SlideShare uma empresa Scribd logo

Optimizing IAM with Single Sign-On From the Cloud to On-Premise

Transferir como PPTX, PDF
mycroftinc
mycroftinc

The document discusses optimizing identity and access management (IAM) with single sign-on (SSO) across cloud and on-premise environments. It covers why SSO is important, challenges for enterprises, deployment models including on-premise, hosted, and on-demand options. Hybrid IAM architectures that integrate on-premise and cloud-based identity solutions are presented. The importance of federation, advanced authentication, identity governance, and security policies is also discussed.

TecnologiaNegócios
1 de 22
• Why SSO? • A Challenge for the Enterprise • Deployment models • Hybrid IAM • Q & A Optimizing IAM with Single Sign-On from the Cloud to On-Premise Copyright ©2013 Mycroft Inc. All rights reserved
Moderator Shanley Stern, Sr. Director Marketing, Mycroft Inc. Presenter Lester Rivera, Sr. Business Solutions Architect, Mycroft Inc. Presenter Herb Mehlhorn, Product Manager, CA Technologies INTRODUCTIONS Copyright ©2013 Mycroft Inc. All rights reserved
Why Single Sign-On? WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
SSO – SIMPLY STATED Copyright ©2013 CA. All rights reserved Mobile employee or Customer Partner User Internal Employee Enterprise or Partner Apps Cloud Apps/Platforms & Web Services SaaS Data Identities App/Resource App/Resource ClientSide
A Challenge for the Enterprise WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
WHAT TO LOOK FOR IN SSO PRODUCTS – CLIENT SIDE Copyright ©2013 CA. All rights reserved User Administrator Resources Supported Devices Supported User Interfaces Browser Mobile Application Terminal Emulator Desktop/ Laptop Tablet Smart Phone
WHAT TO LOOK FOR IN SSO PRODUCTS – RESOURCE SIDE Copyright ©2013 CA. All rights reserved User Administrator Resources Apps/Resources Location of App On Premise Partner Site Partner App Access Path PaaS SiteSaaS App Rest API via Gateway Http over corp. Network Http over Internet Web Services
WHAT TO LOOK FOR IN SSO PRODUCTS – FROM CLIENT TO RESOURCE Copyright ©2013 CA. All rights reserved Administrator Resources Authentication User Experience User Password SmartCard + X.509 ArcotID® OpenID OAuth Single Sign on Personalized Experience Single Logoff Enforcement Context of the authentication Web Agent Proxy Gateway Native to the App
WHAT TO LOOK FOR IN SSO PRODUCTS – ADMINISTRATION Copyright ©2013 CA. All rights reserved User Administrator Resources • Managing SSO • Ability to manage the authentication and access via a UI or programmatic interface • …with efficiency • for all resource types via a single UI • for all access paths via a single UI • for all authentication policies via single UI • ….with confidence • provide ability to flexibly segregate and delegate administration • generating necessary log and audit data for governance and compliance purposes
SSO also requires: DON’T FORGET THESE OTHER KEY REQUIREMENTS Copyright ©2013 CA. All rights reserved User Administrator Resources Identity life cycle management Effective monitoring Efficient delivery if using physical authentication methods
WHAT’S AVAILABLE IN THE MARKET Thick Client SSO Web/Html Client SSO TIME Web/Html Client SSO via Federation Web/SOAP Client SSO via WS-* Web & Mobile native SSO via REST & API • Similarities across each of these developments: - SSO experience for the end user - Needed security characteristics of the solution • Differences - Location of the resource - Access path to the resource Copyright ©2013 CA. All rights reserved
Deployment Models WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
CHOOSE YOUR DEPLOYMENT MODEL Copyright ©2013 Mycroft Inc. All rights reserved On-Demand • Deployed in third- party datacenter • Subscription pricing model, no hardware required • Federated SSO everywhere • No VPN, no Firewall changes • Fully managed On-Premise • Deployed at enterprise datacenter • Allows for customization • Requires professional services, longer deployment times Hosted • Deployed in third- party datacenter (private cloud) • Connected to enterprise thru VPN • Available as Managed Service
CHOOSE YOUR DEPLOYMENT MODEL Copyright ©2013 Mycroft Inc. All rights reserved On-Demand Important to me: • Tactical solution • Very quick to market • OpEX rather than CapEX • Standardized & ooB • Local market • No hardware hassle • Very small TCO On-Premise Important to me: • Strategic solution • Innovation • Individuality • Differentiate also by services • Tend to prefer CapEx • International market • Ownership Hosted Important to me: • Quick time to market • Some individuality • Some innovation • Tend to prefer OpEx • Sense of ownership • TCO • Differentiate from competition by assortment & price
HOW DO THEY COMPARE? Not only about CAPEX vs. OPEX • About optimizing 3 Es • Effectiveness • Economy • Efficiency On-Premise Hosted On Demand Benefits of Hosted Infrastructure Hardware acquisition not required Implementation SMEs readily available Operation 24x7 SOC, no internal management needed Security Top tier Most effective, economical & efficient More effective, economical & efficient Effective, economical & efficient Copyright ©2013 Mycroft Inc. All rights reserved
THINGS TO CONSIDER SSO…is even MORE important • Federate, Federate, Federate, Federate, Federate, Federate, Federate, F.E.D.E.R.A.T.E. • Request for access needs to be simple, powerful, pervasive…not just about user accounts! • SAML, OAuth, OpenID, WS-FED (Office365) Provisioning goes Just-In-Time • More SaaS applications supports it • BUT, no real automated de-provisioning Identity Governance continues to be important • Governance, risk, & compliance (GRC) • Ignores the enterprise “fence”; Data and users are mobile Think APIs…Everything is an API • Keep simple & authorize well • BUT not every API requires user accounts; sometimes you authorize device, source, etc. • AND sometimes the point is really identify the source Security is Policy-based • Security takes place outside of the app • Programmatic vs. declarative Copyright ©2013 Mycroft Inc. All rights reserved
Hybrid IAM WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
HYBRID IAM Copyright ©2013 Mycroft Inc. All rights reserved
On-Premise Enterprise Apps Customers Partners Federated SSO Advanced Authentication Employees Privileged Identity Mgt Identity Governance Identity Management Identity Management Identity Governance Advanced Authentication Access Management Privileged Identity Mgt On-Premise Connector Cloud Platforms SaaS Enterprise Datacenter Copyright ©2013 Mycroft Inc. All rights reserved MYCROFT XSPECTRA ON-DEMAND SERVICE ARCHITECTURE
A single log-on, launch any SaaS application available to you Copyright ©2013 Mycroft Inc. All rights reserved MYCROFT XSPECTRA ON-DEMAND SERVICE
IN A NUTSHELL SSO…is critical • Simple, powerful access to applications a single log on - whether on-premise, in the cloud or hosted • Increased user productivity & overall company efficiency • Essential for security Deployment Models • Your organization has options • Cloud vs on-premise vs on-demand. Examine the pros and cons as it relates to your environment, as well as the overall efficiency, effectiveness & economy of each option Hybrid IAM • It doesn’t matter where your application is – behind the firewall or in the cloud • Scalable – seamless end-user experience between on-premise & cloud-based applications Security is Policy-based • Security takes place outside of the app • Programmatic vs. declarative Copyright ©2013 Mycroft Inc. All rights reserved
Q & A Contact Mycroft: 212-983-2656 info@mycroftinc.com www.mycroftcloud.com @MycroftXSpectra Sales Inquiries: Nicole Koopman 347-244-5481 Nicole.koopman@mycroftinc.com

Recomendados

Synposium gia quebec setting the new course for digital identity- en rev 20...
Synposium gia quebec setting the new course for digital identity- en rev 20...Synposium gia quebec setting the new course for digital identity- en rev 20...
Synposium gia quebec setting the new course for digital identity- en rev 20...
Jean-François LOMBARDO
 
SWM_WP_MaturityModel_July15
SWM_WP_MaturityModel_July15SWM_WP_MaturityModel_July15
SWM_WP_MaturityModel_July15
Mike Lemons
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
Ivona M
 
Benefits of Using Open Source IAM
Benefits of Using Open Source IAMBenefits of Using Open Source IAM
Benefits of Using Open Source IAM
WSO2
 
Q4 mobility
Q4 mobilityQ4 mobility
Q4 mobility
Q4_sys
 
Oracle OpenWorld 2015 | CON9456 Mobile Security in the Cloud
Oracle OpenWorld 2015 | CON9456 Mobile Security in the CloudOracle OpenWorld 2015 | CON9456 Mobile Security in the Cloud
Oracle OpenWorld 2015 | CON9456 Mobile Security in the Cloud
Indus Khaitan
 
Confronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraConfronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking Era
Akana
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Ping Identity
 

Recomendados

Synposium gia quebec setting the new course for digital identity- en rev 20...
Synposium gia quebec setting the new course for digital identity- en rev 20...Synposium gia quebec setting the new course for digital identity- en rev 20...
Synposium gia quebec setting the new course for digital identity- en rev 20...
Jean-François LOMBARDO
 
SWM_WP_MaturityModel_July15
SWM_WP_MaturityModel_July15SWM_WP_MaturityModel_July15
SWM_WP_MaturityModel_July15
Mike Lemons
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
Ivona M
 
Benefits of Using Open Source IAM
Benefits of Using Open Source IAMBenefits of Using Open Source IAM
Benefits of Using Open Source IAM
WSO2
 
Q4 mobility
Q4 mobilityQ4 mobility
Q4 mobility
Q4_sys
 
Oracle OpenWorld 2015 | CON9456 Mobile Security in the Cloud
Oracle OpenWorld 2015 | CON9456 Mobile Security in the CloudOracle OpenWorld 2015 | CON9456 Mobile Security in the Cloud
Oracle OpenWorld 2015 | CON9456 Mobile Security in the Cloud
Indus Khaitan
 
Confronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking EraConfronting API Security in the Brave New Open Banking Era
Confronting API Security in the Brave New Open Banking Era
Akana
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Ping Identity
 
IBM Sotware Subscription and Support
IBM Sotware Subscription and SupportIBM Sotware Subscription and Support
IBM Sotware Subscription and Support
Stefan Pasinsky
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
Micro Focus
 
Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?
Harbinger Systems - HRTech Builder of Choice
 
9.35am robert humphrey
9.35am robert humphrey9.35am robert humphrey
9.35am robert humphrey
Argyle Executive Forum
 
IBM Subscription and Support - English
IBM Subscription and Support - EnglishIBM Subscription and Support - English
IBM Subscription and Support - English
Francisco González Jiménez
 
Onlizer IoT Foundation
Onlizer IoT FoundationOnlizer IoT Foundation
Onlizer IoT Foundation
Andriy Deren'
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Ping Identity
 
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CIS 2015 Easy Federation in Cloud and on Premises - Ian JaffeCIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CloudIDSummit
 
Identiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffingIdentiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffing
JoshuaCiccone2
 
[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...
[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...
[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...
WSO2
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015
Sreeni Pamidala
 
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Natalia Kataoka
 
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
oow123
 
Infor on the Road 2013 ERP LX
Infor on the Road 2013 ERP LXInfor on the Road 2013 ERP LX
Infor on the Road 2013 ERP LX
Inforsystemi
 
Impact2013 tsa 1416--api mgmt
Impact2013 tsa 1416--api mgmtImpact2013 tsa 1416--api mgmt
Impact2013 tsa 1416--api mgmt
Eric Kuefler
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority
Okta-Inc
 
How The Container Store uses AppDynamics in their development lifecycle
How The Container Store uses AppDynamics in their development lifecycleHow The Container Store uses AppDynamics in their development lifecycle
How The Container Store uses AppDynamics in their development lifecycle
AppDynamics
 
Mqtt.fx on hive mq cloud
Mqtt.fx on hive mq cloudMqtt.fx on hive mq cloud
Mqtt.fx on hive mq cloud
MargarethaErber
 
Testing & Compliance Challenges for Healthcare in the Cloud
Testing & Compliance Challenges for Healthcare in the CloudTesting & Compliance Challenges for Healthcare in the Cloud
Testing & Compliance Challenges for Healthcare in the Cloud
Adam Sandman
 
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Webinar: Three Steps to Transform Your Mobile App into a Security FactorWebinar: Three Steps to Transform Your Mobile App into a Security Factor
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Ping Identity
 
Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with Runpipe
Runpipe
 
Cutting Through the Disruption
Cutting Through the DisruptionCutting Through the Disruption
Cutting Through the Disruption
OSSCube
 

Mais conteúdo relacionado

Mais procurados

Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
Micro Focus
 
Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?
Harbinger Systems - HRTech Builder of Choice
 
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CIS 2015 Easy Federation in Cloud and on Premises - Ian JaffeCIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CloudIDSummit
 
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Natalia Kataoka
 
Impact2013 tsa 1416--api mgmt
Impact2013 tsa 1416--api mgmtImpact2013 tsa 1416--api mgmt
Impact2013 tsa 1416--api mgmt
Eric Kuefler
 
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Webinar: Three Steps to Transform Your Mobile App into a Security FactorWebinar: Three Steps to Transform Your Mobile App into a Security Factor
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Ping Identity
 

Mais procurados (20)

IBM Sotware Subscription and Support
IBM Sotware Subscription and SupportIBM Sotware Subscription and Support
IBM Sotware Subscription and Support
 
Micro Focus Corporate Overview
Micro Focus Corporate OverviewMicro Focus Corporate Overview
Micro Focus Corporate Overview
 
Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?
 
9.35am robert humphrey
9.35am robert humphrey9.35am robert humphrey
9.35am robert humphrey
 
IBM Subscription and Support - English
IBM Subscription and Support - EnglishIBM Subscription and Support - English
IBM Subscription and Support - English
 
Onlizer IoT Foundation
Onlizer IoT FoundationOnlizer IoT Foundation
Onlizer IoT Foundation
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM PracticesIdentity Beyond Employees: How Customer Experience Impacts Your IAM Practices
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
 
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CIS 2015 Easy Federation in Cloud and on Premises - Ian JaffeCIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
 
Identiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffingIdentiverse 2018 nathanael coffing
Identiverse 2018 nathanael coffing
 
[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...
[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...
[WSO2Con USA 2018] APIs: Technology That Can Transform Your Business into a P...
 
IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015IBM MobileFirst Reference Architecture 1512 v3 2015
IBM MobileFirst Reference Architecture 1512 v3 2015
 
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
Migrating DataPower to IBM's API Connect Using Custom Policies//DataPower Wee...
 
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
CON8040 Identity as a Service - Extend Enterprise Controls and Identity to th...
 
Infor on the Road 2013 ERP LX
Infor on the Road 2013 ERP LXInfor on the Road 2013 ERP LX
Infor on the Road 2013 ERP LX
 
Impact2013 tsa 1416--api mgmt
Impact2013 tsa 1416--api mgmtImpact2013 tsa 1416--api mgmt
Impact2013 tsa 1416--api mgmt
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority
 
How The Container Store uses AppDynamics in their development lifecycle
How The Container Store uses AppDynamics in their development lifecycleHow The Container Store uses AppDynamics in their development lifecycle
How The Container Store uses AppDynamics in their development lifecycle
 
Mqtt.fx on hive mq cloud
Mqtt.fx on hive mq cloudMqtt.fx on hive mq cloud
Mqtt.fx on hive mq cloud
 
Testing & Compliance Challenges for Healthcare in the Cloud
Testing & Compliance Challenges for Healthcare in the CloudTesting & Compliance Challenges for Healthcare in the Cloud
Testing & Compliance Challenges for Healthcare in the Cloud
 
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
Webinar: Three Steps to Transform Your Mobile App into a Security FactorWebinar: Three Steps to Transform Your Mobile App into a Security Factor
Webinar: Three Steps to Transform Your Mobile App into a Security Factor
 

Semelhante a Optimizing IAM with Single Sign-On From the Cloud to On-Premise

Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with Runpipe
Runpipe
 
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud AdoptionAWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
Amazon Web Services
 
Developer Conference 2.1 - (Cloud) First Steps to the Cloud
Developer Conference 2.1 - (Cloud) First Steps to the CloudDeveloper Conference 2.1 - (Cloud) First Steps to the Cloud
Developer Conference 2.1 - (Cloud) First Steps to the Cloud
Micro Focus
 
Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.
Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.
Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.
ForgeRock
 
Mike Siegler at INCOSE Minneapolis, 2014
Mike Siegler at INCOSE Minneapolis, 2014Mike Siegler at INCOSE Minneapolis, 2014
Mike Siegler at INCOSE Minneapolis, 2014
Etherios
 
Building A Business-Facing Mobile Developer Community
Building A Business-Facing Mobile Developer CommunityBuilding A Business-Facing Mobile Developer Community
Building A Business-Facing Mobile Developer Community
ProgrammableWeb
 
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
ForgeRock
 
4 Keys to a Successful Citrix Migration
4 Keys to a Successful Citrix Migration4 Keys to a Successful Citrix Migration
4 Keys to a Successful Citrix Migration
John Barnhart
 

Semelhante a Optimizing IAM with Single Sign-On From the Cloud to On-Premise (20)

Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with Runpipe
 
Cutting Through the Disruption
Cutting Through the DisruptionCutting Through the Disruption
Cutting Through the Disruption
 
Proven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and ManagementProven Practices for Office 365 Deployment, Security and Management
Proven Practices for Office 365 Deployment, Security and Management
 
Power Platform Governance Webinar
Power Platform Governance WebinarPower Platform Governance Webinar
Power Platform Governance Webinar
 
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud AdoptionAWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
 
Developer Conference 2.1 - (Cloud) First Steps to the Cloud
Developer Conference 2.1 - (Cloud) First Steps to the CloudDeveloper Conference 2.1 - (Cloud) First Steps to the Cloud
Developer Conference 2.1 - (Cloud) First Steps to the Cloud
 
Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.
Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.
Identity Summit 2015: Aol Case Study. Multi-Tenancy in the Enterprise.
 
Mike Siegler at INCOSE Minneapolis, 2014
Mike Siegler at INCOSE Minneapolis, 2014Mike Siegler at INCOSE Minneapolis, 2014
Mike Siegler at INCOSE Minneapolis, 2014
 
Building A Business-Facing Mobile Developer Community
Building A Business-Facing Mobile Developer CommunityBuilding A Business-Facing Mobile Developer Community
Building A Business-Facing Mobile Developer Community
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
VMworld Europe 2014: Preview the Latest Release from AirWatch
VMworld Europe 2014: Preview the Latest Release from AirWatchVMworld Europe 2014: Preview the Latest Release from AirWatch
VMworld Europe 2014: Preview the Latest Release from AirWatch
 
Inflectra Overview Presentation (2022)
Inflectra Overview Presentation (2022)Inflectra Overview Presentation (2022)
Inflectra Overview Presentation (2022)
 
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
 
Monitoring in the DevOps Era
Monitoring in the DevOps EraMonitoring in the DevOps Era
Monitoring in the DevOps Era
 
4 Keys to a Successful Citrix Migration
4 Keys to a Successful Citrix Migration4 Keys to a Successful Citrix Migration
4 Keys to a Successful Citrix Migration
 
The Platform Big Picture
The Platform Big PictureThe Platform Big Picture
The Platform Big Picture
 
Cloud technology for msme sector sujit panigrahi v2
Cloud technology for msme sector sujit panigrahi v2Cloud technology for msme sector sujit panigrahi v2
Cloud technology for msme sector sujit panigrahi v2
 
The Automotive Journey Into the Cloud
The Automotive Journey Into the CloudThe Automotive Journey Into the Cloud
The Automotive Journey Into the Cloud
 
The Automotive Journey Into the Cloud
The Automotive Journey Into the CloudThe Automotive Journey Into the Cloud
The Automotive Journey Into the Cloud
 
McKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & AutomationMcKesson Case Study: Pharmacy Systems & Automation
McKesson Case Study: Pharmacy Systems & Automation
 

Último

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

Último (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

Optimizing IAM with Single Sign-On From the Cloud to On-Premise

  • 1. • Why SSO? • A Challenge for the Enterprise • Deployment models • Hybrid IAM • Q & A Optimizing IAM with Single Sign-On from the Cloud to On-Premise Copyright ©2013 Mycroft Inc. All rights reserved
  • 2. Moderator Shanley Stern, Sr. Director Marketing, Mycroft Inc. Presenter Lester Rivera, Sr. Business Solutions Architect, Mycroft Inc. Presenter Herb Mehlhorn, Product Manager, CA Technologies INTRODUCTIONS Copyright ©2013 Mycroft Inc. All rights reserved
  • 3. Why Single Sign-On? WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
  • 4. SSO – SIMPLY STATED Copyright ©2013 CA. All rights reserved Mobile employee or Customer Partner User Internal Employee Enterprise or Partner Apps Cloud Apps/Platforms & Web Services SaaS Data Identities App/Resource App/Resource ClientSide
  • 5. A Challenge for the Enterprise WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
  • 6. WHAT TO LOOK FOR IN SSO PRODUCTS – CLIENT SIDE Copyright ©2013 CA. All rights reserved User Administrator Resources Supported Devices Supported User Interfaces Browser Mobile Application Terminal Emulator Desktop/ Laptop Tablet Smart Phone
  • 7. WHAT TO LOOK FOR IN SSO PRODUCTS – RESOURCE SIDE Copyright ©2013 CA. All rights reserved User Administrator Resources Apps/Resources Location of App On Premise Partner Site Partner App Access Path PaaS SiteSaaS App Rest API via Gateway Http over corp. Network Http over Internet Web Services
  • 8. WHAT TO LOOK FOR IN SSO PRODUCTS – FROM CLIENT TO RESOURCE Copyright ©2013 CA. All rights reserved Administrator Resources Authentication User Experience User Password SmartCard + X.509 ArcotID® OpenID OAuth Single Sign on Personalized Experience Single Logoff Enforcement Context of the authentication Web Agent Proxy Gateway Native to the App
  • 9. WHAT TO LOOK FOR IN SSO PRODUCTS – ADMINISTRATION Copyright ©2013 CA. All rights reserved User Administrator Resources • Managing SSO • Ability to manage the authentication and access via a UI or programmatic interface • …with efficiency • for all resource types via a single UI • for all access paths via a single UI • for all authentication policies via single UI • ….with confidence • provide ability to flexibly segregate and delegate administration • generating necessary log and audit data for governance and compliance purposes
  • 10. SSO also requires: DON’T FORGET THESE OTHER KEY REQUIREMENTS Copyright ©2013 CA. All rights reserved User Administrator Resources Identity life cycle management Effective monitoring Efficient delivery if using physical authentication methods
  • 11. WHAT’S AVAILABLE IN THE MARKET Thick Client SSO Web/Html Client SSO TIME Web/Html Client SSO via Federation Web/SOAP Client SSO via WS-* Web & Mobile native SSO via REST & API • Similarities across each of these developments: - SSO experience for the end user - Needed security characteristics of the solution • Differences - Location of the resource - Access path to the resource Copyright ©2013 CA. All rights reserved
  • 12. Deployment Models WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
  • 13. CHOOSE YOUR DEPLOYMENT MODEL Copyright ©2013 Mycroft Inc. All rights reserved On-Demand • Deployed in third- party datacenter • Subscription pricing model, no hardware required • Federated SSO everywhere • No VPN, no Firewall changes • Fully managed On-Premise • Deployed at enterprise datacenter • Allows for customization • Requires professional services, longer deployment times Hosted • Deployed in third- party datacenter (private cloud) • Connected to enterprise thru VPN • Available as Managed Service
  • 14. CHOOSE YOUR DEPLOYMENT MODEL Copyright ©2013 Mycroft Inc. All rights reserved On-Demand Important to me: • Tactical solution • Very quick to market • OpEX rather than CapEX • Standardized & ooB • Local market • No hardware hassle • Very small TCO On-Premise Important to me: • Strategic solution • Innovation • Individuality • Differentiate also by services • Tend to prefer CapEx • International market • Ownership Hosted Important to me: • Quick time to market • Some individuality • Some innovation • Tend to prefer OpEx • Sense of ownership • TCO • Differentiate from competition by assortment & price
  • 15. HOW DO THEY COMPARE? Not only about CAPEX vs. OPEX • About optimizing 3 Es • Effectiveness • Economy • Efficiency On-Premise Hosted On Demand Benefits of Hosted Infrastructure Hardware acquisition not required Implementation SMEs readily available Operation 24x7 SOC, no internal management needed Security Top tier Most effective, economical & efficient More effective, economical & efficient Effective, economical & efficient Copyright ©2013 Mycroft Inc. All rights reserved
  • 16. THINGS TO CONSIDER SSO…is even MORE important • Federate, Federate, Federate, Federate, Federate, Federate, Federate, F.E.D.E.R.A.T.E. • Request for access needs to be simple, powerful, pervasive…not just about user accounts! • SAML, OAuth, OpenID, WS-FED (Office365) Provisioning goes Just-In-Time • More SaaS applications supports it • BUT, no real automated de-provisioning Identity Governance continues to be important • Governance, risk, & compliance (GRC) • Ignores the enterprise “fence”; Data and users are mobile Think APIs…Everything is an API • Keep simple & authorize well • BUT not every API requires user accounts; sometimes you authorize device, source, etc. • AND sometimes the point is really identify the source Security is Policy-based • Security takes place outside of the app • Programmatic vs. declarative Copyright ©2013 Mycroft Inc. All rights reserved
  • 17. Hybrid IAM WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
  • 18. HYBRID IAM Copyright ©2013 Mycroft Inc. All rights reserved
  • 19. On-Premise Enterprise Apps Customers Partners Federated SSO Advanced Authentication Employees Privileged Identity Mgt Identity Governance Identity Management Identity Management Identity Governance Advanced Authentication Access Management Privileged Identity Mgt On-Premise Connector Cloud Platforms SaaS Enterprise Datacenter Copyright ©2013 Mycroft Inc. All rights reserved MYCROFT XSPECTRA ON-DEMAND SERVICE ARCHITECTURE
  • 20. A single log-on, launch any SaaS application available to you Copyright ©2013 Mycroft Inc. All rights reserved MYCROFT XSPECTRA ON-DEMAND SERVICE
  • 21. IN A NUTSHELL SSO…is critical • Simple, powerful access to applications a single log on - whether on-premise, in the cloud or hosted • Increased user productivity & overall company efficiency • Essential for security Deployment Models • Your organization has options • Cloud vs on-premise vs on-demand. Examine the pros and cons as it relates to your environment, as well as the overall efficiency, effectiveness & economy of each option Hybrid IAM • It doesn’t matter where your application is – behind the firewall or in the cloud • Scalable – seamless end-user experience between on-premise & cloud-based applications Security is Policy-based • Security takes place outside of the app • Programmatic vs. declarative Copyright ©2013 Mycroft Inc. All rights reserved
  • 22. Q & A Contact Mycroft: 212-983-2656 info@mycroftinc.com www.mycroftcloud.com @MycroftXSpectra Sales Inquiries: Nicole Koopman 347-244-5481 Nicole.koopman@mycroftinc.com

Notas do Editor

  1. Proactive MonitoringIncident ManagementProblem Management & Problem ReportingProblem Resolution and RoutingChange ManagementRelease ManagementConfiguration ManagementService Level ManagementQuery ManagementService ReportingData Collection Development ManagementRequest Management