We are pleased to announce the next New York IAM User Group/Meetup!!!
Please join us for Lunch at the Peninsula Hotel in NYC. We have reserved the Gramercy Room (located on the 3rd flr.) where we are hosting two phenomenal keynote guest speakers for an incredible afternoon. We will provide a forum for Networking, Best Practices as well as an open exchange of ideas between IAM professionals.
Come prepared to discuss ideas and gain insight from some of the leaders in the IAM community. Most importantly, Please recommend this event to your IAM friends and colleagues!!!
Agenda for the meeting will include Presentations from:
· Stephen Craig from New York Presbyterian Hospital
· Dan Blum from Security Architects Partners
**Stephen Craig - New York Presbyterian Hospital will discuss:
"Best Practices for Scoping an Identity Management Project ”
Bio on Stephen Craig - Stephen has been in IT for 30 years. In time Stephen has managed and consulted with numerous organizations from small business to multinationals. Stephen has lead multiple organizations to develop email strategies, domain management and authentication strategies, as well as remote access strategies.
Currently, Stephen’s projects at New York Presbyterian Hospital include a redesign of the Identity Management Systems, Active Directory redesign as well as several major email consolidations.
**Dan Blum - Security Architects will discuss:
“Building a Unified Authorization Framework with RBAC and ABAC”
• RBAC- (Role Based Access Control)
• ABAC- (Attribute Based Access Control)
This presentation will show you an ABAC design case study from a large Financial Services Organization that required authorization solutions for a complex of approximately 40 applications, that comprise a mix of custom-developed, COTS, Cloud-based systems and databases, some core components are being redeveloped to work within centralized runtime policy decision point (PDP) the solution must also provide admin-time and policy management for groups and roles used in much of the current software.
Discover how a “unified field” of ABAC-based approaches can blend roles, groups, attributes from subjects, resources, and context into a practical authorization solution for many new, existing, and cloud applications. Authorization frameworks comprise run-time policy enforcement, administration-time policy models, and IAM governance. Easy to manage from the bottom up, the problem is that groups tend to sprawl.
Turning to RBAC, some organizations have a good set of positional roles, but others don't. RBAC easily succumbs to role proliferation if practitioners layer too many special cases and exceptions onto the model. Fortunately, ABAC models can blend roles, groups, attributes from subjects, resources, and context into a unified framework.
Bio on Dan Blum - Is an internationally recognized expert in security, privacy, cloud computing and identity management. Dan leads and delivers consulting projects spanning multiple industries. Dan -Formerly a Golden Quill Award-Winning VP and Distinguished Analyst at Gartner. Dan contributed to and led projects such as; Cloud Security and Privacy Assessments, Security Organization and Risk Management Framework. Dan has also consulted on Technical Security Engagements in all areas of Data Protection domains including; Enterprise Authorization, DLP, Privileged Access Management, and Encryption/Key Management.
We will also have an open discussion forum for our members to discuss and exchange IAM challenges and ideas.
The RBAC/ABAC continuum – it’s not either or, it’s about both approaches. Don't hype the "ABAC" - success stories, pitfalls, and lessons learned. Create "Economies of Context" through well-designed identity abstraction layers, object models, and application taxonomies Cloud-friendly patterns, tokens, and security considerations “Dynamic Provisioning” of static (RBAC-based) ACLs: A real alternative?
** Very important - Please update your MeetUp profile including your Company, Title and IAM responsibilities.
NYC IAM User Group members can get a 50% discount to attend Hybrid Identity Protection Conference which will take place in New York on November 6-7. You can learn more and see the full agenda at https://www.hipconf.com/ . HIP Conference is the premier event to advance the skills and knowledge of identity professionals, and is organized in the spirit of the Directory Experts Conference (DEC) .
To claim your discounted badge, go to the registration page and enter your promotional code: NYIAM2017. Join us to network with your peers and leading industry experts, and gain cutting edge knowledge on the present and future of identity management.
Thank you for your continued support, and most of all we are looking forward to seeing you all there...
**All IAM Vendors must be approved before attending