Submit Search
Upload
Madsen byod-csa-02
•
2 likes
•
558 views
Paul Madsen
Follow
Role of IdM in addressing BYOD
Read less
Read more
Technology
Report
Share
Report
Share
1 of 41
Download Now
Download to read offline
Recommended
Cebit 2013 Keynote
Cebit 2013 Keynote
Unify
Information Age of Now: 6 Innovative Approaches that Change The Way Businesse...
Information Age of Now: 6 Innovative Approaches that Change The Way Businesse...
ibmvietnam
Social Networking 2 - Final
Social Networking 2 - Final
Willie Favero
IDS FortuneNext Enterprise: Helping Hotels Smile Their Way To Profitability, ...
IDS FortuneNext Enterprise: Helping Hotels Smile Their Way To Profitability, ...
IDS NEXT Business Solutions Pvt Ltd
GBM Horizons eNewsletter 2011 issue
GBM Horizons eNewsletter 2011 issue
Gulf Business Machines
Jaime cabrera v mware. su nube. acelere ti. acelere su negocio
Jaime cabrera v mware. su nube. acelere ti. acelere su negocio
datacentersummit
OpenScape Office
OpenScape Office
Anatoliy Parkhomenko
Cisco Video Presentation Stn 2 24 11
Cisco Video Presentation Stn 2 24 11
mcini
More Related Content
What's hot
Dirk Krafzig S O A And Conveys Law
Dirk Krafzig S O A And Conveys Law
SOA Symposium
Universal Understanding Brochure
Universal Understanding Brochure
leahdisney
General management powerpoint presentation templates.
General management powerpoint presentation templates.
SlideTeam.net
General management powerpoint presentation slides.
General management powerpoint presentation slides.
SlideTeam.net
General management powerpoint ppt templates.
General management powerpoint ppt templates.
SlideTeam.net
117114+carencro internship+bro
117114+carencro internship+bro
NAFCareerAcads
Replication for Business Continuity, Disaster Recovery and High Availability
Replication for Business Continuity, Disaster Recovery and High Availability
Tony Pearson
Rawsthorne | Who is your PO
Rawsthorne | Who is your PO
Nikita Filippov
KBACE iRecruitment Webinar
KBACE iRecruitment Webinar
KBACE Technologies, Inc.
Managing softwaredebt agilepalooza-redmond-sept2010
Managing softwaredebt agilepalooza-redmond-sept2010
Chris Sterling
Enterprise 2.0 - Using Social Media to Address HR Priorities
Enterprise 2.0 - Using Social Media to Address HR Priorities
welshms
What's hot
(11)
Dirk Krafzig S O A And Conveys Law
Dirk Krafzig S O A And Conveys Law
Universal Understanding Brochure
Universal Understanding Brochure
General management powerpoint presentation templates.
General management powerpoint presentation templates.
General management powerpoint presentation slides.
General management powerpoint presentation slides.
General management powerpoint ppt templates.
General management powerpoint ppt templates.
117114+carencro internship+bro
117114+carencro internship+bro
Replication for Business Continuity, Disaster Recovery and High Availability
Replication for Business Continuity, Disaster Recovery and High Availability
Rawsthorne | Who is your PO
Rawsthorne | Who is your PO
KBACE iRecruitment Webinar
KBACE iRecruitment Webinar
Managing softwaredebt agilepalooza-redmond-sept2010
Managing softwaredebt agilepalooza-redmond-sept2010
Enterprise 2.0 - Using Social Media to Address HR Priorities
Enterprise 2.0 - Using Social Media to Address HR Priorities
Similar to Madsen byod-csa-02
Driving ROI and Adoption in Exceptional Social Experiences with Gamification
Driving ROI and Adoption in Exceptional Social Experiences with Gamification
Perficient, Inc.
Microsoft Power Point Myr Saa S & Cloud Computing Seminar Pwin
Microsoft Power Point Myr Saa S & Cloud Computing Seminar Pwin
guestaebb4a1
BYOD - it's an identity thing
BYOD - it's an identity thing
Paul Madsen
Solid works costing overview and details-10-13-2011a
Solid works costing overview and details-10-13-2011a
Lutz Feldmann
Video for Internal Communications Inside the Global Enterprise
Video for Internal Communications Inside the Global Enterprise
MediaPlatform
Business Process Management 1 Developing The Skillset
Business Process Management 1 Developing The Skillset
Steve Towers, CEO and CPP Champion
Office central presentation to customers v2r0
Office central presentation to customers v2r0
Authentic Venture Sdn Bhd
Services Resource Planning Market Review
Services Resource Planning Market Review
Michael Fauscette
Arvind Brands and Retail- August 2012
Arvind Brands and Retail- August 2012
Best Workplaces Conference
Prolifics at IBM Lotusphere 2012
Prolifics at IBM Lotusphere 2012
Prolifics
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
Seccuris Inc.
Service Catalog & Request Fulfillment, the cornerstone of IT Service Management
Service Catalog & Request Fulfillment, the cornerstone of IT Service Management
BMC Software
Utility AP - Best Practice, out of the box with Maximo Asset Management
Utility AP - Best Practice, out of the box with Maximo Asset Management
Vincent Kwon
Why Strategic Experience Alignment Is An Imperative... For Your Employees
Why Strategic Experience Alignment Is An Imperative... For Your Employees
jmaclaren
Vidizmo intro
Vidizmo intro
Shane Sinha
Maximizing Security Training ROI
Maximizing Security Training ROI
Symosis Security (Previously C-Level Security)
Executing digital advertising with InDesign workflow engines
Executing digital advertising with InDesign workflow engines
Glenn Bailey
NASSCOM GEPS BCP Webinar 2010_05_14
NASSCOM GEPS BCP Webinar 2010_05_14
vankito
Ibm software network2012 claudio cinquepalmi #ibmsocialbiz
Ibm software network2012 claudio cinquepalmi #ibmsocialbiz
Claudio Cinquepalmi
Warsaw Seminar Diem Ho 2
Warsaw Seminar Diem Ho 2
Youth Agora
Similar to Madsen byod-csa-02
(20)
Driving ROI and Adoption in Exceptional Social Experiences with Gamification
Driving ROI and Adoption in Exceptional Social Experiences with Gamification
Microsoft Power Point Myr Saa S & Cloud Computing Seminar Pwin
Microsoft Power Point Myr Saa S & Cloud Computing Seminar Pwin
BYOD - it's an identity thing
BYOD - it's an identity thing
Solid works costing overview and details-10-13-2011a
Solid works costing overview and details-10-13-2011a
Video for Internal Communications Inside the Global Enterprise
Video for Internal Communications Inside the Global Enterprise
Business Process Management 1 Developing The Skillset
Business Process Management 1 Developing The Skillset
Office central presentation to customers v2r0
Office central presentation to customers v2r0
Services Resource Planning Market Review
Services Resource Planning Market Review
Arvind Brands and Retail- August 2012
Arvind Brands and Retail- August 2012
Prolifics at IBM Lotusphere 2012
Prolifics at IBM Lotusphere 2012
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
Service Catalog & Request Fulfillment, the cornerstone of IT Service Management
Service Catalog & Request Fulfillment, the cornerstone of IT Service Management
Utility AP - Best Practice, out of the box with Maximo Asset Management
Utility AP - Best Practice, out of the box with Maximo Asset Management
Why Strategic Experience Alignment Is An Imperative... For Your Employees
Why Strategic Experience Alignment Is An Imperative... For Your Employees
Vidizmo intro
Vidizmo intro
Maximizing Security Training ROI
Maximizing Security Training ROI
Executing digital advertising with InDesign workflow engines
Executing digital advertising with InDesign workflow engines
NASSCOM GEPS BCP Webinar 2010_05_14
NASSCOM GEPS BCP Webinar 2010_05_14
Ibm software network2012 claudio cinquepalmi #ibmsocialbiz
Ibm software network2012 claudio cinquepalmi #ibmsocialbiz
Warsaw Seminar Diem Ho 2
Warsaw Seminar Diem Ho 2
More from Paul Madsen
Onboarding in the IoT
Onboarding in the IoT
Paul Madsen
Native application Single SignOn
Native application Single SignOn
Paul Madsen
A recipe for standards-based Cloud IdM
A recipe for standards-based Cloud IdM
Paul Madsen
Saas webinar-dec6-01
Saas webinar-dec6-01
Paul Madsen
Jan19 scim webinar-04
Jan19 scim webinar-04
Paul Madsen
Mobile Native OAuth Decision Framework
Mobile Native OAuth Decision Framework
Paul Madsen
Gluecon oauth-03
Gluecon oauth-03
Paul Madsen
Proxying Assurance between OpenID & SAML
Proxying Assurance between OpenID & SAML
Paul Madsen
DIWD Concordia
DIWD Concordia
Paul Madsen
Oauth 01
Oauth 01
Paul Madsen
Iiw2007b Madsen 01
Iiw2007b Madsen 01
Paul Madsen
More from Paul Madsen
(11)
Onboarding in the IoT
Onboarding in the IoT
Native application Single SignOn
Native application Single SignOn
A recipe for standards-based Cloud IdM
A recipe for standards-based Cloud IdM
Saas webinar-dec6-01
Saas webinar-dec6-01
Jan19 scim webinar-04
Jan19 scim webinar-04
Mobile Native OAuth Decision Framework
Mobile Native OAuth Decision Framework
Gluecon oauth-03
Gluecon oauth-03
Proxying Assurance between OpenID & SAML
Proxying Assurance between OpenID & SAML
DIWD Concordia
DIWD Concordia
Oauth 01
Oauth 01
Iiw2007b Madsen 01
Iiw2007b Madsen 01
Recently uploaded
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Matt Ray
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
DianaGray10
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
Bachir Benyammi
20150722 - AGV
20150722 - AGV
Jamie (Taka) Wang
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IES VE
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
IES VE
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
DianaGray10
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
Jamie (Taka) Wang
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
Daniel Santiago Silva Capera
Designing A Time bound resource download URL
Designing A Time bound resource download URL
Runcy Oommen
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Will Schroeder
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
David Newbury
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
Adam Moalla
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
Udaiappa Ramachandran
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
bruanjhuli
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
GDSC PJATK
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Pedro Manuel
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
infogdgmi
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
Eric D. Schabell
Recently uploaded
(20)
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
20150722 - AGV
20150722 - AGV
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
Designing A Time bound resource download URL
Designing A Time bound resource download URL
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
Madsen byod-csa-02
1.
BYOD- it's an
Identity Thing BYOD Session #36 Thursday, November8, 2012 It's an 'identity' thing 1.45-2.45pm Paul Madsen (@pmadsen) Senior Technical Architect Ping Identity MIS Training Institute Session # - Slide 1 © COMPANY NAME
2.
A little bit
about me MIS Training Institute Session # - Slide 2 © COMPANY NAME
3.
BYOD
WHAT'S THE BIG DEAL? MIS Training Institute Session # - Slide 3 © COMPANY NAME
4.
MIS Training Institute
Session # - Slide 4 © COMPANY NAME
5.
B
Y O D R B Y W D R I O N E O N U U V GG R I H C T E MIS Training Institute © COMPANY NAME S Session # - Slide 5
6.
Context
COIT BYOD Social will.i.am keynoting Cloudforce App stores Personal Cloud MIS Training Institute Session # - Slide 6 © COMPANY NAME
7.
[reputable analyst
firm] says [X%] of Fortune 500 will confront BYOD by [201Y] MIS Training Institute Session # - Slide 7 © COMPANY NAME
8.
So why
allow it? MIS Training Institute Session # - Slide 8 © COMPANY NAME
9.
SHadow IT
HAPPENS MIS Training Institute Session # - Slide 9 © COMPANY NAME
10.
Employee productivity as
a function of time Value prop BYOD productivity Traditional 9-5 Sun Mon Tue Wed Thur Fri Sat MIS Training Institute Session # - Slide 10 © COMPANY NAME
11.
Fundamental challenge
A single device must support two 'masters' MIS Training Institute Session # - Slide 11 © COMPANY NAME
12.
Err no…. MIS Training
Institute Session # - Slide 12 © COMPANY NAME
13.
Choices
Mobile Device Management (MDM) applies enterprise policy to the device as a whole PIN, wipe, VPN etc Mobile Application Management (MAM) focuses on the business apps ON the device App store, security added onto binaries either through SDK or 'wrapping' MIS Training Institute Session # - Slide 13 © COMPANY NAME
14.
Granularity MIS Training Institute
Session # - Slide 14 © COMPANY NAME
15.
BYOD Balancing Act
Standards Security Productivity Privacy MIS Training Institute Session # - Slide 15 © COMPANY NAME
16.
Balancing Act
Productivity MIS Training Institute Session # - Slide 16 © COMPANY NAME
17.
MIS Training Institute
Session # - Slide 17 © COMPANY NAME
18.
Productivity vs time
ideal reality 'Now what was my password again??' productivity 'Whoa, I can still login!' 'Well I guess I can play Angry Birds until IT sets me up' hired fired MIS Training Institute time Session # - Slide 18 © COMPANY NAME
19.
GTD Requirements
1. Initial GTD - Quickly get new employees up and running with the applications their role demands 2. Ongoing GTD - Provide employees single sign on experience in day to day work 3. Stop GTD - Reduce/remove permissions when necessary MIS Training Institute Session # - Slide 19 © COMPANY NAME
20.
Balancing Act
Privacy MIS Training Institute Session # - Slide 20 © COMPANY NAME
21.
Privacy
the right to be let alone— the most comprehen sive of rights and the right Louis Dembitz Brandeis MIS Training Institute © COMPANY NAME most Session # - Slide 21
22.
Privacy
Granularity of IT control MIS Training Institute Session # - Slide 22 © COMPANY NAME
23.
Partioning for privacy
1. Divide the phone in 'half' – one side for business applications & data, another for personal 2. IT's mandate is to manage & secure the apps & data on the business side 3. IT has no mandate (nor, hopefully, desire) to touch apps & data on the personal side MIS Training Institute Session # - Slide 23 © COMPANY NAME
24.
Balancing Act
Security MIS Training Institute Session # - Slide 24 © COMPANY NAME
25.
IT'S NOT ABOUT
THE DEVICE MIS Training Institute Session # - Slide 25 © COMPANY NAME
26.
It's the data MIS
Training Institute Session # - Slide 26 © COMPANY NAME
27.
Protecting the data
1. Ensure that user/app can access only appropriate data Authorization based on role 2. Protect data in transit IDM SSL 3. Protect data on device PIN, Encryption MAM 4. Remove access to data when appropriate MDM Wipe stored data (or keys) Revoke access to fresh data MIS Training Institute Session # - Slide 27 © COMPANY NAME
28.
MIM? MIS Training Institute
Session # - Slide 28 © COMPANY NAME
29.
MDM – No
screen capture MAM – No screen capture when in email app MIM – No screen capture for this document MIS Training Institute Session # - Slide 29 © COMPANY NAME
30.
Balancing Act
Standards MIS Training Institute Session # - Slide 32 © COMPANY NAME
31.
Why standards?
Framework implies interplay between Enterprise IdM MAM architecture MAM servers MAM agent Applications On-prem SaaS MIS Training Institute Session # - Slide 33 © COMPANY NAME
32.
Components
Enterprise SaaS SaaS 1 2 MAM Device MAM Browser SaaS1 SaaS2 MIS Training Institute Session # - Slide 34 © COMPANY NAME
33.
Standards
SCIM (System for Cross-Domain Identity Management) to provision identities as necessary to MAM and SaaS providers SAML (Security Assertion Markup Language) to bridge enterprise identity to MAM and SaaS providers OAuth to authorize MAM agents, and SaaS native apps MIS Training Institute Session # - Slide 35 © COMPANY NAME
34.
Components
Enterprise SCIM SaaS SaaS SCIM 1 SAMLMAM O SCIM O A SAML A U SAML O U T A T H U H Device MAMT Browser H SaaS1 SaaS MIS Training Institute Session # - Slide 36 © COMPANY NAME
35.
Bob 'pursuing other
ventures' Enterprise SCIM (delete) SaaS SaaS SCIM (delete) 1 MAM SCIM (delete) W I p e Device MAM Browser SaaS1 SaaS wipe wipe MIS Training Institute Session # - Slide 37 © COMPANY NAME
36.
Bob 'loses phone
in cab' Enterprise SCIM (status=0) SaaS SaaS SCIM (status=0) 1 MAM SCIM (status=0) L O C K = Device Y MAM Browser SaaS1 SaaS MIS Training Institute Session # - Slide 38 © COMPANY NAME
37.
Application Provider
Enterprise Application Provider Application Provider Device Native app Native app Native Authz Native app app Native agent Native app app Native app MIS Training Institute Session # - Slide 41 © COMPANY NAME
38.
Wrapping up
39.
R
R E DE S a S Business T t T Personal a MAM App App T Policy o k Apps T o e k n e s Identity Identity Corp Identity n Identity s Tokens MIS Training Institute Session # - Slide 43 © COMPANY NAME
40.
Thank you
@paulmadsen MIS Training Institute Session # - Slide 44 © COMPANY NAME
41.
Summary 1.
Divide device & leave employee personal data alone 2. Provision apps via MAM based on employee identity & roles into employee 'side' 3. Provision tokens to those apps via IdM based on employee identity & roles 4. Apps use tokens on API calls to corresponding Cloud MIS Training Institute Session # - Slide 45 © COMPANY NAME
Editor's Notes
Managing the device is misguided – CISO do not loose sleep over the loss of devices, but rather ……
Managing the device is misguided – CISO do not loose sleep over the loss of devices, but rather ……
Download Now