| | |
Sunday
18:00 to 19:30 | |
Monday
07:30 to 20:00 | |
Monday
08:00 to 08:45 | |
| One of the most frequently-asked questions by Gartner clients is whether or not there are sample requests for proposal (RFPs) for IAM products and services available to use as a starting point in their efforts. An RFP template can be valuable in helping to identify which product and/or service features can fulfill the specific requirements enterprise users have for IAM. This tutorial session explores a basic template for different IAM technologies to aid in that planning effort. It will address issues such as:
|
Monday
08:00 to 08:45 | |
| Identity and access management (IAM) leaders and other security and risk management professionals can use this Gartner-developed maturity assessment to evaluate their enterprises' IAM efforts against key indicators of maturity. This will enable them to determine which aspects of a maturity level are most important to them and understand how to advance to the next level — a crucial exercise, as immature IAM programs are likely to be inefficient, ineffective and unable to deliver their full business value.
|
Monday
09:00 to 09:15 | |
Monday
09:15 to 10:15 | |
| Every enterprise has to manage the identities of its workforce, partners, customers and so on, and the access that they get to systems, data and other assets. But not all enterprises are tackling IAM initiatives in a way that maximises the value of IAM to the business through enhanced security and risk management, improved operational efficiency, and better business outcomes.
|
Monday
10:15 to 10:45 | |
Monday
10:45 to 11:15 | |
Monday
11:00 to 11:15 | |
| This Gartner Online Experience Showcase allows attendees to explore Gartner Business Wizard & Peer Connect tools. Through Gartner Business Wizard, you share your key initiatives, strategic vendor relationships and the related milestones. Then we proactively recommend relevant Gartner insight to you when you need it. Gartner Peer Connect is an exclusive online community of experienced IT professionals around the globe and is a powerful tool that connects you to credible peers with the experience you need. |
Monday
11:00 to 12:15 | |
| This interactive workshop session allows participants to work together, facilitated by a Gartner analyst, to assess their organizations' IAM program maturity using the Gartner ITScore for Identity and Access Management maturity assessment methodology and a workbook based on the ITScore diagnostic tool.
|
Monday
11:15 to 12:15 | |
| While IAM can provide cost savings along with benefits to the business that can directly improve profitability, justifying large capital investment for IAM initiatives is often a significant hurdle. This Q&A session allows attends to explore such questions as: |
Monday
11:15 to 12:15 | |
| Effective governance provides accountability, responsibility, authority and assurance. Governance consists of a set of processes and activities executed and overseen by appropriate governance bodies. The success of the governance initiatives depends on the effectiveness of the groups tasked with executing them. |
Monday
11:15 to 12:15 | |
| Effective identity and access governance requires a good foundation of data about identities and access. It also needs a way to record the events and activities surround access and identity administration. Existing identity repositories and logging systems may need to be ‘cleansed’ to be effective. This presentation explores the following: |
Monday
11:15 to 12:15 | |
| Six major trends will drive the evolution of businesses' management of identity and privacy during 2012: a shift from strategy to tactics, a focus on identity assurance, the development of authorization into a first-class identity function, the emergence of identity connectors as an architectural component, a move away from session-oriented identity designs toward token-based designs, and continuing battles over identity and privacy policy. In 2012, businesses need to increase their focus on identity and privacy projects that can achieve quick time-to-value and that can return real value not just to IT, but also to business users. |
Monday
12:15 to 13:30 | |
Monday
12:30 to 13:00 | |
| User provisioning manages identities across systems, applications and resources. In this session we review the Gartner Magic Quadrant for User Provisioning. |
Monday
12:45 to 13:00 | |
| This Gartner Online Experience Showcase allows attendees to explore Gartner Toolkits.
Toolkits save you time, help you make better decisions, and improve your execution through a set of tactical resources and frameworks to build from. During the showcase we will explore a range of Business Intelligence Toolkits including:
• Toolkit: The Gartner Business Risk Model
• Toolkit: Basic Access Policy
• Toolkit: Workshop for Innovatively Leveraging Your IAM Investment
• Toolkit: Basic Third-Party IT Maintenance Provider Access Policy
• Toolkit: RFI for Secure Email Gateway
|
Monday
13:00 to 13:30 | |
| Compliance remains the key driver for IAM initiatives, and identity and access governance tools are top-of-mind. In this session we review the Gartner Magic Quadrant for IAG. |
Monday
13:15 to 13:30 | |
|
This Gartner Online Experience Showcase allows attendees to explore Gartner’s ITScore & ITBudget. Gartner ITScore is a holistic set of interactive maturity assessments designed to help CIOs and IT leaders evaluate the maturity of both the IT organization as a provider of IT services, and the enterprise as a consumer of IT.
Gartner ITBudget is an interactive online tool that allows you to input your IT spending data and get a customized report that details how your spending compares to industry averages. It uses a proven, structured methodology and draws from our proprietary IT Key Metrics Data database.
|
Monday
13:15 to 14:30 | |
| In the past, detection and mitigation of fraud and mis-use was primarily a problem for the financial services industry. The rising level of targeted attacks has made this a problem for all of us. Identity and usage context is needed to discern a pattern of abnormal activity. |
Monday
13:30 to 14:30 | |
| Identity and Access Management has always been built on standards. Early systems were based on LDAP, Kerberos, X.509, and ASN.1; with the advent of XML and SOAP, more modern systems have added features based on XML, SAML and WS-Trust. The adoption of REST-based web services and Cloud SaaS offerings is driving a new generation of identity and access management standards, notably SCIM, SPML, XACML, OAuth and JWT. This session examines the new generation of IAM standards and the use cases they facilitate. |
Monday
13:30 to 14:30 | |
| IAM programs have generated a wealth of information about what to do and what not to do when it comes to good practices—from planning and design, to product/service selection and deployment, and ongoing management and operations. This presentation explores the lessons that have been learned by enterprises where IAM solutions have addressed their requirements, both business and technical. It will address such issues as:
|
Monday
13:30 to 14:30 | |
| Enterprises have been working to bring internal identity and access management under control. Outsourcing applications, using SaaS, and supporting mobile endpoint platforms can create new identity islands, add complexity and introduce security vulnerabilities. |
Monday
13:30 to 14:30 | |
| For decades IT has been focused on developing solutions that make IT administrative functions easier; however, the tides have shifted. Today, IT is tasked with delivering solutions that provide real business value, and identity and access management solutions are no exception to this rule. |
Monday
14:45 to 15:15 | |
| Saxo Bank is taking an innovative and pragmatic approach towards identity and access governance. Compliance and regulatory pressures coupled with strong business growth drive a need for better application management, including who can access the bank's resources.
Learn how Saxo Bank implemented CA Technologies GovernanceMindertm to achieve faster, better results. |
Monday
14:45 to 15:15 | |
| Protecting access to on-premise and cloud-based applications across a hybrid IT infrastructure is complex, costly and risky. RSA discuss how to effectively balance the appropriate level of authentication and authorisation to the cloud, for the cloud, and from the cloud, better protecting resources - while providing a seamless user experience. |
Monday
14:45 to 15:15 | |
| Stuxnet, SCADA, crafted malware to sophisticated cyber-attacks...one central theme at the heart of each incident – Privileged Accounts, the most powerful within an organisation.
We'll examine in detail the DNA of privileged attacks, discuss the nature of privileged accounts, and guide participants to best practices in managing this rising threat. |
Monday
15:15 to 15:45 | |
Monday
15:30 to 16:30 | |
| One of the most elusive deliverables in IAM is the business justification for building IAM. How can IT create a coherent and believable story about why IAM is needed in the enterprise in language that the business can understand and accept? This Q&A session allows attends to explore such questions as: |
Monday
15:30 to 15:45 | |
| This Gartner Online Experience Showcase allows attendees to explore Gartner’s mygartner.com and how to customize the page to match your Key Initiatives. Attendees will be able to review the latest Gartner Research and tools including:
• Research Recommendations
• Gartner Tools
• Webinars
• Analyst Picks
• Industry Picks
• Market News
|
Monday
15:30 to 16:45 | |
| Learn how to replace passwords with OTP or smartcards to strengthen authentication. The workshop will take participants through the detailed procedures for adopting the main strong authentication technologies. |
Monday
15:45 to 16:30 | |
| This session will describe the implementation and challenges of one of the largest Identity and Access Management programmes in the world which has been delivered as part of the NHS National Programme for IT. Originally going live in 2004, the Identity and Access Management Services have been operational for nearly 8 years and are due for re-procurement; we will describe how the operational challenges of the service are influencing our future state design and procurement strategies. |
Monday
15:45 to 16:30 | |
| Experience and ideas from an internal IAM initiative with views on handling authorisation and access processes regarding internal users, partners and suppliers. Idea description of projects steps, communication thoughts, failures and risks when running an IAM initiative. Presenting the idea of a combined role and individual authorisation handling (red and black box solution) and how to implement this idea into a financial company. |
Monday
16:45 to 17:30 | |
| What is Identity? Kailya will share her answer to this question and outline the spectrum of identity the diverse range of identity expressions in-between anonymity and strong verification. Understanding the full spectrum of identity and how different types of identities have different characteristics and appropriate uses will give new insight into managing the identities of customers/citizens in an increasingly digital world.
The 2nd half of her talk will touch on another emerging trend is the grown of "big data" but a key fact is often forgotten - most of it is data generated by people as they live their lives…leaving digital breadcrumbs behind. As yet citizens don't' have a way to collect, store and get value out of their data but a new wave of startups is experimenting with this and major enterprises are also considering how they play in the emerging personal data ecosystem.
|
Monday
17:30 to 18:15 | |
| Authentication is widely accepted as a necessary control, without which other IAM efforts around authorization and accountability would be futile. But authentication is expensive to implement, it's hard to use, it's too easy to subvert or circumvent. What's more frequent and spectacular failures call the value of authentication into question. This panel discusses an emerging alternative set of technologies.
|
Monday
18:15 to 20:00 | |
Tuesday
07:30 to 17:15 | |
Tuesday
08:00 to 09:00 | |
| IAM deployment horror stories abound, particularly from the early years. There are lessons that can be learned from partial and complete failures of IAM implementation so that history does not repeat itself. This Q&A session allows attends to explore such questions as:
|
Tuesday
08:00 to 09:00 | |
| User activity monitoring is essential for the early detection of targeted attacks, and has also become part of the standard of due care for a variety of regulations across all industry segments. Recent attacks and successful breaches point to the importance of early detection as a last line of defense. Fortunately, many organizations receive funding for security monitoring technology deployment in order to meet compliance requirements. This presentation provides advice on how to deploy security monitoring technologies such as Security Information and Event Management (SIEM), for privileged user and resource access monitoring: |
Tuesday
08:00 to 09:00 | |
| Social media is a major disruptive technology that has changed the way business operates (and helped topple governments!). The ubiquity of social media forces enterprises to grapple with new challenges regarding the nature of employee identity and the role of IAM as a security control for interaction with social media. In this presentation we will examine both the societal issues involved in social media identity challenges and the technical challenges involved in managing employee and organizational security in internal and external social media environments. |
Tuesday
08:00 to 09:00 | |
| A growing number of organizations are deploying software as a service (SaaS) applications that run critical business processes and contain sensitive data. Security, compliance, and user administration are major challenges for organizations running SaaS applications. Many organizations are manually provisioning and de-provisioning user accounts in the SaaS environment. This is a cumbersome process that is subject to error. This session will discuss how organizations are managing identities for cloud applications and how organizations are automating user account provisioning to and from the cloud. |
Tuesday
08:00 to 09:15 | |
| This interactive workshop session allows participants to work together, facilitated by a Gartner analyst, to assess their organizations' IAM program maturity using the Gartner ITScore for Identity and Access Management maturity assessment methodology and a workbook based on the ITScore diagnostic tool. |
Tuesday
09:15 to 09:45 | |
| Many companies are making IAG projects a high priority because of the business benefits the governance-based approach delivers. In this session, Rabobank International’s Global head of security operations, Jethro Cornelissen, presents an IAG case study and discusses best practices for demonstrating business value in each phase of an IAG implementation. |
Tuesday
09:15 to 09:45 | |
| Join Simon Bullock, IT Director/CIO at Prudential UK, for a presentation on the benefits of developing an access risk management strategy that leverages an automated identity and access management (IAM) solution, and ensures compliance with policy and regulatory requirements. Bullock will share challenges, goals and results of Prudential’s Courion deployment. |
Tuesday
09:15 to 09:45 | |
| The time has come to move forward, to go beyond the regular things we used to do in IAM. We need integrity in place, with the right processes and attestation that gives full visibility and control about who is accessing the data. Businesses need to see beyond: Welcome to the world of Access Governance. |
Tuesday
09:45 to 11:00 | |
| Having a clear and compelling visioning is critical to developing a relevant IAM program and gaining support for that program. This workshop will allow participants to understand and begin walking through the steps necessary to create, refine, articulate, and sell their vision. Be warned: this session will have homework! |
Tuesday
10:00 to 11:00 | |
| Cloud computing has reached such levels of hype that it’s difficult for most enterprise decision makers to know what is real vs. what is not real, particularly when it comes to IAM’s ability to secure access to, from, and for cloud applications. Without more certainty regarding the ability to adequately secure cloud computing services, its adoption remains at risk. This Q&A session allows attendees to ask questions and discuss issues such as the following: |
Tuesday
10:00 to 11:00 | |
| With the increased range and variety of authentication methods and platforms now available, it is more likely that there is a “best fit” authentication solution for each and every enterprise use case. At the same time, it is harder for IAM and information security leaders to find that solution among a plethora of options. |
Tuesday
10:00 to 11:00 | |
| U.S. merchants spend an average of $1.7 million on becoming PCI compliant [Do we have a similar statistic for Europe?], and maintaining payment card data security requires persistent and continuous efforts. Many lessons on data protection have been learned over the past 5 years since the PCI Data Security standard was established, which can lower costs for enterprises protecting payment card or other sensitive data. This session looks at the challenges and opportunities of data protection, as learned through implementation of the PCI DSS. |
Tuesday
10:00 to 11:00 | |
| Many of us could now almost cope better if we left our wallet at home than our mobile handset. Whether via a mobile handset or not, most of us expect to be able to access online services wherever they, and we, are located. This session looks at the implications for trusted access to services, on the basis of identity and other assertions. |
