Hitachi


Previous PDF

swipe to navigate

Introduction

The remainder of this document is organized as follows:

  • System objectives -- what credential management systems are designed to do.
  • Mission statement -- how organizations should structure their internal communication about priorities and objectives.
  • Metrics -- how to measure the impact on the system.
  • Stake-holders -- who to involve in design, implementation and ongoing support.
  • Deployment and support team -- who the core individuals are that must build out and support the system and what their initial and long term commitment will be.
  • Features and design -- what processes the system should automate.
  • User access to the self-service UI -- how to ensure that users can resolve login problems wherever they may be, at any time and on any device in any state.
  • Formulating a uniform password policy -- how to develop a set of password rules that work for every system and every user community.
  • Equivalent credentials -- caution about weak links in security and how to avoid them.
  • Security questions -- design considerations for enrolling security questions and using them to authenticate users who forgot their password.
  • Augmenting security questions with a second factor -- how to improve security by front-ending security questions with a stronger, one-time-password credential.
  • Infrastructure integrations -- what systems the credential management automation should integrate with.
  • Hitachi ID Password Manager: technical architecture -- the runtime platform and network architecture on which Password Manager is deployed.
  • Password Manager: server hardening -- how to lock down OS, DB and web servers to protect the system.
  • Password Manager: BYOD access to on-premises credential management -- how to enable users to access self-service from their phones or tablets, which are typically not attached to the corporate network.
  • Auto-discovery of user profiles and accounts -- how to minimize care and feeding of the system using auto-discovery.
  • User enrollment -- inviting users to answer security questions; install smart phone apps; etc.
  • Maximizing user adoption and ROI -- strategies to get users to enroll and to use the system to resolve login problems.
  • Ongoing administration and support -- what can be expected in terms of long term care and feeding of the system.

Previous Next PDF