Upload
emc
View
587
Download
0
Tags:
Embed Size (px)
Citation preview
1 © Copyright 2015 EMC Corporation. All rights reserved.
Force Cyber Criminals to Shop Elsewhere
2 © Copyright 2015 EMC Corporation. All rights reserved.
Introductions - Our Presenters
Rob Sadowski Director, Technology Solutions
Kimberlee Bachman Senior Product Marketing Manager, IAM Solutions
3 © Copyright 2015 EMC Corporation. All rights reserved.
• Cyber Security Challenges in Retail
• Identity Challenges in Retail
• Solution Best Practices
• RSA Identity Management and Governance
• Use Cases
• Q&A
Agenda
4 © Copyright 2015 EMC Corporation. All rights reserved.
Security Concerns in Retail
Need to protect customer data and intellectual
property
Need to secure critical
systems
Cyber criminals
focusing on retailers Recent wave
of retailer breaches
5 © Copyright 2015 EMC Corporation. All rights reserved.
• Payment card data
• Emphasis on compliance
• High employee turnover
Why Are Retailers an Attractive Target?
6 © Copyright 2015 EMC Corporation. All rights reserved.
Payment Card
Information
Customer Purchase
and Loyalty Information
Intellectual Property
Cyber criminals do not discriminate against data, they’ll take it all
Concern: More Than Just Payment Card Data
7 © Copyright 2015 EMC Corporation. All rights reserved.
Retailers’ Identity Specific Concerns
Compliance Access to
Data
Role Management
Access Governance
Managing Identity Lifecycle
8 © Copyright 2015 EMC Corporation. All rights reserved.
Employee Timeline Highlights Identity Concerns
Review Joins Leaves Request Review & Revoke
Roles & Suggested Entitlements
Roles & Suggested Entitlements
Moves
9 © Copyright 2015 EMC Corporation. All rights reserved.
Regular Access Reviews Put process in place to stay audit compliant and know who has access to what
Business Driven Access Reviews
Fine Grained Entitlement Visibility
Remain Audit Compliant
Lower Organizational Risk
10 © Copyright 2015 EMC Corporation. All rights reserved.
Governing Access With Policies Policies help automate access governance and improve workforce management
Joiner Mover Leaver
Time Based
Segregation of Duties
11 © Copyright 2015 EMC Corporation. All rights reserved.
Many People in Small Number of Roles
Corporate Users Hourly Workers Contractors
12 © Copyright 2015 EMC Corporation. All rights reserved.
Governing Privileged Access (PAM)
Know what accounts have extra privilege and make sure that’s appropriate
Avoid any one admin or user having too much access to valuable information
Manage employees, vendors and contractors
Review who has privileged access
13 © Copyright 2015 EMC Corporation. All rights reserved.
Keeping Compliant
PCI DSS
HIPAA
SOX
Data Privacy
14 © Copyright 2015 EMC Corporation. All rights reserved.
RSA Identity Management and Governance (IMG)
15 © Copyright 2015 EMC Corporation. All rights reserved.
RSA IAM Enabling trusted interactions between identities and information
Applications/Data/Resources
Identity Lifecycle
Compliance
Access Platform Governance Platform
Federation/SSO
Authentication
Employees/Partners/Customers
Provisioning
Identity Intelligence
16 © Copyright 2015 EMC Corporation. All rights reserved.
Shift Decision Making and Accountability to the Business
Centralized Identity & Business Context
Business Process-Driven
Policy-Based Automation
Business-Driven Approach to Governance
17 © Copyright 2015 EMC Corporation. All rights reserved.
A Phased Approach Role & Group Management
Access Request Policy Management
Provisioning
Visibility & Certification
Account & Entitlement Collection
Access Reviews
Segregation of Duties
Role Discovery & Definition
Role Maintenance
Group Analysis & Cleanup
Access Request Portal
Policy-Based Change
Management
Joiners, Movers, and
Leavers
Task Notification
Service Desk Integration
Data Visibility
Automated Provisioning
Compliance Controls
18 © Copyright 2015 EMC Corporation. All rights reserved.
RSA IMG Retail Use Cases
19 © Copyright 2015 EMC Corporation. All rights reserved.
Point of Sale Monitoring
IMG Helps Retail Customers Achieve Success
Challenge Solution
No way of knowing which Point of Sale
kiosk is being used and when
Grant entitlements to individual POS kiosks and name them by
region
20 © Copyright 2015 EMC Corporation. All rights reserved.
Unowned Accounts
IMG Helps Retail Customers Achieve Success
Challenge Solution
There are many unowned accounts
Removed orphaned accounts
21 © Copyright 2015 EMC Corporation. All rights reserved.
Seasonal Workers & Contractors
IMG Helps Retail Customers Achieve Success
Challenge Solution
Concerned with seasonal workers and
contractors having access for the right
period of time
Policies allow access to be granted for a set
amount of time to the right applications
22 © Copyright 2015 EMC Corporation. All rights reserved.
Operational Challenges
IMG Helps Retail Customers Achieve Success
Challenge Solution
There is operational inefficiency at the
store level
Can put workflow in place to manage
operations
23 © Copyright 2015 EMC Corporation. All rights reserved.
Q&A
EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.