1 Hitachi ID Suite

Managing the User Lifecycle

Across On-Premises and
Cloud-Hosted Applications

Administration and Governance of

Identities, Entitlements and Credentials.

2 Agenda
Introductions.
Hitachi ID corporate overview.
Hitachi ID Suite overview.
The user management lifecycle.
Addressing identity management system deployment challenges.
Advantages of the Hitachi ID solution.

2015 Hitachi ID Systems, Inc. All rights reserved. 1

 Slide Presentation

3 Hitachi ID Corporate Overview

Hitachi ID delivers access governance

and identity administration solutions
to organizations globally.
Hitachi ID solutions are used by Fortune 500
companies to secure access to systems
in the enterprise and in the cloud.
Founded as M-Tech in 1992.
A division of Hitachi, Ltd. since 2008.
Over 1200 customers.
More than 14M+ licensed users.
Offices in North America, Europe and
APAC.
Partners globally.

2015 Hitachi ID Systems, Inc. All rights reserved. 2

 Slide Presentation

4 Representative Customers

5 The User Lifecycle

At a high level, the user
lifecycle is essentially
the same in all
organizations and
across all platforms.

2015 Hitachi ID Systems, Inc. All rights reserved. 3

 Slide Presentation

6 Business Challenges
Slow: Role changes:
More IT more too much paper, add/remove rights.
too many people.
users to manage. Expensive:
Policies:
enforced?
There are too many administrators Audit:
doing redundant work. are privileges appropriate?
challenges Org. relationships:
throughout the track and maintain.

user lifecycle.
Support cost.
User service.
Security. Reliable: Passwords:
notification of terminations. too many, too weak,
Fast: often forgotten.
response by sysadmins. Access:
Complete: Why cant I access that
deactivation of all IDs. application / folder / etc.

7 IAM in Silos
In most organizations, many processes affect many applications.
This many-to-many relationship creates complexity:

2015 Hitachi ID Systems, Inc. All rights reserved. 4

 Slide Presentation

8 Distributed IAM Is Complex

Managing each system and application separately is complex.
Complexity is bad:
Expensive: redundant updates to every system when hiring, moving or terminating users.
Unfriendly: users have lots of different IDs and passwords, which they dont know how to
manage.
Insecure: mistakes are made and users get or retain excess entitlements.
Orphan and dormant accounts.
Stale privileges.
Every system and application added makes things worse.

9 Integrated IAM Processes

Business Processes IT Processes

Hire Retire Resign Finish Contract New Application Retire Application

Transfer Fire Start Contract Password Expiry Password Reset

Identity and Access Management System

Users
Passwords
Operating Directory Application Database E-mail ERP Legacy Mainframe Groups
System System App
Attributes
Systems and Applications

2015 Hitachi ID Systems, Inc. All rights reserved. 5

 Slide Presentation

10 Hitachi ID Suite

11 Onboarding New Users

Hitachi ID Identity Manager can accelerate the
onboarding process and reduce the security
administration burden:
Automation:
Detect new hires in HR and automatically
create access on managed systems,
such as AD, SAP and the mainframe.
Self-service workflow:
Managers can request and approve
access electronically, for example for
contractors.
Consolidated administration:
Security administrators save time by
using one tool to manage users across
every system.

2015 Hitachi ID Systems, Inc. All rights reserved. 6

 Slide Presentation

12 Change Management

Hitachi ID Identity Manager manages

changes to user profiles:
Self-service updates to phone
numbers, department codes, etc.

HiIM, Hitachi ID Group Manager and Hitachi

ID Org Manager manage changes to user
roles and responsibilities:
Self-service requests for new
entitlements.
Distributed audit of user rights by
managers and app owners.
Distributed update of organizational
relationships by managers.

2015 Hitachi ID Systems, Inc. All rights reserved. 7

 Slide Presentation

13 IT Support

Hitachi ID Password Manager for "I

forgot/locked my password" calls:
Synchronization: Users with fewer
passwords have fewer problems.
Reset: Users can resolve their own
problems without calling the help desk.
Assistance: A help desk interface
reduces the duration and cost of
remaining calls.

Hitachi ID Group Manager for "access

denied" calls:
Self-service: Users browse for
resources and request access.
Authorization workflow: Group
owners are asked to review and
approve change requests.

2015 Hitachi ID Systems, Inc. All rights reserved. 8

 Slide Presentation

14 Deactivating Access

Retirement, resignation, end-of-contract:

Hitachi ID Identity Manager detects
changes in systems of record, such
as HR, and deactivates all access.
Managers can schedule deactivation
with a workflow form.

Dismissals:
Security administrators use an HiIM
form to terminate all of a users
accounts immediately.

Asset retrieval
HiIM inventory tracking assists in
retrieval of PCs, cell phones, building
access badges, etc.

2015 Hitachi ID Systems, Inc. All rights reserved. 9

 Slide Presentation

15 Closed Loop IAM

Integrated Hitachi ID Suite Integrated

Systems List accounts Target
List
of Record people Auto Systems
discovery
Updates
Detected
changes
Create, Non-integrated
Auto-provisioning Identity delete, Systems
Identity synch. Cache update
Updates accounts
Automatic
request
- Validate requests
Auto-
Manual Requests - Route for approval
Requesters Web UI - Invite authorizers
fulfillment
request
- Send reminders Work
- Escalate Queue
Invitations - Delegate Create,
Manual delete,
fulfillment Connectors update
Request Transaction accounts
Approvals Queue
Authorizers Approve,
Web UI
Manager
reject,
delegate

Invitations Invitations

Certification Workflow Implementer Accept,

Certifiers Review,
Implementers
certify, Web UI Manager Web UI confirm
correct

2015 Hitachi ID Systems, Inc. All rights reserved. 10

 Slide Presentation

16 Multi-Master Architecture

ord ,
sw nix
as , U 0, d,
ep
tiv nge AD S/39 P, o ste
a
N ha O DA 0 -h s
c L S 40 ud app
A ch
s y n ms
Clo aaS
ord yste
S
w
ss r s
Pa igge
pw tr
ate ith
Va
lid s w 90,
s tem OS/3
y : SA s
t s nt ce
ge ge r R rvi
ad cer Tar cal a , olde b se
Lo alan o
l nix e
b W h L,
Hitachi ID u wit SQ
server t ems : AD,
ys nt
se y t s ge etc
ver rox ge e a es,
Re eb p SQL Tar mot Not
w DB re AP,
S
N
VP erver n
s ad cer tio
Lo alan s ca B
pli
b tion ons SQL
ca ati
DB Re
nter
tifi vit e
IVR erver No nd in
t ac
Da
s a Hitachi ID
ts
ke server
Tic
m
ste ord r
ail
Sy f rec
o Fir
ew
all
ente
E-mystem c
t
ge ms ta
s
nt ste
m all Tar yste da
ide sy ew S te
mo
TCP/IP + AES Fir
Inc gmt
Various Protocols m
HR rA erv
er Re
Secure Native Protocol ente x y s ded)
c Pro f nee
ta (i
Da
HTTPS

2015 Hitachi ID Systems, Inc. All rights reserved. 11


17 Included Connectors
Many integrations to target systems included in the base price:
Directories:
Any LDAP, AD, WinNT, NDS,
eDirectory, NIS/NIS+.
Unix:
Linux, Solaris, AIX, HPUX, 24
more variants.
ERP:
JDE, Oracle eBiz,
PeopleSoft, PeopleSoft HR,
SAP R/3 and ECC 6, Siebel,
Business Objects.
WebSSO:
CA Siteminder, IBM TAM,
Oracle AM, RSA Access
Manager.
Servers:
Windows NT, 2000, 2003,
2008[R2], 2012, Samba,
Novell, SharePoint.
Mainframes, Midrange:
z/OS: RACF, ACF2,
TopSecret. iSeries,
OpenVMS.
Collaboration:
Lotus Notes, iNotes,
Exchange, GroupWise,
BlackBerry ES.
Help Desk:
ServiceNow, BMC Remedy,
SDE, HP SM, CA Unicenter,
Assyst, HEAT, Altiris, Clarify,
RSA Envision, Track-It!, MS
System Center Service
Manager
2015 Hitachi ID Systems, Inc. All rights reserved.
Slide Presentation
Databases:
Oracle, Sybase, SQL Server,
DB2/UDB, Informix, Progress,
ODBC, Oracle Hyperion EPM
Shared Services, Cache.
HDD Encryption:
McAfee, CheckPoint,
BitLocker, PGP.
Tokens, Smart Cards:
RSA SecurID, SafeWord,
RADIUS, ActivIdentity,
Schlumberger.
Cloud/SaaS:
WebEx, Google Apps, MS
Office 365, Success Factors,
Salesforce.com, SOAP
(generic).
12
 Slide Presentation

18 Rapid Integration with Custom Apps

Hitachi ID Suite easily integrates with custom, vertical and hosted applications using flexible agents
.
Each flexible agent connects to a class of applications:
API bindings (C, C++, Java, COM, ActiveX, MQ Series).
Telnet / TN3270 / TN5250 / sessions with TLS or SSL.
SSH sessions.
HTTP(S) administrative interfaces.
Web services.
Win32 and Unix command-line administration programs.
SQL scripts.
Custom LDAP attributes.
Integration takes a few hours to a few days.
Fixed cost service available from Hitachi ID.

19 IAM Project Risk Management

IAM projects often take too long and cost too Risk management
much. Why?
Data quality: Combine automation and self-service for
clean up.
Nonstandard, disconnected IDs
Incorrect, old identity data.

Never-ending role engineering: Start deployment with just a few roles.

Add roles gradually, based on demand.
Role based access control is a good
objective, but...
It can be slow and costly to develop
and maintain roles.
Some users just dont fit.

Too many workflows: Implement a generic change

management system.
Custom forms for just the most popular
Defining too many forms, processes requests.
takes too long.
One form, one process per change
type? Per system?

2015 Hitachi ID Systems, Inc. All rights reserved. 13

 Slide Presentation

20 Hitachi ID Technology Advantages

Industry-leading technology at the lowest TCO:
More features and functionality for less money:

Lower initial and ongoing investment (License scheme)

Lower on-going administration costs
Technology (not services) drives down deployment costs:

Reference builds.
All features, connectors included.
Auto-discovery of systems, accounts, entitlements.
Automated and self-service ID mapping.
Policy-driven workflow easier to manage.
No need to engage in costly role engineering.

21 Hitachi ID Suite Summary

Three integrated IAM products, used by over 14M users, that can:
Discover and connect identities across systems and applications.
Securely and efficiently manage entitlements and credentials.
Secure and monitor access to privileged accounts.
Improve security to comply with regulations.
Reduce IT support cost and improve user productivity.
Consolidate management of on-premise and SaaS apps.

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com

www.Hitachi-ID.com Date: May 22, 2015 File: PRCS:pres