“Identity Management for the

Modern Enterprise.”
• Protect Your Data
– All firms manage the identity of their software users
– …the only question is, how well?
• Reduce Your IT Costs
– Identity management is a discipline
– That deals with identifying individuals in a system (such as a network, or
an enterprise) and
– Controlling their access to data and software application resources within
that system.
– It associates defined user rights and restrictions with the established
identity of the person.
– Its purpose is to increase security and productivity , while decreasing cost
and redundant effort.

mrini@tranztec.com 419-931-0079 1
Identity Management Discussion Agenda

• What is it?
• Why do we care?
• What is at stake?
• An Example of Modern Identity Management Product

2
Identity Management Experience?
• Yes, we did?
– What was the driving factor?
– What applications did you integrate?
– What tools did you use?
– What did the project look like
– Where was the ROI?
– What was enthusiasm level of management for the project?
• Not yet ?
– Are you feeling?
• Guilty?
• Anxious?
• Comfortable?
• Confused?
• Don’t Know

3
Who Cares?
• President / CIO • Internal/External Auditor
– I want data protected – Prove you are following generally
– I want no negligence lawsuits or regulatory accepted best practices
violations – Give me tools that I can inspect and
• This growing dramatically with SOX, validate compliance with regulations
HIPPA, Grahm Leach, PCI, etc
– I want our brand protected • Users
• HR Management – All I want is to be left alone and get
my job done.
– I want our employees to be productive
– I want all human resources to be productive • I can't remember all my
passwords
• IT Management • Resetting passwords is a hassle
– I want to minimize the cost of identity • I know it's not a good idea but if I
administration
don't write it down, how can I
– I want to do what management needs
remember it?
• Security
– I want to know we are secure without
impeding user productivity (too much).
– I want to be alerted to anomalous activity
and potential security breech

4
Characteristics of Identity Management
• Necessary
• Time Consuming
• Error Prone
• Required for user access to information systems,
networks, operating systems.
• The most simple error can expose the firm to significant
business and financial risk.
• Can consume significant amount of IT bandwidth

5
Identity Management … time consuming, error prone
problem required for user access to information systems,
networks, operating systems,
– Identity
• As a matter of
• Name – Enterprise governance and
• Password
• Dept control
•
•
Role
Geography
– Not to mention IT best
• Etc. practices,
– Access To – Not a good idea to leave
• Systems
• Software Capabilities Identity Management to
• Data chance.
– Change • As a result, Identity Management issues
• Users deserve attention and resource
commitments deserving of the potential
• Divers Audiences
consequences.
• Add, Delete, Role Change
• Identity Management software is
– Review or Audit designed to automate and address many
• Need to inspect and prove compliance with of the issues affiliated with the issue
Access policy alleviate the cost, the delay and the risk
exposure.

6
What started as a simple issue ....
• The problem in a one user, one application scenario is
easy but consider
– 5 - 15 applications per average user
– The user AUDIENCE is proliferating from internal employee to wider, higher risk audience
making the problem more difficult
– The ENVIRONMENT is more diverse. It used to be contained to inside firewall with login
within a geography.

• Increasing, complexity, quantity, diversity

– Audiences
– Stakeholders
– Rates of Change
– Quantity of applications
– Quantity of computing environments
– Regulation
– Litigation

7
 Consequence of sub-optimized
identity management process
• Bottleneck issues
– Provisioning a new employee with
information tools takes longer than it
should resulting in less productive and
frustrated employee.
– Employee movement to new role in firm
costs more and takes longer than it should
– Deployment of new or changed
applications are more costly and/or
delayed
– Providing info to authorized channels or
service providers slows revenue
• Risk Issues
– Unauthorized users still have access to
information no longer "need to know" list
– Manual administrative errors cause
inadvertent window into information
systems
– Mistakes can result in potentially
explosive situations
• Efficiency Issues
– Skill level to make changes are higher than necessary
– Opportunity cost of scarce IT staff availability to make
changes
– Redundancy and cost of maintaining multiple
directories for multiple applications and work
environments
– Slow Response
• Leaves workers without IT tools
• Opportunity cost of slow response is the
dominant current cost of Identity Management
followed closely by cost of IT efforts.
• Latent costs include business risk, regulation &
litigation
• Governance Issues
– Breeches can easily become crises requiring
disproportionate share of management attention
– Negligence of fiduciary responsibilities makes firm
vulnerable to litigation and clean-up expenses
– Becomes a critical management issue because identity
management processes that do not meet the business
need.
8
Bottleneck Issues
• Provisioning a new employee with information tools
takes longer than it should resulting in less productive
and frustrated employee.
• Employee movement to new role in firm costs more
and takes longer than it should
• Deployment of new or changed applications are more
costly and/or delayed
• Providing info to authorized channels or service
providers slows revenue

9
Risk Issues
• Unauthorized users still have access to information no
longer "need to know" list
• Manual administrative errors cause inadvertent window
into information systems
• Mistakes can result in potentially explosive situations
– Example
• Zombie Account - similar to leaving the keys to vault with an ex-
employee or subcontractor.
• Ripe for exploitation and abuse
– The firm will probably, hopefully, be OK but perhaps not, who
knows ??

10
Regulatory & Litigation Issues
• Legislation
– PC Security Standards
• All firms that use/touch credit cards as part of their transactions
– SOX
• All firms that have publicly traded stock
– HIPPA
• Firms that have identifiable medical information
– Grahm-Leach-Biley
• Protection of financial information

• Protection Obligations
– Unauthorized disclosure
– Controlled management of protected information
– Not be negligent

• Requests for Identity Information

– Business Management - who has software & data access?
– Info requested by Auditors for login access add/change delete & compliance with "best practices"
– Info requested by lawyers in the event of disclosure requests

11
Efficiency Issues
• Skill level to make changes are higher than necessary
• Opportunity cost of scarce IT staff availability to make changes
• Redundancy and cost of maintaining multiple directories for multiple
applications and work environments
• Slow Response
– Leaves workers without IT tools
– Opportunity cost of slow response is the dominant current cost of Identity
Management followed closely by cost of IT efforts.
– Latent costs include business risk, regulation & litigation

12
Governance Issues
• Breeches can easily become crises requiring
disproportionate share of management attention
• Negligence of fiduciary responsibilities makes firm
vulnerable to litigation and clean-up expenses
• Becomes a critical management issue because identity
management processes that do not meet the business
need.

13
 Tranztec’s ID Sync

An Example of an
Identity Management Tool
Designed for
Microsoft Windows Active Directory

14
ID Sync
Product Vision Statement
• Provide a low-cost, extensible Identity Management software
tool suitable for mid-size enterprises (100 to 5,000 users) that is
directly integrated to Microsoft Active Directory platform :
• Reduce business risk related to potential data breaches
• Lower the cost of password administration via automated
processes
• Improves employee productivity through reduced downtime
• Improves business agility via faster deployment of application
software changes
• Manage user access to software applications residing on diverse
operating systems (Microsoft Windows & IBM AS400, Cloud
Applications, Unix)

15
Tranztec’s “Smart Architecture” Methodology

• Tight & Seamless Integration

• LeveMicrosoft Active Directory
• Leverage existing Microsoft Tools
– Microsoft SQL Server
– Microsoft SQL programming
– SQL Reporting Services
– Security Groups
• Reduces Cost of Product
– 1/10th the cost/complexity of typical Identity projects
– 1/2 the licensing cost of solutions designed for Fortune 500
vendors

16
Design Center - For ID Sync
80% of Value for 20% of Cost
• Tranztec ID Sync – A Modern Identity Management Software Solution
– Consider……A Honda Accord
– Comfortable, Frugal, Streamlined
– Drive to work and home again
– Built for the Small to Mid-Size Firms
– Everybody can drive it
– 30 MPG
• Legacy Products
– Consider ….. A Flying Boat Car
– Big, Bulky, Expensive
– By Land, By Sea, By Air
– Around the world and all places
in between
– Built for Fortune 500 Firms
– Requires specially trained crew
– 3 MPG

17
Tranztec Solutions, Inc. - Perrysburg Ohio

• Founded in 2001
– Full service technology consultancy originally • Technology Partners
founded to serve local industry in Northwest
– Microsoft Gold Partner
Ohio.
– Serve customers within 48 states of the – IBM Partner
continental U.S. as well as Canada. – Cisco Partner
– Offices and data centers in Ohio, Michigan, – Citrix
Indiana, and Texas
• Create Software Products
• Knowledge, expertise, & coverage to provide services
to a wide range of companies nationwide and has – 911 Alert for Police Dept & County
specialized expertise Government
– Identity Management, – Tranzactor - EDI Translator
– EDI Integration, – ID Sync - Identify Management
– Exchange Server,
– A/P & A/R Document Management
– SQL Server, SQL Language
for ERP
– SharePoint,
– Document Management Imaging, and
– SQL Reporting Services Portal
– VoIP telephony
– Windows & AS400 Support
– Networking Technology

mrini@tranztec.com 419-931-0079
18