Are You Ready to Move Your IAM to the Cloud?
Denunciar
•1 gostou•1,950 visualizações
Are You Ready to Move Your IAM to the Cloud?
•1 gostou•1,950 visualizações
Baixar para ler offline
Denunciar
Many companies are considering moving their current identity and access management (IAM) implementations to the cloud, or they are looking at the cloud for their new IAM use cases. This might be driven by the threat of attacks via identities, increasing compliance mandates, expanding needs of end users for frictionless data access or improving the total cost of ownership. View this presentation and watch the corresponding webinar to help you determine whether your organization is ready to move to IDaaS.
Recomendados
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
775 visualizações•12 slides
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
1.2K visualizações•7 slides
How to Improve Threat Detection & Simplify Security OperationsIBM Security
1.9K visualizações•36 slides
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
1.1K visualizações•23 slides
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
966 visualizações•20 slides
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
941 visualizações•24 slides
Mais conteúdo relacionado
Mais procurados
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...IBM Security
742 visualizações•18 slides
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
1.3K visualizações•20 slides
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
3.6K visualizações•29 slides
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
1.1K visualizações•36 slides
Mais procurados(20)
Similar a Are You Ready to Move Your IAM to the Cloud?
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksIBM Security
3.7K visualizações•17 slides
Similar a Are You Ready to Move Your IAM to the Cloud?(20)
Mais de IBM Security
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
914 visualizações•39 slides
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationIBM Security
1.3K visualizações•27 slides
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
3.2K visualizações•30 slides
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
4.2K visualizações•25 slides
Mais de IBM Security(13)
Último
Último(20)
Are You Ready to Move Your IAM to the Cloud?
- 1. Are You Ready to Move Your IAM to the Cloud? Webinar February 28, 2018 Peter Volckaert Senior Sales Engineer IBM Security peter.volckaert@be.ibm.com Patrik Horemans Senior Sales IBM Security patrik.horemans@be.ibm.com
- 2. 2 IBM Security IBM AND BUSINESS PARTNER INTERNAL USE ONLY Agenda • What Is IDaaS? • Typical IDaaS Use Cases • IDaaS or On-Prem? • Question & Answer
- 3. 3 IBM Security What Is IDaaS?
- 4. 4 IBM Security What Is IDaaS?
- 5. 5 IBM Security Typical IDaaS Use Cases
- 6. 6 IBM Security Typical IDaaS Use Cases 1. Employee Access to Web Applications 2. Consumer IAM 3. Traditional/Legacy IAM
- 7. 7 IBM Security Employee Access to Web Applications
- 8. 8 IBM Security Employee Access to Web Applications
- 9. 9 IBM Security Employee Access to Web Applications Company IDaaS - synchronize user data - passthrough authn - single sign-on - IdP-SP federation Cloud Directory Cloud/Internet SaaS Apps User Directory On-Prem Apps App IdP / Proxy Cloud Identity Connect Cloud Identity Service Cloud Identity Connect
- 10. 10 IBM Security Consumer IAM
- 11. 11 IBM Security Consumer IAM
- 12. 12 IBM Security IAM for Consumers: Another World… Consumer Scale Employee XXL M to XL Distributed Centralized Individual Business Low High Control Focus Complexity Source:Gartner:“ConsumerIdentityandAccessManagementIsaDigitalRelationshipImperative”,30December2015
- 13. 13 IBM Security Consumer IAM Cloud/InternetCompany Consumer Data Consumer Identity Store IDaaS On-prem Apps App Social Identity Cloud Identity Service
- 16. 16 IBM Security Traditional/Legacy IAM Company - provisioning - passtru authn - SSO - HR feeds Cloud Directory - provisioning RDBMS SAP Linux HR Data User Directory On-prem Apps App Social Identity Cloud/Internet IDaaS LDAP IdP/ Proxy SaaS Apps Cloud Identity Service
- 17. 17 IBM Security IDaaS or On-Prem?
- 18. 18 IBM Security To Cloud or Not To Cloud … SaaS adaption Internal IAM not delivering Competing IAM implementations Source: Gartner: “How to choose between On-Premises and IDaaS Delivery Models for Identity and Access Management, July 2016 Mature IAM program and implementations Cloud security and data residency concerns Need customized IGA Staffing and TCO
- 19. 19 IBM Security Responsibilities: You? They? Together? You Own It They Own ItShared Responsibility IAM program IAM vision & strategy IDaaS infra Service patch management Service improvements On-prem target integration Bridge components Health target systems Test environment Business continuity User support Source:Gartner:“HowtochoosebetweenOn-PremisesandIDaaSDeliveryModelsforIdentityandAccessManagement,July2016
- 20. 20 IBM Security IBM Cloud Identity Resources http://bit.ly/TCOofCloudIAM http://bit.ly/CloudIAMBuyersGuide More resources on Peter Volckaert’s Cloud Identity page: https://ibm.box.com/v/cloudidentity
- 21. 21 IBM Security Question & Answer
- 22. ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions © Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party. FOLLOW US ON: THANK YOU
Notas do Editor
- Introduce yourself: good afternoon. I’m … , working within IBM Security, working within services for X years, currently sales engineer. Specialized in IAM. And when talking with customers and prospect the word cloud is unavoidable…
- De IDaaS use cases worden gedreven door de trend van “digital business” / disruption Opm: B2B?
- Access by Anyone, from Anywhere, on Any Device This architecture is assuming an internal, enterprise IdP. Typically provided by an access management solution from IBM, CA, Oracle, etc or AD-FS. Users trying to access SaaS apps will be redirected to their company IdP, where authentication takes place. Then they will be redirected (with a SAML token) to the eventual SaaS app. Alternative: a so-called cloud directory that resides in the IDaaS solution Yes, you can also connect to your on-premises apps. Okta uses SWA for that. The user’s credentials are securily kept in the IDaaS
- Transaction scale can also vary widely depending on the season and the marketing campaign. Control: for employees: centralized, company-owned attributes. For consumers: self-registered, self-managed attributes, spread over multiple data sources (organisations, social media, credit-reporting agencies, public records, financial institutions) hence “distributed”. Ensure scalability. The registration and access services must be able to handle large user volumes. There may be circumstances where thousands, tens of thousands or hundreds of thousands of users are registering for a service within a short period of time. Because consumer-oriented systems often experience highly variable demand due to seasonality and marketing campaigns, many organizations use cloud-based systems
- CIAM: Some organizations in highly regulated industries are still more comfortable with an on-premises solution, and such solutions can be deployed in the cloud, if desired.
- Hier: de markt bespreken. Legt de vendor véél bij zich of toch wat minder? Grote verschillen… Ook bridge componenten: hoe meer on-prem hoe goedkoper, maar wel verantwoordelijk en wat met de TCO? Hier: CIS in de schijnwerper. Belangrijk: jij moet: visie/strategie/planning Policies (entitlements, etc) Integraties: bijv met 3rd party authn systeem en SIEM Infrastructuur: bijv VPNs, onderhoud on-prem stuff (sync) IDaaS is dus vooral: implementatie! Met CIS is er ook prof. services die een klant helpt met strategie