Intel IT's Identity and Access Management Journey
Upcoming SlideShare
Loading in...5
×
 

Intel IT's Identity and Access Management Journey

on

  • 534 views

Advances in the SMAC stack – social, mobile, analytics, and cloud – have affected every part of the enterprise. Organizations want to move more diverse data to more places, and more people need ...

Advances in the SMAC stack – social, mobile, analytics, and cloud – have affected every part of the enterprise. Organizations want to move more diverse data to more places, and more people need access via more services and devices. Managing all this is a big task for information security. Learn about Intel IT's approach to IDAM redesign and IT best practices for enhanced security and a better user experience.

Statistics

Views

Total Views
534
Views on SlideShare
491
Embed Views
43

Actions

Likes
0
Downloads
2
Comments
0

1 Embed 43

https://twitter.com 43

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • 2
  • Jason to provide speaker notes

Intel IT's Identity and Access Management Journey Intel IT's Identity and Access Management Journey Presentation Transcript

  • Intel IT’s Identity and Access Management Journey July 2014 Copyright © 2014, Intel Corporation. All rights reserved
  • Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Intel, and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries. * Other names and brands may be claimed as the property of others. Copyright © 2014, Intel Corporation. All rights reserved. Copyright © 2014, Intel Corporation. All rights reserved 2
  • The SMAC Stack Requires Agile Security Capabilities Copyright © 2014, Intel Corporation. All rights reserved • Enable movement of diverse information to more places • Variety and growth in devices, internet touch points, and access methods • More custom mobile applications and services within the enterprise • The need to adopt standard applications for SaaS in the public cloud MobileSocial CloudAnalytics The increase in devices, applications and use of the cloud requires a new approach to provisioning and managing identities. 3
  • The IdAM Challenge Copyright © 2014, Intel Corporation. All rights reserved • A 20 year old custom solution • A need for a new approach: • Building with a small set of off-the-shelf solutions • Utilizing Web Services to “wrap” solutions • Driving for a small set of businesses processes 4
  • IdAM Vision & Goals Vision: Simple, easy and controlled solutions that enable access to anything, from anywhere, to any device. Drive Business ValueProgram CSIs (Critical Success Factor)  Agility  Improved UX  Flexibility  Risk Mitigation Reduce: Unmanaged accounts Access approval TPT Application Setup Audit Excursions 5 Copyright © 2014, Intel Corporation. All rights reserved
  • High-Level Reference Architecture Copyright © 2014, Intel Corporation. All rights reserved Enterprise Directory Services Core(Management)Periphery (Runtime) Provisioning Third Party Applications Services Enterprise Login  Performance  Stability  User Experience  User Experience Service Oriented Architecture KEY  Biz Value 6 Access Request Interface Identity Management Services  Data Quality  ID Attestation Entitlement Management Services  Access Certification  Business / Tech Roles AppsAppsAppsApps AuthN  Step-Up AuthN  Inbound Federation  Outbound Federation  Social Login AuthZ  Fine-Grained AuthZ
  • Co-Existence Implementation (versus Big Bang) Copyright © 2014, Intel Corporation. All rights reserved • The new platform will be the master system and will treat the legacy platform as a managed source • As applications are migrated to the new platform, the management of access will also move • Ahead of migration, legacy applications can take advantage of features in the new platform, for example, access certification New IdAM Platform Old IdAM Platform IdAM Web Services AGGREGATE PROVISION READ CREATE, UPDATE Legacy Applications New/ Migrated Applications 7
  • Integration Principles Purchased 3rd Party Applications: Integrate with directory directly or web services IdAM Web Services New IdAM Platform Enterprise Directory Enterprise Applications Purchased Applications 8 Custom Written Applications: Integrate with IdAM web services Provisioning: Outside on exception basis Copyright © 2014, Intel Corporation. All rights reserved
  • Workers, Trading Partners & Consumers Any Device Federated Identity Management in the Cloud Copyright © 2014, Intel Corporation. All rights reserved Intel Access Governance (Core Platform) Intel Applications Anywhere Cloud AppsCloud Apps Cloud Apps Internal Apps Internal Apps Internal Apps Mobile AppsMobile Apps Mobile Apps Federated Identity Management Strong Authentication Internal External B2C (Social) B2B Inbound SSO OTP SSO Provisioning Active Provisioning JIT Provisioning Registration CURRENT • Multiple IT and Business Group solutions • Cannot integrate at the cadence of business • Lacking key capabilities (multi-factor authentication, inbound federation) FUTURE • Unified & IT delivered solution • Single day startup of Cloud SSO in most cases • Rich capability set proactively meeting business needs 9
  • Summary Copyright © 2014, Intel Corporation. All rights reserved • Significant progress made but this is a long journey and we are only at the beginning. • Co-existence allows us to achieve value incrementally over time. • Focusing on a service-oriented architecture approach allows for quick wins on which we can continue to build. • Align and adopt industry best practices. • Strong leadership and management is key. 10
  • 11 Thank You Copyright © 2014, Intel Corporation. All rights reserved