1

Hitachi ID Group Manager

Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Self service management of security group membership.

Agenda
Introductions. Hitachi ID corporate overview. IDM Suite overview. Managing membership in large numbers of AD groups. The Hitachi ID Group Manager solution. Animated demonstration.

2013 Hitachi ID Systems, Inc.. All rights reserved.

Slide Presentation

Hitachi ID Corporate Overview

Hitachi ID delivers access governance and identity administration solutions to organizations globally. Hitachi ID solutions are used by Fortune 500 companies to secure access to systems in the enterprise and in the cloud. Founded as M-Tech in 1992. A division of Hitachi, Ltd. since 2008. Over 1000 customers. More than 12M+ licensed users. Ofces in North America, Europe and APAC. Partners globally.

Representative Hitachi ID Customers

2013 Hitachi ID Systems, Inc.. All rights reserved.

Slide Presentation

IDM Suite

Problem: Too Many Security Groups

Medium to large AD environments have thousands of security groups: Control access to printers, shares and folders. Membership in mail distribution lists. It is challenging to manage group membership on this scale: User needs constantly change. Users do not understand groups or ACLs. Users dont know which groups they need. Who authorizes membership in each group?

HiGM: Self service management of security group membership

Hitachi ID Group Manager enables users to request access to network resources such as applications or le folders using an intuitive Web-based interface. Behind the scenes, HiGM creates requests for security group membership and automatically tracks authorization by the appropriate stake-holders. HiGM makes administration of security entitlements simple and efcient and so fosters collaboration and reduces security administration workload.

2013 Hitachi ID Systems, Inc.. All rights reserved.

Slide Presentation

HiGM Features

Hitachi ID Group Manager enables self service administration of user access to network resources shares, folders, etc.: Intercept: The Windows "Access Denied" error dialog and send users to the appropriate workow / group membership request screen. Browse: Users nd the resources they want using HiGM. Request: Users ask for access to a resource (no knowledge of groups required). Map: HiGM maps user requests to group membership. Route: A workow request is created dynamically and sent to the groups owner plus anyone else specied by policy. Provision: Upon approval, the user is added to the appropriate group. Notify: Users and authorizers are sent thank-you notes.

2013 Hitachi ID Systems, Inc.. All rights reserved.

Slide Presentation

Multi-Master Architecture
, nix , U 0, AD S/39 P, O DA 0 L S40 d e A tiv wor a s N as ge p han c g Tri ch yn S rd wo

ms ste Sy r ge t: en ag

, te d os s h ud app Clo aaS S

r IVR erve S

se ver Re eb y W rox P N r VP erve S or il TP Ma SM otes N r ad ce Lo alan B

ate lid Va

al s) loc er( ith RSA v r w s er Se ID em old hi on yst nix, ac licati t S i t U H pp SQL ge 0, A s DB Tar S/39 ce ss Pa

PW

SQL DB

TCP/IP + AES Various Protocols Secure Native Protocol HTTPS

ails Em nt ide Inc gmt em M yst S

L/ SQ racle O
Tic ts ke

t: en ag e t o rem c ork ith s, et O rvi w e tw e s ot S e m b N e lN We yst P, t S SA oca ge SQL, r L a T D, A ll a ew Fir

u ok Lo of m ste d Sy ecor R

er gg Tri & p

all ew Fir

er erv y S ded) x Pro f nee (i

ter en C ta Da e t mo Re

t ge ms Tar yste S

10

Intercept Access Denied Dialogs

Animation: ../pics/camtasia/v8/higm-A-request-folder/higm-A-request-folder.cam

11

Authorization of a request for security group membership

Animation: ../pics/camtasia/v8/higm-B-request-approve/higm-B-request-approve.cam

2013 Hitachi ID Systems, Inc.. All rights reserved.

Slide Presentation

12

Request approved, user can access the folder

Animation: ../pics/camtasia/v8/higm-C-approved-open-le/higm-C-approved-open-le.cam

13

IDM Suite Overview

Hitachi ID Group Manager is a component of IDM Suite. IDM Suite is designed to streamline management of users and passwords for enterprise users. A rich suite of identity and access management products, with over 12M licensed users, that can: Discover and connect user objects from every system. Streamline administration of users, entitlements and login credentials. Construct and maintain OrgChart data. Secure access to privileged accounts on thousands of systems.

14

Summary

Hitachi ID Group Manager helps organizations to more quickly, efciently and intuitively manage membership in large numbers of Active Directory groups: Users focus on network resources, not groups. Group owners, not IT, authorize requests for resource access. IT security administrators manage the process, not individual requests. Auditors can monitor current group membership and how users came to have the rights they do.

Learn more at Hitachi-ID.com/Group-Manager. ... or ... E-mail sales@Hitachi-ID.com

500, 1401 - 1 Street SE, Calgary AB Canada T2G 2J3 Tel: 1.403.233.0740 Fax: 1.403.233.0725 E-Mail: sales@Hitachi-ID.com
File: PRCS:pres Date: September 19, 2013

www.Hitachi-ID.com