Mais conteúdo relacionado Semelhante a Force Cyber Criminals to Shop Elsewhere (20) Force Cyber Criminals to Shop Elsewhere1. 1
© Copyright 2015 EMC Corporation. All rights reserved.
Force Cyber Criminals to Shop Elsewhere
2. 2
© Copyright 2015 EMC Corporation. All rights reserved.
Introductions - Our Presenters
Rob Sadowski
Director, Technology Solutions
Kimberlee Bachman
Senior Product Marketing Manager,
IAM Solutions
3. 3
© Copyright 2015 EMC Corporation. All rights reserved.
• Cyber Security Challenges in Retail
• Identity Challenges in Retail
• Solution Best Practices
• RSA Identity Management and Governance
• Use Cases
• Q&A
Agenda
4. 4
© Copyright 2015 EMC Corporation. All rights reserved.
Security Concerns in Retail
Need to protect
customer data
and intellectual
property
Need to secure
critical
systems
Cyber
criminals
focusing on
retailersRecent wave
of retailer
breaches
5. 5
© Copyright 2015 EMC Corporation. All rights reserved.
• Payment card data
• Emphasis on compliance
• High employee turnover
Why Are Retailers an Attractive Target?
6. 6
© Copyright 2015 EMC Corporation. All rights reserved.
Payment
Card
Information
Customer
Purchase
and Loyalty
Information
Intellectual
Property
Cyber criminals do not discriminate against data, they’ll take it all
Concern: More Than Just Payment Card Data
7. 7
© Copyright 2015 EMC Corporation. All rights reserved.
Retailers’ Identity Specific Concerns
Compliance
Access to
Data
Role
Management
Access
Governance
Managing
Identity
Lifecycle
8. 8
© Copyright 2015 EMC Corporation. All rights reserved.
Employee Timeline Highlights Identity Concerns
ReviewJoins LeavesRequest Review & Revoke
Roles & Suggested
Entitlements
Roles & Suggested
Entitlements
Moves
9. 9
© Copyright 2015 EMC Corporation. All rights reserved.
Regular Access Reviews
Put process in place to stay audit compliant and know who has access to what
Business Driven Access Reviews
Fine Grained Entitlement Visibility
Remain Audit Compliant
Lower Organizational Risk
10. 10
© Copyright 2015 EMC Corporation. All rights reserved.
Governing Access With Policies
Policies help automate access governance and improve workforce management
Joiner Mover Leaver
Time Based
Segregation of Duties
11. 11
© Copyright 2015 EMC Corporation. All rights reserved.
Many People in Small Number of Roles
Corporate Users Hourly Workers Contractors
12. 12
© Copyright 2015 EMC Corporation. All rights reserved.
Governing Privileged Access (PAM)
Know what accounts have extra privilege
and make sure that’s appropriate
Avoid any one admin or user having too
much access to valuable information
Manage employees, vendors and
contractors
Review who has privileged access
13. 13
© Copyright 2015 EMC Corporation. All rights reserved.
Keeping Compliant
PCI DSS
HIPAA
SOX
Data Privacy
14. 14
© Copyright 2015 EMC Corporation. All rights reserved.
RSA Identity Management and Governance (IMG)
15. 15
© Copyright 2015 EMC Corporation. All rights reserved.
RSA IAM
Enabling trusted interactions between identities and information
Applications/Data/Resources
Identity Lifecycle
Compliance
Access Platform Governance Platform
Federation/SSO
Authentication
Employees/Partners/Customers
Provisioning
Identity Intelligence
16. 16
© Copyright 2015 EMC Corporation. All rights reserved.
Shift Decision Making and Accountability to the Business
Centralized Identity & Business Context
Business Process-Driven
Policy-Based Automation
Business-Driven Approach to Governance
17. 17
© Copyright 2015 EMC Corporation. All rights reserved.
A Phased Approach
Role & Group
Management
Access RequestPolicy
Management
Provisioning
Visibility &
Certification
Account &
Entitlement
Collection
Access Reviews
Segregation
of Duties
Role Discovery
& Definition
Role
Maintenance
Group Analysis
& Cleanup
Access
Request Portal
Policy-Based
Change
Management
Joiners,
Movers, and
Leavers
Task
Notification
Service Desk
Integration
Data
Visibility
Automated
Provisioning
Compliance
Controls
19. 19
© Copyright 2015 EMC Corporation. All rights reserved.
Point of Sale Monitoring
IMG Helps Retail Customers Achieve Success
Challenge Solution
No way of knowing
which Point of Sale
kiosk is being used and
when
Grant entitlements to
individual POS kiosks
and name them by
region
20. 20
© Copyright 2015 EMC Corporation. All rights reserved.
Unowned Accounts
IMG Helps Retail Customers Achieve Success
Challenge Solution
There are many
unowned accounts
Removed orphaned
accounts
21. 21
© Copyright 2015 EMC Corporation. All rights reserved.
Seasonal Workers & Contractors
IMG Helps Retail Customers Achieve Success
Challenge Solution
Concerned with
seasonal workers and
contractors having
access for the right
period of time
Policies allow access to
be granted for a set
amount of time to the
right applications
22. 22
© Copyright 2015 EMC Corporation. All rights reserved.
Operational Challenges
IMG Helps Retail Customers Achieve Success
Challenge Solution
There is operational
inefficiency at the
store level
Can put workflow in
place to manage
operations
24. EMC, RSA, the EMC logo and the RSA logo are trademarks of EMC Corporation in the U.S. and other countries.