Great Wonders

Countdown Overview

To highlight important topics in the IT Security industry, OnWire conducted a 7-day countdown series combining (and placing an emphasis on) common security terminologies. The “Great Wonders and Identity Governance” series culminated with our OnCloud IBM Identity Governance and Intelligence Integration webinar that took place on Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST. To request a copy of the slides used during the webinar, please fill out the form on this page.

Day 1 - Access

For day one of our countdown, we decided to address access.

The Great Wall of China is a series of fortifications built along the historical northern borders of China. The wall was constructed in order to protect the Chinese empires against foreign raids and invasions. The Great Wall runs west-to-east, extending for nearly 13,000 miles from the Jiayuguan Pass to the Hushan Mountains in Liaoning Province.

Access Graphic

The initial construction of the Great Wall occurred when the 7 regions of China fought for control over the country during the collapse of the Eastern Zhou Dynasty. After this time period, known as The Warring States Period (476-221 BCE), the Qin Dynasty, reigned by Emperor Shi Huangti, emerged victorious as ruler of the country. Shi Huangti ordered the construction of the Great Wall to consolidate his empire and protect it from the invasion of warriors of the nomadic country of Mongolia.

The most notable defense characteristics of the Great Wall were significantly enhanced under the Ming Dynasty (1368-1664 CE), where massive initiatives were made to protect the country from invading nomads from Mongolia. These initiatives were made through the construction of over 25,000 massive watchtowers, the expansion of the wall’s width, and passes that were heavily garrisoned with Chinese soldiers.

Much like the need for China to control access into the country through the construction of the Great Wall, it is vital for organizations to maintain strong access controls over highly sensitive data in order to decrease security vulnerabilities that could cause serious damage. As business data within organizations continues to grow in size and complexity, so does the need for identity management, security, and access controls.

OnCloud’s integration with IBM Identity Governance and Intelligence (IGI) provides a comprehensive platform that allows for the optimization of user access. This is accomplished by evaluating business rules, controls, and current policies to ensure they are enforced and to help prevent unauthorized access to highly secure information.

With the ability to govern access across the entire enterprise, IGI allows users to outline their organizational structure in terms of units, users, accounts, entitlements, resources, rights, and applications to manage access across the entity. Through the evaluation of business rules, controls, and current identity management policies, users are able to optimize the process by which they determine and maintain access rights to individuals. Overall, OnCloud’s integration with IGI will not only enhance an organization’s governance, but also provide valuable intelligence to the end user.

To learn more about this topic, including the announcement of OnWire’s Identity and Access Management (IAM) Platform solution – OnCloud – integrating with IBM Identity Governance and Intelligence, register for our webinar taking place Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST.

Day 2 - Workflow

For day two of our 7-day countdown, we decided to address workflow.

The Taj Mahal is a famous mausoleum complex located in Agra, India that was constructed to be the burial place for Mumtāz Mahal, the beloved third wife of Mughal emperor Shah Jahan.  The immense building consists of several different structures, though the distinct domed structure of Mumtāz Mahal’s tomb is the tallest and most noteworthy at 240 feet.

Workflow Graphic

When Mumtāz Mahal died of childbirth complications in 1632 AD, the emperor immediately ordered construction of the magnificent building in his favorite queen’s memory.  It was not until 16 years (and 32 million Rupees) later that the project was finally completed in 1648 AD.

Due to the outstanding size of the building, the emperor employed some of the world’s most respected architects, as well as over 22,000 laborers to design, build, and sculpt the project.  Additionally, over 1,000 elephants were used throughout construction to transport building materials from all over the world.

With such a large number of laborers involved in design and construction, it was crucial to maintain a solid, organized workflow in which each worker had a well defined role. Whether it was designing one of the four towers, laying the marble and semi-precious stones, or engraving intricate designs in the walls, each worker had his own specialty.

Similar to the necessity for an organized workflow throughout the construction of the Taj Mahal, any business must uphold a solid workflow that integrates with all of its existing security solutions to reduce process anomalies. IBM Identity Governance and Intelligence enables organizations to more quickly and smoothly integrate access governance capabilities into existing processes rather than changing or implementing them again in a different platform.

External access policy validation is designed to integrate with third-party access request and approval workflows implementation to enable Segregation of Duties validation before final approval of the request. One unique aspect of OnCloud’s integration with IGI is that it implements business processes for requesting access and approving access requests using self-service shopping cart-like functions while enforcing access policies. The requests made from this easy-to-use self-service feature automatically trigger approval workflows that vary according to the risk level of the requested access.

Utilizing OnCloud, organizations will be able to create and manage authorization policies on entitlements. Entitlements that require control can be assigned with a policy that controls the visibility of the entitlement, defines the conditions under which users can have access without requiring approval, and identifies which person or group approves the access request.

To learn more about this topic, including the announcement of OnWire’s Identity and Access Management (IAM) Platform solution – OnCloud – integrating with IBM Identity Governance and Intelligence, register for our webinar taking place Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST.

Day 3 - Integration

For day three of our 7-day countdown, we decided to address integration.

Petra is an ancient city located in the southwestern desert of what is now known as Ma’an in Jordan. It is carved into the rugged canyons and mountains of the desert. The city was originally established by the Arab Nabataeans as their capital city, Raqmu. Today, the city is also known as the “Rose City” – due to the color of the stone out of which it was carved.

Integration Graphic

Although the history of Petra is still largely shrouded in mystery, the earliest definite record of its existence can be dated back to 312 BC. At this point in time, it had been occupied by the Nabataeans and was established as the capital of their kingdom. From there, the tribe was able to gain control over caravan routes between Arabia and Syria, which allowed the area to flourish and become a trade center.

Along with the newfound control of these important routes, the Nabataeans also established water conservation systems and dams that allowed them to store water and use it as leverage in the desert region to increase their sphere of control and wealth. Around 100 AD, the Nabataeans kingdom became part of the Roman Province “Arabia Petrea”, and continued to flourish under Roman rule.

The wealth that the Nabataeans amassed provided them with the ability to grow their kingdom, and establish their city of rock (Petra is derived from the Latin word ‘petrae’, meaning ‘rock’). They used the natural resources, as well as their innovation, to integrate their society with the land and prosper from it. In doing so, they created beautiful tombs, monuments, homes, etc. in the mountains and canyons themselves that housed a successful kingdom of around 30,000 at its peak.

Much like the Nabataeans’ success stemmed from integrating their society with the earth’s resources, OnCloud’s integration with IBM Identity Governance and Intelligence (IGI) allows administrators to more successfully manage their user lifecycle. One important capability of IGI is that it allows for the direct integration with systems and applications to provision and control access through an advanced and feature rich adapters framework. Integrating with IGI, OnCloud users will be provided with key identity governance and provisioning functions that allow enforcement of access policies and segregation of duties rules, which ultimately creates more secure and sound business practices.

Provisioning native adapters for IGI include adapters for SAP R/3 (Java Connector libraries), SAP HR (IDoc files, Lightweight Directory Access Protocol (LDAP) directories, Microsoft Windows Active Directory, Java Database Connectivity (JDBC), comma-separated value (CSV) files, XML and more. The ability to integrate with information solutions already implemented allows the user to apply a consolidated approach to identity and access governance operations. Integrating with IGI, OnCloud will help organizations increase user efficiency, reduce IT administration costs, measure and enforce security policies, and manage regulatory compliance.

To learn more about this topic, including the announcement of OnWire’s Identity and Access Management (IAM) Platform solution – OnCloud – integrating with IBM Identity Governance and Intelligence, register for our webinar taking place Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST.

Day 4 - Centralization

For day four of our 7-day countdown, we decided to address centralization.

Although revealed to the world more than one hundred years ago, the mysteries of Machu Picchu still remain largely undiscovered. Constructed around 500 years ago, the citadel is currently the best preserved evidence of power for the Incan Empire at its peak.

Centralization Graphic

Machu Picchu lies 2,430 feet above the Urubamba River in the eastern slopes of the Andes Mountains. Though historians have not definitively established the purpose for which the city was built, there are two man hypotheses – either it was built as a royal estate for an Incan emperor, or it was created as the last refuge for the Incans after fleeing the Spanish. Historians lean more heavily towards the former, as it is unlikely that a place of such care and splendor was constructed while the Incans were in conflict with the Spanish.

Regardless of which hypothesis is most plausible, it is undeniable that the achievements of the Incans are displayed at Machu Picchu. Embedded within the landscape of the Andes, it is among the greatest architectural structures in the world. With around 200 structures of cut stone fit together without mortar, the site’s 700-plus terraces preserved the soil of the mountain, promoted agriculture, and housed an extensive water-distribution system that conserved water and limited erosion on the steep slopes. The city was also used for astronomical purposes, as it appeared to lie at the center of a network of Incan trails and astronomical sites. With a location centralized for the Incans’ lifestyle, one could assume that this was utilized so that the city’s inhabitants could share the resources of the city.

Similarly, OnCloud promotes this theme of centralization by utilizing IGI to optimize visibility into user access, privileges, and policies. Because IT staff can automate the creation, modification, and termination of user access, there are audit trails and detailed reports, periodic review and certification of privileges, and detection and correction of non-compliant accounts. This allows secure data sharing among users, applications, and entitlements. The self-service features also makes access related tasks more accurate, appropriate, and secure.

OnCloud’s integration with IGI consolidates the core functions of identity management, access governance, and access analytics into one comprehensive offering that provides IT staff, compliance auditors, and business perspectives with a clear depiction of identities within the system and their corresponding access rights. By centralizing each of these functions into one solution, OnCloud will help simplify user access and roles design, review, and certification processes, while automating processes and simplifying decision-making.

To learn more about this topic, including the announcement of OnWire’s Identity and Access Management (IAM) Platform solution – OnCloud – integrating with IBM Identity Governance and Intelligence, register for our webinar taking place Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST.

Day 5 - Risk

For day five of our 7-day countdown, we decided to address risk.

The Roman Colosseum is located in Italy and is an ancient amphitheater that was originally used for the infamous Roman gladiator fights to the death. When the great Emperor Vespasian ordered the construction of the amphitheater in AD72, his goal was to gain political popularity among the Roman people by providing entertainment in the form of deadly combat.

Risk Graphic

Though the games began as free-for-all battles to the death, they eventually transpired into more of an organized “sport” that several upper-class men and sometimes even politicians trained for and willingly participated in – simply hoping to show off their skills. Due to the increasing organization of the games, it was voted that the gladiators should be placed into classes of similar age, size, skill, and record. This grouping of combatants made each fight less predictable, more entertaining for the public, and certainly increased the risk of death for the participants. However, as the sport became more organized, the rules also became more strict and eliminated the possibility of death and eventually banned the fights altogether.

Although the risks of business aren’t deadly like the gladiator games that took place in the Colosseum, it is still vital that each business has protection from whatever risks it faces in order to successfully achieve its strategic objectives. The violation of segregation of duties, for instance, is one of the most common threats that a business is susceptible.

Segregation of duties is often a mandated internal control that divides the responsibility of a critical task and provides checks and balances against fraud and error. Amidst the era of big data, it is crucial organizations deploy Identity and Access Management solutions, like OnCloud, to ensure that change controls to sensitive data and access to that information are granted and managed by appropriate personnel.

IBM’s Identity Governance and Intelligence identifies segregation of duties violations that impact businesses in every industry; therefore, it offers users a business-activity-based approach of detecting these violations across enterprise applications. The OnCloud IGI Release will offer advanced support for segregation of duties modeling through business activities, rather than roles. Using this business activities approach simplifies policy modeling and reduces the amount of constraints and toxic access combinations to manage across applications.

To learn more about this topic, including the announcement of OnWire’s Identity and Access Management (IAM) Platform solution – OnCloud – integrating with IBM Identity Governance and Intelligence, register for our webinar taking place Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST.

Day 6 - Compliance

For day four of our 7-day countdown, we decided to address centralization.

The Great Pyramid of Giza is located in Giza, Egypt, and was built as a tomb for the second ruler of the fourth dynasty of Egypt, Pharaoh Khufu. This pyramid is the largest ever built and was constructed using 2.3 million limestone blocks, each weighing about 2.5 tons. It originally stood at 481 feet in 2550 BC but has shrunken to 451 feet throughout its existence.

Compliance Graphic

Though the Great Pyramid was one of the first successful pyramids to be built, it was not the first attempt at building such an immense construction. Khufu’s father, Pharaoh Snefru, was the first to attempt building the seemingly impossible architecture. After two failed attempts and millions of tons of limestone blocks later, the pharaoh finally discovered the perfect construction technique that would allow for the pyramids to uphold their heavy structure: a solid foundation.

Similar to a pyramid’s need for a solid foundation, it is crucial for businesses to maintain a solid compliance foundation that ensures regulation amongst the entire entity. Without a solid foundation to promote strong regulatory compliance, any business could find itself running into major downfalls, much like the Great Pyramid’s first attempts, when trying to implement an Identity and Access Management solution.

Through its integration with other IBM Security products, IGI allows users to maintain compliance on the mainframe to identify access policy violations and help to remediate excessive user access. IGI helps address extensive regulatory governance requirements for user access audit, especially on key systems such as SAP and IBM z/OS mainframe running RACF. This module provides access review and certification, sensitive access and access visibility policies configuration and validation, segregation of duties policies configuration and validation, and auditor-friendly secure compliance reporting.

Following OnCloud’s integration with IGI, OnWire’s IAM Platform will provide a comprehensive platform that lets IT managers, auditors, and business owners govern access and ensure regulatory compliance across the entire entity. With the ability for users to view audit trails and detailed reports, perform periodic reviews and certifications of privileges, and detect and correct non-compliant accounts, IGI makes it easier than ever to maintain a solid foundation that promotes a strong compliance environment.

To learn more about this topic, including the announcement of OnWire’s Identity and Access Management (IAM) Platform solution – OnCloud – integrating with IBM Identity Governance and Intelligence, register for our webinar taking place Thursday, August 11th, at 2:00 PM EST / 11:00 AM PST.