Kemarin saya kedatangan tamu istimewa. Dia Channel Manager di salah satu perusahaan IAG (
Identity and Access Governance). Sekilas IAG ini sepertinya hanya mengatur Policy Access ke system yang telah ada, namun ternyata sangat luas. Tapi juga compliance issue. Nah yang terakhir ini yang sedang marak di industri finansial Indonesia.
Identity and access governance (IAG) is defined as (1) the process of requesting, approving, certifying and auditing access to applications, data and other IT services; and (2) the process of delivering security and business intelligence (BI) on how identities are created, managed and used for access. Software tools and services that provide support for most or all of this process are known as IAG products.
The IAG market (also referred to in vendor marketing as "identity governance," "access governance" and "role management") is not new. While first appearing as part of user administration and provisioning (UAP) in the late 1990s, distinctive IAG tools appeared between 2004 and 2006 as a response to concerns by clients about regulatory compliance involving access to critical IT resources. Concerns were also raised about the inability of UAP tools to be usable by the non-IT professional in addressing compliance requirements. Although UAP provided a user interface (UI) and reporting that could be leveraged by IT administrators, the ability to request, approve and certify specific access to applications, data and IT services — and then have that process audited — was not addressed adequately by UAP. A business-friendly UI and reporting capability that emphasized response to compliance needs and provided visibility into the identity change management process evolved first as a separate feature set, then later as a product.
Today, IAG is the fastest-growing sector of identity and access management (IAM). Gartner estimates that 2011 IAG product sales alone ranged from $200 million to $300 million, with estimated growth rates in 2012 continuing to exceed 35% to 40% for most IAG vendors. Consulting and system integration service sales for IAG are believed to be at least twice that. Gartner believes that the demand for IAG is just beginning, with a peak period for this functionality still four to six years in the future. Thus, most IAG vendors (and vendors with products that have IAG features) are enjoying increased sales — some more than others. The market can best be characterized by the quote "a rising tide lifts all boats," meaning even vendors with mediocre IAG capability are having some success. Although some early indicators show that market consolidation via acquisition may begin in 2013, the numerous vendors in and entering the IAG market will ensure much choice for buyers over the next two years. The disaggregation of IAG functions may also bring vendors into the IAM market that were not previously seen or thought of as IAM vendors.
Features of IAG products are still evolving, as is the relationship of IAG to other IAM and security products. New methods of delivering IAG, including software as a service (SaaS), are being tested. New methods of accessing IAG tools and services via mobile devices are also being explored. Although IAG tools and services are starting to mature, an architectural trend within the industry is reshaping the feature set. The UAP vendors that first introduced IAG features are redesigning their solutions to deliver "super IAG" functionality — that is, IAG with UAP fulfillment and synchronization capabilities. This means that user provisioning interfaces are being redesigned for business use, and the provisioning workflow is expanding to include access requests, approval and certification functions, and other steps to update UAP with IAG functionality. IAG vendors are doing the opposite — incorporating UAP connector architecture and fulfillment functions to existing IAG features. This is essentially redefining the IAG market to include UAP.
A market is also evolving for more advanced IAG tools that provide design, modeling, analytics and reporting functions for identity and access alone, without the approval, certification, and general administration and fulfillment components. These same tools initiate the creation of a formal identity data and log model for defining the data ecosystem to be most effective for all IAM tools, including IAG. Gartner believes this will give rise to a revised view of IAG to mean "identity governance and administration" of access. Products will divide between those focused on day-to-day administration activities for access request, approval and certification, and those devoted to mining, discovery, modeling, analytics and forensics capabilities — that is, identity and access intelligence (IAI). Advanced analytics is one of several criteria particularly important to a vendor's road map and vision.
IAI products deliver advanced data model design, pattern analysis, forensics, and other advanced analytics and reporting capabilities that are not generally found in today's products. The identity and access data collection, correlation and analysis have expanded to include input from security information and event management (SIEM), data loss prevention (DLP), and other IT security and system tools. For SIEM and DLP, it also means that IAG data can be used in its own collection, correlation and analysis. A renewed focus on access governance for data by incorporating new features (and acquiring other vendors) to govern access to unstructured and semistructured data will be a trend for 2013 and 2014. Improved integration with privileged-account activity management (PAAM) will also occur.
IAG technology provides:
Access policy management
Administration of access entitlements (known also as user permissions, rights or authorizations)
Role management (as one function of entitlement administration)
IAG technology provides these functions with the following:
Administrator and business UIs
A workflow system for automating IAG processes
An identity repository or warehouse for IAG-specific information (could be more than one repository)
A connector architecture or service bus architecture for linking the IAG product with required resources
Mining and discovery tools that permit the construction of identity repository components, such as roles and entitlement catalogs for applications
Comprehensive analytics tools for modeling, simulation and forensics activities with IAG information
A complete audit and reporting capability as part of the systems above or stand-alone
IAG deployments are often funded for one or more of the following reasons:
Compliance reporting and control driven by regulation
Accountability and transparency of access to critical business resources in an attempt to better manage business risks and protect privacy
Streamlining an intensely manual process for access request, certification, and reporting for efficiency and cost savings
Enterprises should consider IAG products from vendors in every quadrant of this Magic Quadrant based on their specific functional and operational requirements. Product selection decisions should be driven by organization-specific requirements in areas such as:
The relative importance of access request and certification
The scale of the deployment
IAG product deployment and support complexity
The IT organization's project deployment and technology support capabilities, maturity and experience
Integration with other established IAM systems
IT managers considering IAG deployments should first define and/or determine their requirements for the governance of identity and access functions. The requirements definition effort should include capabilities that will be needed for subsequent deployment phases to establish organizational structure and for training. The project will benefit from the input of other IT groups, including audit/compliance, IT operations and application owners, and security administration. A formal assessment of existing capabilities to address these requirements will then lead to a gap analysis and feature list required to fill that gap. Enterprises should describe their IAM deployment topology so that prospective IAG vendors can propose solutions to company-specific deployment scenarios. The requirements definition effort should include later-phase deployments beyond the initial use case, because this is an ongoing process, not a one-time effort. This Magic Quadrant evaluates technology providers with respect to the most common technology selection scenario — an IAG project that is funded to satisfy access request and certification needs for compliance through accountability and transparency of access.
In summary, enterprises should:
Use IAG products to establish an identity data model and data warehouse for governing the identity life cycle, particularly for access.
Choose IAG products that provide a business-friendly user experience and that best address your enterprise process for access request, certification and audit reporting.
Leverage the data created by your established identity administration and access management tools to provide IAI to IAG and to serve as fulfillment mechanisms for IAG.
Open Source Software: The Mega List A jaw-dropping 1,000+ open source software tools. Open source software for, well, everything: Desktop, security, multimedia, small businesses, enterprises, education....
December 19, 2012
By Cynthia Harvey
Throughout the year, Datamation publishes guides to open source software in a variety of different categories, such as security, cloud computing, big data, small businesses, mobility and even games. It's become an annual tradition to compile all those open source apps we've featured into one gigantic list.
Our 2012 guide is longer than ever before with a jaw-dropping 1000+ open source apps in all. As usual, we've divided the list into categories and then alphabetized the projects within each category.
Whether you're a long-time Linux fan or a Windows or OS X user who's curious about the open source phenomenon, you're sure to find something new, interesting and useful.
1. Edoceo Imperium
Designed for small and mediu…
Mengenal Fungsi Dan Komponen Panel Listrik Panel Listrik – Electrical switchboard atau lebih kita kenal dgn panel listrik terbentuk berdasarkan susunan komponen listrik yg sengaja disusun dalam sebuah papan control, sehingga dapat memudahkan penggunaanya. Tuk lebih mengenal fungsi dari panel listrik kita telebih dahulu mengenal komponen- komponen panel listrik dan harus memahami fungsi dari bagian-bagaian listrik itu sendiri Berikut beberapa komponen panel listrik beserta fungsinya yang perlu anda ketahui:
MCB, yg singkatan dari ( Miniature Circuit Board) merupakan komponen panel listrik yang berfungsi sebagai switch pembatas arus akibat dari kenaikan daya /tegangan yg melebihi batas dan atau hubung singkat. Komponen panel listrik ini biasanya terbatas pada arus nominal kecil sampai dgn kurang dari 100 Ampere. Bentuknya ada yg satu pole (satu input dan satu output), ada yg dua pole, tiga pole hingga empat pole.
MCCB, MCCB singkatan dari Moulded Case Circuit Breaker. Circuit Breaker pemb…
Membangun Ruang Server merupakan kegiatan yang tidak dapat dianggap remeh. Untuk sebagian kita menganggap ruang server hanyalah tempat dimana perangkat server disimpan dengan baik. Tapi pada dasarnya, ruang server adalah ruangan yang bisa dikatakan merupakan juga data center dalam ukuran kecil, maka seyogyanya kita juga mengikuti standar untuk pembangunan ruang data center.
Ukuran ruang server umumnya akan sangat bergantung dari kegunaan dan kapasitas penampungan yang direncanakan. Oleh karena itu, ruang server dapat berukuran dari sangat kecil (minimal 2 meter x 2 meter) hingga ruang yang cukup besar.
Kalau kita bicara kegunaannya, umumnya ruang server digunakan untuk :
Menampung perangkat server (baik ukuran tower / rackmounted). Server bisa diasumsikan PC Server juga.Menampung perangkat jaringan, umumnya dalam hal ini minimal switch yang digunakan untuk koneksi ke server atau koneksi ke user.Menampung perangkat sumber daya catuan cadangan (atau kita mengenal istilah UPS)