Mt26 identity management as a service
-
Upload
dell-world -
Category
Documents
-
view
141 -
download
0
description
Transcript of Mt26 identity management as a service
1 Dell World 2014
Identity and Access Management
MT26 Identity management as a service
Jackson Shaw, Senior Director of Product Management, November, 2014
Dell World 2014
2 Dell World 2014
IAM challenges in the real world
• For many growing organizations, access control needs have grown beyond their staff’s ability to efficiently and securely enforce them
• More applications are moving to the cloud
• With the “jack-of-all-trades” approach to IAM, efficiency, security and compliance inevitably suffer. The smaller the IT staff, the more broadly their skill set is required to spread.
• The further the line-of-business moves away from provisioning, governance and access management, the more likely it is that their “real world” of IAM is a mess.
• The skills, time, and tools needed to execute enterprise provisioning and governance are not there
• The possibility of a big capital investment to address these problems isn’t realistic
Dell World 2014
When does a SaaS offering make sense?
4 Dell World 2014
Dell One Identity as a Service
• Addresses your most pressing security, provisioning/de-provisioning, access control, governance and compliance needs as an operational expense not a capital investment.
• Delivered through a partnership with Simeio, an end-to-end IAM services and solutions provider, leveraging Simeio’s Identity as a Service expertise and DirectAxs cloud computing platform
• Technology • Sales • Marketing • Branding
• Hosting • Integration/customization • Support
5 Dell World 2014
Three modules available
Dell One Identity as a Service
For Provisioning For Governance For Access Control
• Enterprise provisioning
• Access request portal
• Business-driven access decisions
• Unified workflow and policy
• Self-service password resets
• Reporting
• Attestation/recertification
• Separation of duties
• Role management
• Role-based access control
• Compliance reporting
• Web SSO
• Just-in-time cloud provisioning
• Access control for web apps
• Self-service password resets
• Reporting on WAM rights and activity
6 Dell World 2014
How it works
7 Dell World 2014
Provisioning use cases Use Cases Description
Identity Origination
External user self registration Integration with HR/Authoritative source User created in IAM solution
Self Service & Password Management
• User sets password & challenge response questions • User forgets password and is able to reset password to all
provisioned applications • Help desk is able to reset password for user based on
shared secret
Access Request Catalogue Application access request process 2 Level approval Workflow
Provisioning & Deprovisioning
Creates, modifies and deletes accounts on applications and infrastructure following the completion of workflow
Supports on-premises and SAAS applications Provisions based on roles defined by customer
Reporting Out of the box “who has access to what reports” Custom reports based on requirements
8 Dell World 2014
Provisioning and attestation/recertification
9 Dell World 2014
Attestation
10 Dell World 2014
Self Service Request
11 Dell World 2014
Self-service password reset
12 Dell World 2014
Governance use cases Use Cases Description
Identity Seeding Integration with HR/Authoritative source User created in IAM solution
Application & Entitlement Synch
• Integration with applications through connector or flat file synch • Load account and entitlements and correlate to users • Define risk level for entitlements
Risk Based Access Certification
User – Manager access certification Risk based view Ability for reviewer to certify/revoke access Mark accounts for termination
Segregation of Duties Define segregation of duty policies Enforce SOD compliant provisioning Run detective SOD checks
Role Mining Role mining using top down and bottom up attributes
Reporting Out of the box “who has access to what reports” Custom reports based on requirements
13 Dell World 2014
Organization Dashboard
14 Dell World 2014
IT Shop Dashboard
15 Dell World 2014
Identity Audit
16 Dell World 2014
Auditing
17 Dell World 2014
Access control use cases Use Cases Description
Identity Seeding Integration with HR/Authoritative source User created in IAM solution
AD/LDAP Integration • Integration with On Premise Authentication Directory
Self Service & Password Management
• User sets password & challenge response questions • User forgets password and is able to reset password to all
provisioned applications • Help desk is able to reset password for user based on shared secret
Web Single Sign On & Federation
Integrations with On Premise and SAAS Applications for providing Single Sign On
Support for SAML, Form Fill, LDAP, Kerberos Authentication mechanisms
Reporting Out of the box “who has access to what reports” Out of the box “Who accessed what reports” Custom reports based on requirements
18 Dell World 2014
Web single sign-on, federation and access control
19 Dell World 2014
Create new application for Web SSO
Dell World 2014
Benefits of a SaaS delivery approach
21 Dell World 2014
Why Identity as a Service (SaaS) make sense
• Operational vs. capital expenditures • With the subscription model for SaaS, the payment for IAM services moves from a capital
expenditure to an operational expense. Approvals and accounting for operational spending is often faster and smoother than capital investments.
• Solution management and maintenance • No need for an organization to manage on-premises software. Critical tasks such as software
patches, updates, and more fall to the service provider, not your IT team.
• Staff expertise • Burden on IT staff to learn and become experts on new software is dramatically reduced. In
fact, with IAMaaS, IT can be entirely removed from some tasks, such as provisioning, access management, and governance.
• Near-immediate deployment • Most SaaS options can be deployed quickly, delivering value in a fraction of the time of their
on-premises counterparts
22 Dell World 2014
Why chose Dell One Identity as a Service? • Built to help organizations move from the tactical to the
strategic and agility-enabling ideal of governance
• Place visibility and control required of IAM in the hands of those that know “why” things should happen (line-of-business personnel) not simply those that know “how” to make them happen (IT)
• Designed with simplicity in mind. Modules are simple to deploy and use, but also decrease the overall complexity
• Modular and integrated, so you can start where needed and build from there. There’s no need for a heavy investment in an underlying technology framework, or extensive customization to make solutions work together
23 Dell World 2014
Validation • By the end of 2017, 20% of IAM purchases will use the IDaaS delivery model, up from less than 10%
in 2014.
• Gartner, “Magic Quadrant for IDaaS,” June 2, 2014, Gregg Kreizman
• The average user must access 27 different applications to do his or her job, and has an average of six enterprise-issued passwords. The same survey concluded that, on average, it takes more than a day and a half to provision a new user, and more than half a day to de-provision a user.
• Aberdeen Group
• “We recognize Dell’s leadership when it comes to delivering a comprehensive IAM solution, and we are pleased to partner with an industry leader to offer a full-featured Identity as a Service solution to organizations that typically struggle to address IAM needs. The Simeio Business-Ready IAM Cloud delivered via the industry's first and only Identity Intelligence Center, provides our clients with a higher level of security and reliability.”
• Hemen Vimadalal, Simeio Solutions, CEO
Dell World 2014
Thank you.
25 Dell World 2014
Provisioning module
26 Dell World 2014
Governance module
27 Dell World 2014
Access control module
DEFENDER
DELL INTERCEPTOR
Primary
ON PREMISE ENTERPRISE
APPLICATIONS
ACTIVE DIRECTORY
Oracle
EBS
MAINFRAME
SAP
DB NODE 1 DB NODE 2
DELL
INTERCEPTOR
Disaster Recovery
Customer Data Centre
SECURED VPN TUNNELS
Cloud
SAAS
APPS
SAM
L
DELL IDaaS
ACCESS CONTROL
SERVICE
CAM PM
DATABASE
CLUSTER
(Load
Balancer)
Want to learn more about Dell’s identity protection solutions?
Learn more via email. Start here.
Sign me up!