Hitachi ID Identity and Access Management Suite

1 Hitachi ID Suite

Managing the User Lifecycle
Across On-Premises and
Cloud-Hosted Applications

Administration and Governance of
Identities, Entitlements and Credentials.

2 Agenda

• Hitachi ID corporate overview.
• The user management lifecycle.
• Effective user lifecycle management with the Hitachi ID Suite:

– Managing users and entitlements with Hitachi ID Identity Manager.
– Managing authentication factors with Hitachi ID Password Manager.
– Securing access to privileged accounts with Hitachi ID Privileged Access Manager.
• Advantages of the Hitachi ID solution.

© 2015 Hitachi ID Systems, Inc. All rights reserved. 1

Slide Presentation

3 Hitachi ID Corporate Overview

Hitachi ID delivers access governance
and identity administration solutions
to organizations globally.
Hitachi ID solutions are used by Fortune 500
companies to secure access to systems
in the enterprise and in the cloud.

• Founded as M-Tech in 1992.
• A division of Hitachi, Ltd. since 2008.
• Over 1100 customers.
• More than 14M+ licensed users.
• Offices in North America, Europe and

APAC.
• Partners globally.

4 Representative Customers

© 2015 Hitachi ID Systems, Inc. All rights reserved. 2

Slide Presentation

5 Hitachi ID Suite

6 Business Challenges

• More IT → more Slow: Role changes:
users to manage. too much paper, add/remove rights.
too many people. Policies:
• There are enforced?
challenges Expensive: Audit:
throughout the too many administrators are privileges appropriate?
user lifecycle. Org. relationships:
doing redundant work. track and maintain.
• Support cost.
• User service. Reliable: Passwords:
• Security. notification of terminations. too many, too weak,
often forgotten.
Fast: Access:
response by sysadmins. Why can’t I access that
application / folder / etc.
Complete:
deactivation of all IDs.

© 2015 Hitachi ID Systems, Inc. All rights reserved. 3

Slide Presentation

7 HiIM Features • Provision joiners, deactivate leavers.
• Multiple HR feeds.
Automation:
Requests portal: • Self-service profile updates.
Security controls: • Delegated security change requests.

Workflow process: • Access certification.
• RBAC and SoD.
Integrations: • Reports on current entitlements, history.

Identity synchronization: • Authorizers.
• Implementers.
• Certifiers.

• 110+ bidirectional connectors, included.
• Incident management, SIEM, e-mail interfaces.
• Manage building access, physical assets.

• Consistent data among apps.

© 2015 Hitachi ID Systems, Inc. All rights reserved. 4

Slide Presentation

8 HiPM Features

Password synch:

• Reduce the number of passwords per user.

Self service:

• Password reset.
• Clear lockout.
• Smart card PIN reset.
• Token PIN reset.
• HDD key recovery.

Access from:

• PC browser or login screen.
• At the office or remote.
• Smart phone or voice call.

Assisted service:

• Password, token PIN, intruder lockout.

Policy enforcement:

• Password complexity, expiry, history.
• Non-password authentication.

Managed enrollment:

• Security questions.
• Login IDs.
• Mobile phone numbers.

© 2015 Hitachi ID Systems, Inc. All rights reserved. 5

Slide Presentation

9 HiPAM Features • Find systems, accounts.
• Attach policy.
Auto-discovery:
Random passwords: • Default is daily.

Secure storage: • Replicated (with fault tolerance/queue).
• Encrypted.
Access controls: • Geographically distributed.
Workflow controls:
• Policy: who can sign into which account?
Single sign-on:
• One time request/approval/login.
Application passwords:
Logging: • Launch SSH, RDP, vSphere, SQL, etc.
• Alternately: display password, temporary group membership,
Session monitoring:
temporary SSH trust/SUDO rights.

• Notify SCM, IIS, Scheduler, DCOM of new passwords.
• API to eliminate embedded passwords.

• Requests, approvals, logins to privileged accounts.

• Screen, keyboard, webcam, process ID, window title, etc. 6
© 2015 Hitachi ID Systems, Inc. All rights reserved.

Slide Presentation

10 Multi-Master Architecture

Rewveerbseproxy Validate pwNactihvaenpgaesswordPAaDstOr,siUSgwLg/no3Deirx9AArd,0SsP,sy,4ys0nt0cehms CloSuada-Shoasptpesd,

LoabdalancerHitachi ID Tarlgoecutanlsiayxsg,teoenlmdt:esOrwRSiS/t3hA90, WTaerrbgeemsSteoAsrtvyPesi,ctaNeegosmetensstw:, AeitDthc, SQL,
server

SQL
DB

VPsNerver NLooatinabfiddaclaiantnivocitneasTrtiicoknests Replication Data center B
ID
IVRserver SQL
DB

Hitachi
server

E-msyasiltem Sysotfermecord Firewall TaRrSgeyestmtemoste data center

TCP/IP + AES Incmidgemntt system HcRenter A Firewall
Various Protocols Pro(ixfynseeerdveedr)
Secure Native Protocol Data
HTTPS

© 2015 Hitachi ID Systems, Inc. All rights reserved. 7

Slide Presentation

11 Included Connectors

Many integrations to target systems included in the base price:

Directories: Servers: Databases:
Any LDAP, AD, WinNT, NDS, Windows NT, 2000, 2003, Oracle, Sybase, SQL Server,
eDirectory, NIS/NIS+. 2008, 2008R2, 2012, Samba, DB2/UDB, Informix, Progress,
Novell, SharePoint. ODBC, Oracle Hyperion EPM
Unix: Shared Services, Cache.
Linux, Solaris, AIX, HPUX, 24 Mainframes, Midrange:
more variants. z/OS: RACF, ACF2, HDD Encryption:
TopSecret. iSeries, McAfee, CheckPoint,
ERP: OpenVMS. BitLocker, PGP.
JDE, Oracle eBiz,
PeopleSoft, PeopleSoft HR, Collaboration: Tokens, Smart Cards:
SAP R/3 and ECC 6, Siebel, Lotus Notes, iNotes, RSA SecurID, SafeWord,
Business Objects. Exchange, GroupWise, RADIUS, ActivIdentity,
WebSSO: BlackBerry ES. Schlumberger.
CA Siteminder, IBM TAM,
Oracle AM, RSA Access Help Desk: Cloud/SaaS:
Manager. ServiceNow, BMC Remedy, WebEx, Google Apps, MS
SDE, HP SM, CA Unicenter, Office 365, Success Factors,
Assyst, HEAT, Altiris, Clarify, Salesforce.com, SOAP
RSA Envision, Track-It!, MS (generic).
System Center Service
Manager

© 2015 Hitachi ID Systems, Inc. All rights reserved. 8

Slide Presentation

12 Rapid Integration with Custom Apps

• Hitachi ID Suite easily integrates with custom, vertical and hosted applications using flexible agents
.

• Each flexible agent connects to a class of applications:

– API bindings (C, C++, Java, COM, ActiveX, MQ Series).
– Telnet / TN3270 / TN5250 / sessions with TLS or SSL.
– SSH sessions.
– HTTP(S) administrative interfaces.
– Web services.
– Win32 and Unix command-line administration programs.
– SQL scripts.
– Custom LDAP attributes.

• Integration takes a few hours to a few days.
• Fixed cost service available from Hitachi ID.

13 Competitive Advantages

Unique features Rapid deployment

• "Provisioning" and "governance" in one • Key features built-in, not custom:
product.
– Request forms.
• Access, authorization built around – Authorization workflow.
relationships. – Access certification.
– Auto-discovery.
• Self-service from any device, any – Reports.
location.
• A product, not a devel. environment.
• Users can request resources, not groups.
• SoD engine detects "effective" violations.

Scalable platform Integrations

• Real-time data replication. • 110+ included connectors.
• Multi-master architecture. • Flexible connectors.
• Proxy server to cross firewalls. • Built-in implementers workflow.
• Stored procedures, native code for speed. • Incident management, SIEM, etc.

© 2015 Hitachi ID Systems, Inc. All rights reserved. 9

Slide Presentation

14 Hitachi ID Suite Summary

• A rich suite of identity and access management products, with over 14M licensed users, that can:
– Discover and connect user objects from every system.
– Streamline administration of users, entitlements and login credentials.
– Construct and maintain OrgChart data.
– Secure access to privileged accounts on thousands of systems.

• Lock down security and comply with regulations requiring internal controls.
• Reduce operating costs and improve user productivity.
• Flexible, scalable, reliable, available.

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: [email protected]

ww w.Hitachi-ID.com Date: January 22, 2015 File: PRCS:pres