rm5 idm, centralized entitlement management

Kuppinger & Cole Webinar 21.04.2010

One Entitlement Management for all – How to Manage all Users, Services, and Service Providers Consistently

Palveluita tarjoava

organisaatio

BUSINESS

Enterprise domain

PRODUCTION

SUPPLIERS CUSTOMERS

Value chain domain

DESIGN

SUPPORT

Lifecycle domain

HumanResources

Finance &Accounting

EnterpriseResourcePlanning

SupplierRelationshipManagement

CustomerRelationshipManagementInput Output

ProductLifecycle

Management

EnterpriseData, Content & Asset

Management

Automation

Logistics

CollaborativeInfrastructure

Source: TopQuadrant, 2004, modified by RM5

E N T I T L E M E N T M A N A G E M E N T

Business challengeHow to manage entitlements?

Business domain

Information system

Who has

Accessto

What?

All rights reserved RM5 Software Oy


Solution: Centralized Entitlement Management for Internal and External Organizations

physicalresource

Circleof

Trust

database

application

e-service

repository

process

system

non-itservice

asset

Who has accessto what?

EntitlementManagement


Internal users

externalorganization


Focus on internal users?

Business

SINGLE BUSINESS SERVICE PROVIDER

INTERNAL USERS INTERNAL SERVICES


Internal users




External users

Business


Focus on external users?SINGLE BUSINESS

SERVICE PROVIDEREXTERNAL USERS INTERNAL SERVICES



Large corporation or industry cluster business case?MULTIPLE BUSINESS SERVICE PROVIDERS

SHARED USERS SHARED SERVICES


Internal services

External services

E X I S T I N G O F F E R I N G

Software as a Service delivery model


On-Premise delivery model

E N T I T L E M E N T M A N A G E M E N T M A R K E T


Hybrid environment needs a hybrid solution model

N E W O F F E R I N G

AUTHORIZATION FOR

SaaS/CLOUD SERVICES


AUTHORIZATION FOR

INTERNAL SERVICES


Managed Service

Providers

E X I S T I N G

Software as a Service delivery model

E X I S T I N G

On-Premise delivery model

R M 5 E N T I T L E M E N T M A N A G E M E N T O F F E R I N G


Value proposition


Manage GRC Improve IAM productivity

Enable business

ProcureEntitlement

Management as a Service

Create new business by

offering Entitlement

Management as a Service

Customers

GRC= Access Governance, Risk Management and ComplianceIAM = Identity and Access Management


Core processes in internal usage scenario


process

System resource use

process

HR process



Entitlement governance level – internal users



process

System resource use

process

HR process

Traditional IDM view


Simplified life-cycles – internal scenario

ASSIGNENTITLEMENTS

CREATEPERSON

CHANGEENTITLEMENTS

TERMINATEENTITLEMENTS

ASSIGNJOB ROLE &

COST UNIT POSITION

STARTEMPLOYMENT

CHANGEJOB ROLE

TERMINATEEMPLOYMENT

CREATEACCESS

UPDATEACCESS

H U M A N R E S O U R C E M A N A G E M E N T

T A R G E T S Y S T E M


S Y S T E M

TERMINATEACCESS



Core processes in external usage scenario

EMprocess

Stakeholder process

System resource use

process

Supplier process

Sub-contractor process

Customer process

Channel partnerprocess



Entitlement governance levels – external scenario


EMprocess

Stakeholder process

System resource use

process

Supplier process

Sub-contractor process

Customer process

Channel partnerprocess

Business-centric view

CREATE USERS AND ASSIGN

ENTITLEMENTS

CREATESERVICE AGREEMENT

CHANGEENTITLEMENTS

TERMINATEENTITLEMENTS

SELECTSERVICES

DEFINECUSTOMERSHIP

CHANGECUSTOMERSHIP

TERMINATECUSTOMERSHIP

CREATEACCESS

UPDATEACCESS

C U S T O M E R R E L A T I O N S H I P M A N A G E M E N T

T A R G E T S E R V I C E


S Y S T E M

TERMINATEACCESS


Simplified life-cycles – external scenario



Core processes in internal & external scenario

EMprocess

Stakeholder process

System resource use

process

Supplier process

Supplier process

Customer process

Partnerprocess

HR process



New application development process

EMprocess

Stakeholder process

System resource use

process

Supplier process

Supplier process

Customer process

Partnerprocess

HR process

System development

process



New application sourcing process

EMprocess

Stakeholder process

System resource use

process

Supplier process

Supplier process

Customer process

Partnerprocess

HR process

System development

process


System sourcingprocess

ENTITLEMENTSERVICE

MODELING

ENTITLEMENTINFORMATIONDISTRIBUTION

Entitlement requestand approval process

Entitlement serviceadministration

Reporting andauditing

Entitlement service configuration and parametrization

Entitlement policy

modeling

Base data import and source system

data feed

STATICProvisioning to

middleware or target systems

MANUALE-mail feed

for manual operation

DYNAMICPolicy information service for

run-time authorization


Key functionality



Business Centric Approach

Service providers

Services

Resources

Service Agreement

Entitlements

Servicecustomers

Business roles

Users

Software as a Service

Model basedProcess driven

Advancedexternal usersmanagement

Model based

Enabledelegated

administration

RM5 IdM


Service Agreement

Organisation or person

Service

Service roleEntitlement

Business Role

Service Provider

Service Customer


Entitlement Model


Access object

Owner

Service Agreement

Organisation or Person

Service

Service RoleEntitlement

Business Role

Service Provider

Service Customer


Extending model with Access Object Entitlements


Access object

Power of Attorney

Agent

Principal

Service Agreement

Organisation or person

Service

Service RoleEntitlement

Business Role

Service Provider

Service Customer


Extending model with Power of Attorney


Q & A

RM5 Software OyID 2137580-5Hämeentie 135 AFI 00560 HelsinkiFinlandwww.rm5software.com

Mr. Markku MontonenChairman & CEOPhone: +358 400 612 213email: [email protected]

PRODUCT MARKETING & SALESMr. Christian SundellVP, Sales & MarketingPhone: +358 40 1966 577 email: [email protected]

Thank you!

rm5 idm, centralized entitlement management

Technology

entitlement

entitlement

entitlement

holistic entitlement

entitlement

kuppinger

external users

increasingly