Post on 25-Dec-2015
The Importance of Compliant Identity & Access Management in Insurance
Tuncay Küçüktaş - AksigortaAssistant General Manager, CIO
What is Compliant Identity & Access Management ?
Tuncay Küçüktaş / 2
.. should be designed to initiate, modify, track,record, and terminate the specific identifiers associated witheach account, whether human or nonhuman, by making useof the organization’s IT resources
..is the key enabler and
fundamental to Security and compliance
..is the security discipline
that enables the right
individuals to access the
right resources at the
right times for the right
reasons..is about the end-to-
end life cycle management of digital
identities
.. is the set of business processes
information and technology for
managing and using digital
identities
The Importance of Compliant IAM in Insurance
Tuncay Küçüktaş / 3
Why important ?
Tuncay Küçüktaş / 4
Why important ?
Tuncay Küçüktaş / 5
Why important ?
Tuncay Küçüktaş / 6
Why important ?
Tuncay Küçüktaş / 7
How IAM Supports Compliancy
Identity and access management (IAM) technology and methods provide direct support for the compliancy requirements for;
fraud reduction policy enforcement risk assessment compliance & auditing
Tuncay Küçüktaş / 8
Typical IAM Framework - Today
IAM and GRC Complements Each Other
Typical User Challenges
Source : SAP Tuncay Küçüktaş / 11
Source : SAP Tuncay Küçüktaş / 12
Compliant, Business-Driven Identity ManagementProcess Flow
Common IAM areas (business value & risk reduction)
Tuncay Küçüktaş / 13
How to Implement Compliant IAM ?
Tuncay Küçüktaş / 14
Develop a strategy Don’t think of Compliant IAM as an IT-only initiative Be prepared for objections and concerns Avoid the “Big Bang” approach Don’t rush Create your inventories Start with enterprise-level roles first
Potential Impacts of NonCompliancy
Severe penalties in cases of noncompliance
High financial costs to comply with regulatory requirements
Diversion of executive attention as effort is focused on compliance activities rather than business priorities
BusinessBenefits
Lower costs and higher productivity
Flexibility Compliance Improved life cycle of
employees, partners, and customers
Moving the management responsibility from IT to business process owners
Tuncay Küçüktaş / 15
Challenges
Incorrect Strategy Staff resistance Cultural and political
realities Lack of skills Bureaucracy Scope creep Inappropriate
automation
!
Tuncay Küçüktaş / 16
Tuncay Küçüktaş / 17
By year-end 2020, 80% of user access will be shaped by new mobile and non-PC architectures that service all identity types regardless of origin
Tuncay Küçüktaş / 18
By 2020, 60% of all digital identities interacting with enterpriseswill come from external identity providers through a competitive marketplace
Tuncay Küçüktaş / 19
By 2020, the Internet of Things will redefine the concept of identity managementto include what people own, share and use
PredictsFor
Future
Cloud and Mobility The Internet of Things Growing more digitalized
marketplace Identity Analytics
THANK YOU