| | |
Sunday
02:00 PM - 06:00 PM | |
Sunday
03:00 PM - 04:00 PM | |
| Without accurate, up-to-date identity information from directories and identity databases, business users won’t have appropriate access. Identity and access governance uses an identity data model designed from identity repositories and logs to deliver business-driven IAM.
- What is an identity data model in IAM?
- What is identity and access governance, and how does it use an identity data model?
- How can enterprises ensure that their identity data models are effective? |
Sunday
03:00 PM - 04:00 PM | |
| If your awareness program was designed by a guy with pocket-protectors, a fresh CISSP, and a highlighted NIST 800 series, then you can guarantee it is obsolete. New approaches draw on advertising, marketing, social engineering and practical magic to build a new context for security awareness.
- Why does training fail to change behavior?
- How can we influence and motivate employees more effectively?
- What are the skills and tools we need to make this happen?
|
Sunday
04:15 PM - 05:15 PM | |
| The phrase “identity and access management” can raise feelings both of great hope and of great fear. Horror stories abound. At the same time, many people hold out great hope for the promises of what IAM can accomplish. Join us as we explore IAM's myths and monsters.
- What are the common IAM myths?
- What are the monsters and how can I defeat them?
- How can I make the most of this conference to help slay the monsters, defeat the dragon, and win the prize?
|
Sunday
05:15 PM - 06:30 PM | |
Monday
07:00 AM - 08:00 AM | |
Monday
07:00 AM - 06:30 PM | |
Monday
07:00 AM - 08:00 AM | |
| Join your peer to highlight and discuss key issues facing Healthcare that have significant implications on your organization’s ability to deliver and sustain mature IAM processes and capabilities. |
Monday
08:15 AM - 09:00 AM | |
| Gartner has identified four forces that will have a profound impact on IT, including IAM. Cloud, social media, mobility, and information are forces of change in the way IAM is delivered, the way it is consumed by the enterprise, and the manner in which identity and access is managed. Although the impact of the Nexus of Forces is long-term, there are already signs that they are impacting IAM solutions and buyers now. |
Monday
09:00 AM - 09:15 AM | |
Monday
09:30 AM - 10:30 AM | |
| The increased range and variety of authentication methods and platforms now available means that there that there is likely a “best fit” authentication solution for every enterprise use case. But it is difficult for IAM and information security leaders to find that solution among the myriad options.
- What are the characteristics of a good authentication method?
- How do different use cases influence and constrain enterprises’ choices?
- How can enterprises architect a sound authentication solution? |
Monday
09:30 AM - 10:30 AM | |
| As enterprises both expand and simultaneously seek to simplify their environments, there are many implications to directory services. This user roundtable will allow for questions and interaction, as analysts and attendees grapple with implications and best practices. |
Monday
09:30 AM - 10:30 AM | |
| An identity bridge is an on-premises appliance that solves problems across on-premises and SaaS environments. For most enterprises, the identity bridge is an essential tool. It can provide federation, synchronization, provisioning, mobile credential management and authorization services.
- What are some current examples of current identity bridges?
- What are successful road maps for multi-functional identity bridges?
- What are Gartner’s projections for cross-domain super bridges?
- What are Gartner’s recommendations for successful deployments? |
Monday
09:30 AM - 10:30 AM | |
| Enterprises must manage identity in an increasingly hybrid world in which legacy on-premises IAM infrastructures are extended or replaced to support SaaS and mobile endpoints. Identities established on social media platforms are also being leveraged for enterprise system access.
- What issues must be addressed when applications are moved to the cloud, when endpoints are mobile, and social identities are to be leveraged?
- What are the traditional and emerging methods for resolving these problems?
- What are the current and emerging standards that support IAM, the cloud, mobility and social?
|
Monday
09:30 AM - 10:30 AM | |
| The threat environment is evolving. Attacks are financially motivated and are supported by a sophisticated underground economy. To stay ahead of the “bad guys,” enterprises need to invest wisely in security tools and personnel. The right balance between too little and too much security is essential.
- What are the key trends in cybersecurity attacks?
- Which new tools and processes should enterprises adopt to defend against these attacks?
- What are the best practices for mitigating cyber threats?
|
Monday
09:30 AM - 10:30 AM | |
| Would you choose development or configuration to meet your needs? Is customization the enemy of getting your system operational? Why is the enterprise landscape littered with half- completed IAM deployments and what do you need to know prior to accelerate your deployment? Why are IAM niche vendors stealing the show? Join the discussion on these topics and more as Avatier shares stories from the trenches with real customer solutions and the results of an eye-opening new survey. |
Monday
10:45 AM - 11:45 AM | |
| It is no secret that Identity & Access Management systems are under severe stress as organizations consume dozens of new cloud-based applications and add thousands and even millions of new consumer and partner users to their extranets. IAM is ripe for a reboot. In this session, we will discuss an approach to ‘Adaptive IAM’: Solutions that build on existing IAM investments and make them more adaptive to cloud, mobility and new threats |
Monday
10:45 AM - 11:45 AM | |
| The next step in the evolution of identity and access management can have a dramatic influence in streamlining IT department processes. Avatier CEO Nelson Cicchitto addresses an entirely new technology category defined by the convergence of requests, approvals, and tracking of personnel access to data, applications, systems, facilities, and equipment. He will discuss the emergence of this new category—Universal Assignment Management™ (UAM)—and the role IT managers will play in its adoption. |
Monday
10:45 AM - 11:45 AM | |
| The exploitation of privileged accounts has become a primary attack vector for cyber attacks and the most devastating data breaches over the past two years. As the enterprise perimeter dissolves and internal and external threats increase, identifying, managing and protecting privileged activity is critical to the overall security for any business. This session will help attendees understand where these privileged accounts exist within their organization and how they can manage and monitor privilege activity to mitigate risk. |
Monday
11:45 AM - 12:45 PM | |
Monday
11:45 AM - 01:45 PM | |
Monday
11:45 AM - 01:00 PM | |
Monday
01:15 PM - 01:35 PM | |
| Dave Miller, Chief Security Officer at Covisint will describe the method for developing an identity framework that allows external engagement. The discussion will include:
• Standard Access Management Tasks – Justification for cloud-based Identity and Access Management Services:
o Credential Management
o Authorization
o Audit
• Building a framework that allows broker access to data, such as through:
o Hyperlinks
o Portlets-based
o Mashups
o Mobile Devices
• Using robust API Services to allow third-party deep integrations and development.
|
Monday
01:45 PM - 02:45 PM | |
| A tools-based focus can result in failed projects, wasted resources and lack of business alignment. When IAM architecture is part of broader security and enterprise architecture program, enterprises can improve identity-oriented business processes, information flows and technology implementations.
- What are the most-effective contents and structures for security architecture?
- How should enterprises practically model IAM architectures to ensure linkage to the business strategy, and to adequately address risks?
- What are security architecture pitfalls and best practices? |
Monday
01:45 PM - 02:45 PM | |
| This analyst-user roundtable allows attendees from the healthcare industry to discuss their IAM- and security-related challenges, successes and questions. This session will be highly interactive and will provide real-world value and insight for those who participate. |
Monday
01:45 PM - 02:45 PM | |
| Externalized authorization has granted enterprise applications rich decision-making ability and ways of controlling who can do what with what kind of data. Although, identity management services have begun their inevitable migration to the cloud, authorization has lagged its peers.
• To what extent is externalized authorization becoming mainstream?
• What are the deployment patterns for externalized authorization with respect to cloud services?
• What are the challenges of federated authorization?
|
Monday
01:45 PM - 02:45 PM | |
| How do we measure the value of IAM? For many, justifying IAM has been elusive. It remains a horizontal concern in the vertical world of business services, something shared by all business functions but owned by none. How can an IAM project be reconciled with the budgets of business?
- How much does IAM cost today, and why?
- How does an enterprise cost-justify an IAM project—is it possible?
- How will the economics of IAM change in the era of cloud and mobility?
|
Monday
01:45 PM - 02:45 PM | |
| Many organizations protect data with no clear understanding of the data's associated value and risk. Step 1 is ensuring that the right people have the right access. This session analyzes the real drivers for data protection and provides a survey of some of the available tools to address the problem.
- Why the current approach to protecting data in technology silos doesn't work
- What steps can clients take to ensure that enterprise data is protected throughout its life cycle?
- What controls and tools are available to protect enterprise data in practice?
|
Monday
01:45 PM - 03:15 PM | |
| IAM leaders use this Gartner assessment to evaluate their IAM efforts against key maturity indicators. This helps determine which aspects of a maturity level are most important and how to advance. Immature programs are likely to be inefficient, ineffective and unable to deliver full business value.
- What does maturity mean for an IAM program?
- How does ITScore measure maturity of the IAM program?
- How can enterprises use ITSCORE to assess the maturity of their IAM programs?
|
Monday
03:00 PM - 04:00 PM | |
| Have you ever had an audit finding where your controls for managing privileged access were lacking?
Have you stopped changing passwords on service accounts because complying with mandated requirements sends your systems off-line?
In this session you'll hear stories from the trenches from IT staff at well-known organizations who manage privileged identities on some of the world's most scrutinized networks. And, we'll explore new approaches for rapid remediation of privileged account security holes.
|
Monday
03:00 PM - 04:00 PM | |
| This two-part session will discuss why next-generation IAM solutions better address today’s business and IT challenges. Adobe’s Steve Lavigne will present a case study about evolving an existing IAM infrastructure to a governance-based one, sharing best practices from the transition. Then, SailPoint’s Kevin Cunningham will discuss how mobility, cloud adoption and the consumerization of IT are radically changing the way in which we need to be thinking about identity management going into the future. |
Monday
03:00 PM - 04:00 PM | |
| Today’s multi-perimeter world of mobile, cloud, social and information interactions has transformed the enterprise, so the traditional approach to IAM is no longer sustainable. Organizations need a new integrated approach for securing the wide variety of enterprise and web resources from any device, any service and any source. In this session, IBM will discuss the changing security landscape and why this transformation requires you to consider a new multi-perimeter IAM strategy for the future. |
Monday
04:15 PM - 05:15 PM | |
| Effective governance provides accountability, responsibility, authority and assurance. Governance consists of a set of processes and activities executed and overseen by appropriate governance bodies. Success of governance initiatives depends on the effectiveness of the groups tasked with executing.
- What are current security and risk governance best practices?
- What processes, structures and forums constitute effective security and risk governance?
- How does IAM governance differ from risk and security governance?
|
Monday
04:15 PM - 05:15 PM | |
| As enterprises both expand and simultaneously seek to simplify their environments, there are many implications to directory services. This user roundtable will allow for questions and interaction, as analysts and attendees grapple with implications and best practices. |
Monday
04:15 PM - 05:15 PM | |
| Gartner analysts for the PAAM market present their thoughts related to the market and technology, and share use cases. The majority of the time will be open for attendee questions and comments. If you’ve been wondering where and how PAAM may fit into your strategy, then this is the session to attend. |
Monday
04:15 PM - 05:15 PM | |
| As a start-up luxury resort and casino, The Cosmopolitan of Las Vegas (“The Cosmopolitan”) needed to onboard approximately 4500 new employees in three months, and there was minimal infrastructure in place to manage provisioning and deprovisioning of these employees in compliance with SOX, PCI, and Nevada Gaming Control Board regulations. Kristen Singleton, CIO, will share the process, challenges and solution which integrated many key Cosmopolitan systems, including the HR system, allowing for automated account setup across the diverse user population. |
Monday
04:15 PM - 05:15 PM | |
| Early detection of targeted attacks and security breaches has never been more important and more difficult to achieve. User activity monitoring is key to early detection of targeted attacks, and has become part of the standard of due care for a variety of regulations across all industry segments.
- What are the security and compliance drivers for user activity monitoring?
- How can SIEM and other monitoring technologies be deployed for early detection of internal and external threats?
- Which SIEM vendors are best suited to particular monitoring use cases?
|
Monday
05:30 PM - 06:15 PM | |
| In this session, authors of Gartner Magic Quadrants and MarketScopes for IAM discuss the trends within their various markets, the Magic Quadrant and MarketScope findings, and address audience questions. Topics and tools specifically covered include authentication technologies, user administration/provisioning, identity and access governance, Web access management and identity federation. |
Monday
06:15 PM - 08:15 PM | |
Monday
06:30 PM - 06:50 PM | |
| Discover the new ways to extend Identity and Access Management (IAM) capabilities to mobile devices and applications making them more secure. This session will elaborate on how developers and IT managers can quickly and seamlessly extend strong, two-factor authentication, and IAM capabilities to mobile devices and applications, as well as customize each mobile application experience based on personal identity in order to reap the benefits of today’s mobile work environment while protecting enterprise data |
Monday
07:00 PM - 07:20 PM | |
| As more and more entities implement federated services, identity management has entered the spotlight. Sound identity management practices are not a new topic; however, there is now a sharper focus on key practices such as automation and attribute management. Government initiatives such as NSTIC stand to become key influencers over existing and future identity deployments. This session will focus on key identity management components that ensure the validity and integrity of federated transactions.
|
Tuesday
07:00 AM - 06:00 PM | |
Tuesday
07:15 AM - 08:15 AM | |
| Topics To Include:
• Consumer Products/Services
• Energy, Utilities and Water
• Financial Services
• Healthcare
• Manufacturing
• Public Sector- Education
• Public Sector/Government- Federal
• Public Sector/Government- State/Local
• Telecommunications and Information Services
• Transportation
|
Tuesday
07:15 AM - 08:15 AM | |
| Using the results of the previous day’s session, discuss foundational and strategic avenues to address critical IAM implications, including process and solution maturity. |
Tuesday
07:15 AM - 08:15 AM | |
| Often, User Provisioning and Identity and Access Governance (IAG) serve as the ‘entry points’ to broader IAM programs. However, there is still movement in what User Provisioning and IAG are becoming.
- What feature sets are critical? What is the hype? What is the reality? And what does the future hold?
|
Tuesday
07:30 AM - 08:00 AM | |
| As enterprises embrace mobile and social applications, security and audit have moved into the foreground. The way we work and connect with our customers is changing dramatically and this means re-thinking how we secure the interaction and enable the experience. Work is an activity not a place - mobile access enables employees to work from any device anywhere and anytime. Organizations are utilizing "flash teams" - instead of a dedicated group to solve problems, organizations utilize more cross-functional teams. Work is now social - email collaboration will be replaced by dynamic social media style interaction. In this session, we will examine these three secular trends and discuss how organizations can secure the work experience and adapt audit controls to address the "new work order". |
Tuesday
08:15 AM - 09:15 AM | |
| It is more important than ever to influence multiple stakeholders: departments, teams, and the organization as a whole. Communication expert Mark Jeffries has a simple, yet vital message — communication excellence leads to increased credibility, more successful projects and higher profits.
Mark presents a practical toolbox of innovative communication, networking and influence tools designed to give you a smart, proven, communication-based approach to the challenges you face every day — with your project sponsors, colleagues and within your teams. From networking to negotiation, from the power of words, to the behaviors of the “trusted advisor” - Mark presents a practical and entertaining session filled with valuable takeaways.
|
Tuesday
09:30 AM - 10:30 AM | |
| Provisioning, directory, and identity access governance (IAG)technologies form the foundation of an identity management solution. In this session Gartner will provide a component description and architectural overview of these technologies. Gartner will also offer deployment considerations, insights, and best practices based on years of customer experience.
In this session participants will:
- Develop a basic understanding of provisioning, IAG, and directory technologies
- Gain insights into the integration touch points between provisioning, IAG, and directories
- Identify best practices for deploying these services
|
Tuesday
09:30 AM - 10:30 AM | |
| The classic data privacy problem is about two kinds of disclosure: active and passive. Mobile devices increase passive disclosure, often without our knowledge and sometimes without our consent. They are increasingly hooked into the Internet at the application level and may include several geolocation technologies.
- The potential for data leakage is ever greater, but is it all bad?
- Could all that data actually help protect us against identity theft?
- Is this yet another nail in the coffin of authentication? |
Tuesday
09:30 AM - 10:30 AM | |
| Directories are the plumbing that enable higher level IAM functions. Optimizing directory architecture and deployment routinely leads to migration, consolidation and rationalization of directories and can disrupt IAM functions and performance across the enterprise. In this roundtable we will focus on what works and what doesn’t work when it comes to directory migration and consolidation programs with disparate directory systems such as AD, LDAP and e-directory. |