{"id":15704,"date":"2017-05-05T19:47:49","date_gmt":"2017-05-05T19:47:49","guid":{"rendered":"http:\/\/www.confluxsys.com\/confluxsys\/?p=15704"},"modified":"2017-05-06T06:23:57","modified_gmt":"2017-05-06T06:23:57","slug":"identity-governance-and-analytics","status":"publish","type":"post","link":"https:\/\/www.lastmile.id\/confluxsys\/blog\/identity-governance-and-analytics\/","title":{"rendered":"Identity Governance and Analytics"},"content":{"rendered":"<p><strong>Business need: <\/strong>A holistic view of information security management in an organization with the purpose of:<\/p>\n<ul>\n<li>Measuring effectiveness of a security control or policy. How realistic were my ROI forecasts and its trend?<\/li>\n<li>Design, develop, and optimize organization&#8217;s security strategy.<\/li>\n<li>Improvise effectiveness and productivity. Do the &#8220;things&#8221; more intelligently.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>Challenges<\/strong><\/p>\n<ul>\n<li>Information silos &#8211; To manage complexity, information security management is generally implemented by a set of distributed components. This has also resulted in &#8220;Information silos&#8221; &#8211; no holistic view of organization&#8217;s security posture. Example: Identity management system manages user to entitlement assignments but does not have any details about the objects\/permission that entitlement entitles to.<\/li>\n<li>A software component typically organizes data for optimal execution of its operations\/transaction i.e. integrity, performance. Generating useful business insight is cumbersome if not infeasible.<\/li>\n<li>Auditing: component audit certain important transactions only. Moreover, auditing all transaction is expensive and impacts performance. Analysis would have to be restricted based on component&#8217;s auditing capabilities and its configurations.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>Confluxsys <\/strong><em><strong>Identity Analytics<\/strong><\/em>\u00a0retrieves data from various enterprise repositories, models them into an &#8220;IAM Graph&#8221; that comprises of &#8220;domain entities&#8221; as nodes and their relationships with the purpose of performing analytics, deriving useful business insights and appropriate response.<\/p>\n<ul>\n<li>Current state of IAM entities from various sources are collected and aggregated.<\/li>\n<li>Analytics result is persisted on a timescale with contextual information useful for trending and forecast.<\/li>\n<\/ul>\n<p>Solution provides a framework using which a new dataset can be analyzed with minimal necessary dataset specific development.<\/p>\n<p><strong>Components:<\/strong><\/p>\n<div class=\"slate-resizable-image-embed slate-image-embed__resize-full-width\" data-imgsrc=\"https:\/\/media.licdn.com\/mpr\/mpr\/AAEAAQAAAAAAAAkTAAAAJDUxMjE2OGY1LWY4Y2ItNDBlMy1iMzYwLTkzOWI2OTY4YjgzYQ.png\"><img decoding=\"async\" class=\"alignleft\" src=\"https:\/\/media.licdn.com\/mpr\/mpr\/AAEAAQAAAAAAAAkTAAAAJDUxMjE2OGY1LWY4Y2ItNDBlMy1iMzYwLTkzOWI2OTY4YjgzYQ.png\" \/><\/div>\n<p><strong><em>\u00a0<\/em><\/strong><strong><em>Staging<\/em><\/strong>: implements the IAM business intelligence. It retrieves data, models and stores into a structure suited for analytics &#8211; an &#8220;IAM Graph&#8221;.<\/p>\n<p><strong><em>Analytics<\/em><\/strong>: performs analytics using bigdata processing frameworks.<\/p>\n<p><strong><em>Event and Action<\/em><\/strong>: Raises an IAM event and\/or performs an action based on certain pre-configured rules.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Use Case: Redundant Access Analysis<\/strong><\/p>\n<p>User access is generally managed by role\/entitlement assignments, IAM processes generally put strict governance around the assignments (certification, approver etc.) but over period of time, as application evolves, access entitled by roles and\/or entitlements becomes redundant. There is a need for a holistic view of user&#8217;s access to the resource, analyze role\/entitlement definition, review and cleanup these redundant access.<\/p>\n<div class=\"slate-resizable-image-embed slate-image-embed__resize-full-width\" data-imgsrc=\"https:\/\/media.licdn.com\/mpr\/mpr\/AAEAAQAAAAAAAAiuAAAAJGJiY2ViNzdlLWFhODItNGI1Mi04M2JmLWM2M2U2ODRkZjljYg.png\"><img decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/media.licdn.com\/mpr\/mpr\/AAEAAQAAAAAAAAiuAAAAJGJiY2ViNzdlLWFhODItNGI1Mi04M2JmLWM2M2U2ODRkZjljYg.png\" \/><\/div>\n<p>Confluxsys Identity Analytics provides holistic view of user&#8217;s access, enables business to review and remediate redundant access.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Business need: A holistic view of information security management in an organization with the purpose of: Measuring effectiveness of a security control or policy. How realistic were my ROI forecasts and its trend? Design, develop, and optimize organization&#8217;s security strategy. Improvise effectiveness and productivity. Do&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2810,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-15704","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"_links":{"self":[{"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/posts\/15704","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/comments?post=15704"}],"version-history":[{"count":4,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/posts\/15704\/revisions"}],"predecessor-version":[{"id":15708,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/posts\/15704\/revisions\/15708"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/media\/2810"}],"wp:attachment":[{"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/media?parent=15704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/categories?post=15704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lastmile.id\/confluxsys\/wp-json\/wp\/v2\/tags?post=15704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}