can simplify project and lower TCO
� Don’t go it alone; select an experienced consultant
GRACIAS / THANKSJosé A. Morales Ramos
Principal Security Business ConsultantSIA INTERNATIONAL
jamorales@sia.es
Ernesto ArnalInformation Systems Segurity Manager
Autoliv Europeernesto.arnal@autoliv.com
Recommended