Hi [[ session.user.profile.firstName ]]

AD Best Practices for Audit - Okta's Jennifer Galvin & Focal Point's Raj Sawhney

Have you had recurring Active Directory access review audit nightmares?

If you’re ever had to conduct an access review audit of Active Directory, you know that it’s a long, cumbersome, error-prone process, and it’s not just a one-off project. CISAs have a lot on their plates already, but when AD must be audited, someone has to do it, and this chore tends to fall to CISAs.

Fighting with spreadsheets, lengthy email chains, service tickets, and weeks of toil isn’t anyone’s definition of a “productive workflow,” so organizations with deep pockets often turn to “automated” audits, which aren’t all that automated. These tend to be expensive on-premises systems that require hefty service contracts.

Pick your poison, because neither approach scales.

If you have Active Directory access review audits in your future, and you’d like to break this expensive, labor-intensive cycle, you’ll want to join us on Wednesday, September 2 at 10:00 AM PT as we discuss how to turn Okta into a high-octane IGA engine.

Webinar: How to use Okta as a high-octane IGA engine

CISAs, CISOs, and IT leaders already trust Okta to deliver comprehensive IAM/SSO capabilities. Now, through new partner YouAttest, Okta customers are able to directly integrate a fully functional IGA Access review system via a secure and certified set of APIs – all at a fraction of the cost of DIY systems, consultants, or bloated and costly IAM solutions that duplicate many of the features you’re already paying for with IDaaS/SSO.

Speakers:

Jennifer Galvin, Team Lead, CIAM Specialist, Field Alliances Enablement for Okta, Okta Certified Consultant and Okta Certified Developer

Raj Sawhney, Managing Director, IT and Internal Audit at Focal Point

Garret Grajek, CEO of YouAttest
Recorded Apr 27 2021 43 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jennifer Galvin, Raj Sawhney, Garret Grajek, and Austin Grajek
Presentation preview: AD Best Practices for Audit - Okta's Jennifer Galvin & Focal Point's Raj Sawhney

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Guardicore and YouAttest - Zero Trust, Micro-Segmentation and Compliance Recorded: Jun 22 2021 52 mins
    Milton Keath, Brian Shepard, Garret Grajek, and Austin Grajek
    This webinar addresses how to start a Zero Trust project - addresses NAC security in the enterprise. We will also address how a NAC project is done right can address the compliance and security needs of the enterprise. Relevant compliance measures include:: SOX, PCI-DSS, HIPAA/HITRUST, ISO 27001, and best NIST practices.

    But how do we get started with a Zero Trust project? Network segmentation is done at an enterprise-level - with identity mapping to the enterprise user store: Active Directory. The webinar will discuss not only the benefits but how actually implement. Lastly, full NAC security maps to your audit.

    This webinar will cover:

    • NAC implementation and relation to Zero Trust

    Details:
    • Details in network segmentation
    • Enterprise management
    • Identity Governance and Compliance

    The Agenda:

    • Introductions
    • What is NAC and Zero Trust?
    • How does it relate to compliance?
    • Guardicore and NCA
    • YouAttest and Compliance
    • Short Demo
    • Q & A

    A Q&A session will follow the presentation and a hands-on demo.
  • Securing SAML/SSO in a post-SolarWinds Attack World - Webinar Recording Recorded: May 25 2021 67 mins
    Austin Grajek, Garret Grajek, Mark Lambiase, Kelly Gilmore, David Barrish
    www.youattest.com
    sales@youattest.com

    What will the Experts Cover?

    How do we:
    - Understand how the SolarWinds hack could affect our SSO?
    - Understand the weak points in Application/User SSO?
    - Identify what can and has been compromised?
    - Understand what we can do to protect ourselves

    Other topics covered in this webinar will include:

    - Key concerns on implementing property controls
    - Administrative accounts
    - Credential Handling
    - Answering Your Questions
  • AD Best Practices for Audit - Okta's Jennifer Galvin & Focal Point's Raj Sawhney Recorded: Apr 27 2021 43 mins
    Jennifer Galvin, Raj Sawhney, Garret Grajek, and Austin Grajek
    Have you had recurring Active Directory access review audit nightmares?

    If you’re ever had to conduct an access review audit of Active Directory, you know that it’s a long, cumbersome, error-prone process, and it’s not just a one-off project. CISAs have a lot on their plates already, but when AD must be audited, someone has to do it, and this chore tends to fall to CISAs.

    Fighting with spreadsheets, lengthy email chains, service tickets, and weeks of toil isn’t anyone’s definition of a “productive workflow,” so organizations with deep pockets often turn to “automated” audits, which aren’t all that automated. These tend to be expensive on-premises systems that require hefty service contracts.

    Pick your poison, because neither approach scales.

    If you have Active Directory access review audits in your future, and you’d like to break this expensive, labor-intensive cycle, you’ll want to join us on Wednesday, September 2 at 10:00 AM PT as we discuss how to turn Okta into a high-octane IGA engine.

    Webinar: How to use Okta as a high-octane IGA engine

    CISAs, CISOs, and IT leaders already trust Okta to deliver comprehensive IAM/SSO capabilities. Now, through new partner YouAttest, Okta customers are able to directly integrate a fully functional IGA Access review system via a secure and certified set of APIs – all at a fraction of the cost of DIY systems, consultants, or bloated and costly IAM solutions that duplicate many of the features you’re already paying for with IDaaS/SSO.

    Speakers:

    Jennifer Galvin, Team Lead, CIAM Specialist, Field Alliances Enablement for Okta, Okta Certified Consultant and Okta Certified Developer

    Raj Sawhney, Managing Director, IT and Internal Audit at Focal Point

    Garret Grajek, CEO of YouAttest
  • User-Centric Auditing - Vituity and YouAttest Recorded: Mar 31 2021 33 mins
    Garret Grajek, Sher Azam, Vinod Kashyap, Austin Grajek
    info@youattest.com
    YouAttest.com
  • User Access Reviews for SOC Compliance - Guest Speaker Raj Sawhney Recorded: Mar 11 2021 60 mins
    Raj Sawhney, Garret Grajek, and Austin Grajek
    Your organization has to complete a SOC report - what does this mean and how to meet the objectives? You are a consumer or cloud-based services - thus you are required to conduct user access reviews of these cloud services:

    • What are these SOC guidance?
    • What is the practices and procedures of the audit?
    • Which applications do you need to audit?

    Esteemed risk management and internal audit expert Raj Sawhney, practice lead from Focal Point, will lead in this discussion with 20+ years of experience on SOC, SOX, cybersecurity, and business processes will help us understand:

    • Focus SOC 1 and SOC 2
    • Difference between SOC 1 and SOC 2
    • Focus: Operational Effectiveness for Type 2 Audit
    • User Entity Requirements/Complementary User Entity Controls (CUECs)
    • YouAttest for user access reviews
    - Focus on user information relevant to application for SOC report
    - SOC report for cloud-based services
  • Slashing the Cost of IT Access Reviews and the TCO of Audit Tools Recorded: Mar 2 2021 44 mins
    Josh Linder - Security Product Analyst
    Auditing is a necessary, but expensive, process. Beyond traditional financial and physical security audits, the recent explosion of remote work has shined a light on the need to secure – and validate – identities and permissions.

    To securely manage remote workers, IT staffs must perform periodical IT Access Review audits to determine that only the right users in the proper roles are accessing various corporate resources. To cope with ballooning external risks, businesses must also turn to DRP (Digital Risk Protection) services in order to get the full picture of the organization's overall risk profile.

    Of course, both IT Access Reviews and DRP audits are costly endeavors. Worse, those costs can easily spiral out of control because there are so many unknowns involved with each audit.

    What will be found? What won’t be discovered, and which audit findings must be remediated?

    Beyond those unknowns lies uncertainty around cost itself. Traditional auditing firms have, for years, utilized re-assigned (and overworked) IT workers to perform audits and craft reports. However, there is a better way: tools exist to improve the efficacy and reduce the cost of the audit process, while also eliminating dangerous blind spots across governance, risk, and compliance.

    In this webinar, we'll talk to a security analyst and cost analysis expert to learn:

    - What is the value of utilizing auditing accelerators?
    - How can we quantify the complexity of our current processes?
    - How do we justify the investment in automation?
    - What are the financial implications of doing nothing?
    - What is the risk of an overlooked credential/access mistake?
  • Securing SAML/SSO in a post-SolarWinds Attack World - Webinar Recording Recorded: Feb 17 2021 66 mins
    Austin Grajek, Garret Grajek, Mark Lambiase, Kelly Gilmore, David Barrish
    The SolarWinds attack with its embedded hack right into the heart of our enterprises. But more importantly, this attack has shown us that this TYPE of hack is possible. That is - a hack that part-of-our TRUSTED communication and can thus access our key components.

    As SSO is one of the most important.

    So how do we: .
    • Understand how the SolarWinds hack could affect our SSO?
    • Understand the weak points in Application/User SSO?
    • Identify what can and has been compromised?
    • Understand what we can do to protect ourselves

    This webinar will cover:

    • Key concerns on implementing property controls
    • Administrative accounts
    • Credential Handling

    Leading the conversation will be Mark Lambiase - 14 U.S. patents, IT security Expert. Resume includes Cisco Security Lead and Consulting Engineer, SecureAuth Chief Scientist and Researcher and CTO of Fox Technologies and Ground Work Open Source. Mark is known in the field for his unrelenting passion for excellence and unforgiving attitude to anything but flawless execution on security.
  • User-Centric Auditing - Vituity and YouAttest Recorded: Feb 3 2021 34 mins
    Garret Grajek, Sher Azam, Vinod Kashyap, Austin Grajek
    info@youattest.com
    YouAttest.com
  • Securing SAML/SSO in a post-SolarWinds Attack World - Webinar Recording Recorded: Dec 23 2020 67 mins
    Austin Grajek, Garret Grajek, Mark Lambiase, Kelly Gilmore, David Barrish
    www.youattest.com
    sales@youattest.com
  • Webinar Recording: Auto-Schedule Access Reviews - The Whys and Hows Recorded: Nov 18 2020 39 mins
    Austin Grajek, Garret Grajek, Russell Tait
    Access Reviews are a key component of a secure enterprise. They are part of the NIST Cybersecurity Framework (PR.AC.4) and mandated by regulations like SOX, PCI-DSS, HITRUST and ISO 27001.

    We will have an expert explain:
    • Which regulations require access reviews
    • Why Access Reviews are important
    • What information needs to be reviewed
    • Who does the reviewing

    YouAttest will then show how access reviews can be automated with its cloud identity Governance product:

    • Access reviewed by application, users, groups
    • Reviews auto and manually delegated
    • Access can be certified and revoked
    • Accesses can be AUTOMATICALLY scheduled
  • Slashing the Cost of IT Access Reviews and the TCO of Audit Tools Recorded: Sep 30 2020 45 mins
    Josh Linder - Security Product Analyst
    Auditing is a necessary, but expensive, process. Beyond traditional financial and physical security audits, the recent explosion of remote work has shined a light on the need to secure – and validate – identities and permissions.

    To securely manage remote workers, IT staffs must perform periodical IT Access Review audits to determine that only the right users in the proper roles are accessing various corporate resources. To cope with ballooning external risks, businesses must also turn to DRP (Digital Risk Protection) services in order to get the full picture of the organization's overall risk profile.

    Of course, both IT Access Reviews and DRP audits are costly endeavors. Worse, those costs can easily spiral out of control because there are so many unknowns involved with each audit.

    What will be found? What won’t be discovered, and which audit findings must be remediated?

    Beyond those unknowns lies uncertainty around cost itself. Traditional auditing firms have, for years, utilized re-assigned (and overworked) IT workers to perform audits and craft reports. However, there is a better way: tools exist to improve the efficacy and reduce the cost of the audit process, while also eliminating dangerous blind spots across governance, risk, and compliance.

    In this webinar, we'll talk to a security analyst and cost analysis expert to learn:

    - What is the value of utilizing auditing accelerators?
    - How can we quantify the complexity of our current processes?
    - How do we justify the investment in automation?
    - What are the financial implications of doing nothing?
    - What is the risk of an overlooked credential/access mistake?
  • How to Perform an Access Review on Service Accounts in Okta Recorded: Aug 21 2020 6 mins
    Austin Grajek
    Questions? Contacts us at sales@youattest.com
    www.youattest.com
  • YouAttest and Preventing the Insider Threat - Webinar Recorded: Aug 11 2020 46 mins
    Josh Linder
    Hacks like the fake Twitter post of July 2020, demonstrate once again about the importance of governance around privileged accounts.

    As presented at conferences and to CISSP user groups around the world, Josh will discuss the state of the insider threat, the actors and motives, touching briefly on history and approaches to get ahead of this threat. This webinar will be focused on the threat to enterprise accounts and how they are leveraging YouAttest to prevent nefarious insider activities.

    What is it?

    We will discuss many topics, including:
    - The wide variety of insider threats accounting incidents leading to a data breach
    - How to manage an all-new set of insider threats (as the remote workforce have
    exploded)
    - While much is made of malware and ransomware, theft and vandalism using insider
    credentials are the more deadly downstream effect

    Even with egregious (huge/large/publicized) situations like Twitter, insider misuse of credentials occur every day.
  • YouAttest Access Review & Okta Tenant Audit Demo Recorded: Jul 20 2020 10 mins
    Austin Grajek
    www.YouAttest.com
    sales@youattest.com

    Ask about our 30-day free trial
  • Auditing the IT Enterprise ft. QoS Consulting Solutions Co-Founders Recorded: Jul 14 2020 53 mins
    Stacey Cameron, CEO and Shannon Noonan, President
    QoS Consulting Solutions is a world-class information security, compliance, and risk management consulting firm. Led by (2) renowned IT privacy and security leaders: Shannon Noonan and Stacey Cameron have over 35 years in risk and auditing experience.
    Stacey and Shannon will discuss:

    - Key issues in 2020 for risk and compliance
    - Overlooked aspects of compliance
    - Importance of deploying proper tools for Risk Compliance

    YouAttest will join the discussion with a cross-functional product that allows enterprises to meet the NIST Cyber Framework (CSF) PR.AC-4 which states enterprises many reviews

    “PR.AC-4 Access reviews are performed semiannually by each application or infrastructure owner, to confirm that access is still required. Any exceptions found must be removed within ten business days.”

    QoS Consulting and YouAttest will discuss how Acces Reviews and other auditing best practices can be implemented across all IT domains, cloud, mobile, and on-premise.
  • YouAttest and NIST Cybersecurity Framework 1.1 Recorded: Jun 21 2020 6 mins
    Garret Grajek
    www.YouAttest.com
    Questions: sales@youattest.com

    In this video we will discuss how YouAttest helps meets NIST recommended practices and other regulatory practices regarding access review and security.
  • Audit Applications Outside of Okta with YouAttest (.CSV Upload) Recorded: Jun 12 2020 4 mins
    Austin Grajek
    YouAttest.com
    Questions: sales@youattest.com

    In this video, we'll show how you can audit applications outside of Okta using our latest .csv upload feature. YouAttest can now handle all of your applications inside and out of Okta.
  • How I Executed my Access Review with YouAttest- Customer Testimonial Webinar Recorded: Jun 2 2020 31 mins
    Craig Guianasso
    Craig Guinasso, Director of Information Security at Exact Sciences walks us through how YouAttest helped him meet requirements under HITRUST and ISO audit frameworks.

    YouAttest.com
    Email: sales@youattest.com
  • How to Audit Active Directory Groups With YouAttest Recorded: Dec 19 2019 4 mins
    Austin Grajek
    www.YouAttest.com
    E: sales@youattest.com
    P: 1.877.452.0496 ext. 1
    Schedule a demo: https://app.acuityscheduling.com/schedule.php?owner=18370865&
  • Enabling Single Sign On with Okta using SAML Recorded: Oct 19 2019 5 mins
    Austin Grajek
    Single sign on URL: https://saml.youattest.com/saml/sso/

    Contact Info: sales@youattest.com

    www.YouAttest.com
YouAttest
YouAttest

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: AD Best Practices for Audit - Okta's Jennifer Galvin & Focal Point's Raj Sawhney
  • Live at: Apr 27 2021 6:00 pm
  • Presented by: Jennifer Galvin, Raj Sawhney, Garret Grajek, and Austin Grajek
  • From:
Your email has been sent.
or close