Embed Size (px)
Citation preview
Security Guidance Matters ℠
Identity and Access GovernanceAdvisory Architecture Integration
Security Guidance Matters ℠
Clango provides Identity and Access Governance Advisory, Architecture and Integration expertise enabling organizations
to strengthen their security posture.
Organizational Timeline
Page: 3
1993 Distributed Information Technologies (DIT) is founded to provide software development and enterprise asset management. Based in Arlington, VA.
1998DIT launches enterprise
asset management practice
2000 Integral Business Solutions is structured offering information security integration services. Based in Roseville, MN.
2010 Clango Group, Inc. is structured
offering Identity and Access Management Advisory Services. Based
in Edina, MN.
2012 DIT acquires Integral Business Solutions
2014 DIT acquires Clango Group
2015 Clango Group and Integral Business Solutions merge and operate as Clango
About ClangoConsulting organization specializing in Identity and Access Governance
Services- IAM Rationalization- Strategy & Planning- Solution Evaluation- Architecture- Integration- Extensions and Custom
developments
Capability Expertise
- Access Governance- Role Lifecycle Management- Certifications- Identity Lifecycle Management- User & Account Provisioning- Authentication Services- Federation/SSO/TFA- Adaptive Authentication- Privileged Access Administration
Profile- 15+ years of IAM specialization- Vendor-Neutral Analysis- Proven Methodologies- Enabled 100’s of IAM deployments
internationally
Solution Coverage
RSAOracleNetIQ
Forge RockCyberArk
Guide | Enable | Sustain
Vision: We are focused on enabling solutions that sustain identities and data providing organizations the confidence to securely adapt within a complex and evolving digital economy.
GIS & Location-Based Business Intelligence SolutionsFunctional & Process Consulting
IBM Maximo & TRIRIGAMobile Solutions
DIT Overview
Enterprise Asset Management Solutions
Full Applications Development Life Cycle SupportCustom Web Development
Design, Prototyping, Development & TestingEnterprise Resource Management (SAP)
Software Application Development & Integration
Cybersecurity Advisory ServicesIdentity & Access Management / Governance
Fraud ManagementInformation Security
Enterprise Security Solutions
IT Program ManagementDatabase Management
IT Operations, Maintenance & Security Information Technology Services
Context of IAM within Information Security
Identity & Access
Management
Governance, Risk &
Compliance
Threat & Vulnerability Management
Achieve Information Security Intelligence
Real-time Anti-Fraud
Identity Analytics and Reporting
Anomaly Detection
Adaptive Response
Goal:
Clango Approach
Vast context for IAM
Vendor-Neutral perspectiveOr
Vendor–Specific adaptationSpecialized Expertise
Business Context
Technical Excellence
Healthcare
Retail
Finance Education
Sustainable IAM Program
Diverse Industry Knowledge and Client Base
Advisory – Architecture – Integration Services
DifferentiatorsExtensive Experience
Commercial• Fortune 50 – 1,000• Organizations with varied user populations• Financial, Legal, Accounting Firms• Healthcare: PBMs, Exchanges, Patient Portals• Education
Public Sector• National Park Service• U.S. Department of the Interior• U.S. Department of Homeland Security• United States Marine Corps• United States Army• United States Department of the Air Force• State and local government
Our Value Proposition✳ 90% of our business is referral based
✳ Completed 100+ Strategy & Integration initiatives
✳ Broad perspective of aligning IAM discipline to achieve Business, Compliance, Operations, Security and Technology objectives
✳ Consultants have 15-20 years of IT, BI or Information Security expertise. Team members have significant experience with multiple IAM solutions (Oracle, NetIQ, RSA VIA, ForgeRock, CyberArk)
✳ Solved complex IAM & Anti-Fraud use cases
Thank You
IAM Program ComponentsIAM Programs are cross-functional efforts requiring
active participation and alignment from Strategy thru Execution
Identity Lifecycle Management (IDLM)Value – Adds
o Deep application integration experience
o Phased implementation and Roadmap development
o Long-term IAM program supporto Customer Service Supporto Extensive list of past
performances
Highly experienced with regulated industries Healthcare Financial Utilities
KEY IDLM ENGAGEMENT
MEDIA COMPANY
Performed Design & Implementation (D&I) Services for client to include: Review and advisory on merger triggered SOX and PCI audit requirements Deployed and Integrated IDLM by ingesting multiple AD forests for each business Optimized tool for full attestation of fine grained user access Developed data cleansing and import methodology Automated self-service requests and provisioning
Identity GovernanceValue – Adds
o Experienced approach to Visibilityo Deep understanding of data gatheringo Extensive knowledge of governance
policieso Extensive list of past performanceso Proven methodology to catalog assets,
identities, roles, entitlements and privileges
o Highly experienced with regulated
industries Healthcare Financial Utilities
KEY Identity Governance ENGAGEMENTRetail Company
Performed Design & Implementation (D&I) Services for client to include: Review and advisory on compliance requirements Deployed and Integrated IG by ingesting multiple identity sources Optimized tool for full certification of user access and entitlements Developed appropriate approval and rejection workflows Provided advisory and assistance in various Access Certification related use cases
Privileged Access Management (PAS)Value – Adds
o Deep application integration experience
o Long-term IAM program supporto Customer Service Supporto Extensive list of past
performances
o Member of CyberArk Partner Advisory
Councilo Highly experienced with regulated
industries Healthcare Financial Utilities
KEY PAM ENGAGEMENT
BIG FOUR BANK
Multi-national implementation and deployment services at multiple sites and environments for the following PAS Solutions to include:
Installed Multiple HA Vault clusters in Production Environment Installed more than 50 component servers across multiple data centers (CPM, PVWA's, PSM's) Installed Multiple HA DR Vault Clusters Single Sign-on (SAML) Integration Integrated Knowledge Transfer Use Cases, Testing, Training
Anti-Fraud , Real Time Fraud AnalyticsValue – Adds
o Deep application integration experience
o Long-term IAM program supporto Customer Service Supporto Extensive list of past
performances
o Highly experienced with regulated
industries Healthcare Financial Utilities
KEY ENGAGEMENTS
Top 5 Financial Services Company
Fraud Analysis and Controls
• Provided an integrated solution combined policy-based, multi-factor access controls with strong password management requirements.
• Delivered fraud management solution included detailed, real-time response rules involving IP location translation, transaction velocity rules, device identification, and user behavior heuristics.
