SlideShare a Scribd company logo
1 of 41
Download to read offline
T H E F U T U R E O F E N T E R P R I S E
I D E N T I T Y M A N A G E M E N T
Architecting for Identity & Access Management (IAM) in the Cloud
Merritt Maxim
Senior Analyst, Security & Risk
David Meyer
Vice President, Product Management
S P E A K E R S
/ / / I N T R O D U C T I O N
/ / / F O R R E S T E R
General SaaS Trends
Challenges with Traditional On-premise IAM
Recommendations
How to Measure IDaaS Success
/ / / O N E L O G I N
Mobile
On-premises Provisioning
Cloud Directory
/ / / Q & A
+
A G E N D A
© 2015 Forrester Research, Inc. Reproduction Prohibited 4
Top line growth, not cost savings, is the
new priority
© 2015 Forrester Research, Inc. Reproduction Prohibited 5
The profile of the technology buyer is
changing
Source: February 10, 2014, “Understanding Shifting Technology Acquisition Patterns” Forrester report
© 2015 Forrester Research, Inc. Reproduction Prohibited 6
Summary revenues for cloud platforms,
business services, and applications —
2008 to 2020
Source: April 24, 2014, “The Public Cloud Market Is Now In Hypergrowth” Forrester report
© 2015 Forrester Research, Inc. Reproduction Prohibited 7
Challenges with
Traditional On-Premise IAM
© 2015 Forrester Research, Inc. Reproduction Prohibited 8
History of IAM
Ad-hoc in-house systems
Custom web
SSO, authz,
provisioning .
. .
Extended help desk systems and password sync
Workflow,
attestation
— and self-
service
password
reset!
On-premises point solutions
Web SSO,
feed-based
provisioning
, RBAC . . .
Access governance
Formal
processes
Cloud IAM
Access
mgmt, then
ID mgmt
© 2015 Forrester Research, Inc. Reproduction Prohibited 9
Challenges with traditional on-prem IAM
› High total cost of ownership (TCO)
› Initial deployment
› Infrastructure
› Ongoing maintenance & upgrades
› Inflexible to support emerging enterprise requirements:
› Mobile, SaaS, API
› Inconsistent reporting/dashboards & analytics
Cloud pulls the CISO in many directions
CISO and security
organization
Shadow IT
LOB procures
cloud services.
Cloud offers
significant
benefits (financial
and operational).
Security
struggles to
reduce cloud
security risks.
Data center is
now loosely
coupled.
CISO can’t say
no (all the time).
© 2015 Forrester Research, Inc. Reproduction Prohibited 11
Partner apps
SaaS apps
Employees
Contractors
Partners
Enterprise computers
Personal devices
Apps in public clouds
App sourcing and hosting
App access channels User populations
Cloud apps and the extended enterprise
drive the need for cloud IAM
On-premises enterprise apps
Apps in private clouds
Members
Customers
Public computers
Enterprise-issued devices
© 2015 Forrester Research, Inc. Reproduction Prohibited 12
IAM for SaaS applications
© 2015 Forrester Research, Inc. Reproduction Prohibited 13
IAM as SaaS
aka IDaaS
© 2015 Forrester Research, Inc. Reproduction Prohibited 14
How to Measure IDaaS Success
© 2015 Forrester Research, Inc. Reproduction Prohibited 15
Buyers see value in IDaaS
› Lower upfront costs
› Shorter time to implement
› Faster ROI
› Reduced risk
› Greater agility to support business
› Frequent, automatic upgrades
© 2015 Forrester Research, Inc. Reproduction Prohibited 16
Measuring the success of an IDaaS
implementation
Costs
› Subscription fees
› Professional services
› Internal labor
Benefits / Cost Savings
› User performing self service – end user
productivity improvements
› Re-allocating IT headcount to higher
value activities
› Better visibility, reporting & analytics
› Audit remediation avoided
› Detecting unused SaaS users
› Reducing risk of security breaches
ROI of 100%+ over
3 years
<
© 2015 Forrester Research, Inc. Reproduction Prohibited 17
Recommendations
© 2015 Forrester Research, Inc. Reproduction Prohibited 18
Recommendations
› Pitch and deliver benefits to sponsors using metrics they
can sell upward
› Assess application coverage and fit of IDaaS vendors
• SAML integration v. browser form-fill
• On-prem v. SaaS v. custom apps
› Plan for future IDaaS requirements now
• Phase 1: SSO & 2-factor authentication
• Phase 2: Provisioning, access governance, MDM longer-term
› Promote the benefits
• Important to keep awareness of IAM value high
© 2015 Forrester Research, Inc. Reproduction Prohibited 19
Manage this handshake
IDaaS vendor & your org have mutual responsibilities
U S E C A S E S
Mobile Identity and Access
On-Premises Provisioning and Onboarding
Cloud Directory and Directory Consolidation
Firewall
Active Directory
Mobile Workers Customers & Partners
Employees
E N T E R P R I S E I D E N T I T Y L A N D S C A P E
U S E C A S E
Mobile Identity and Access
O N E V E R Y D E V I C E
Most mobile apps don’t even support SAML
• Tiny keyboards are incompatible with passwords
• SAML for web + password = #failure
M O B I L E - T H E L A S T M I L E P R O B L E M I N S S O
The mobile apps that do support SAML
• Clunky SAML handshake that requires user to authenticate twice
• Sessions not frequently revalidated because of the sign-in complexity
M O B I L E - S A M L I S N O T T H E S O L U T I O N
Designed for Mobile
Standards-Based
Superior User Experience
Major driver in NAPPS specification work
Leverage vendor traction to change the game
T H E N E W S T A N D A R D F O R M O B I L E S S O
I N B E T A W I T H C U S T O M E R S & P A R T N E R S
N A P P S
W E ’ V E D O N E I T B E F O R E
OneLogin SAML toolkits adopted by 300+ ISVs
600+ SAML apps in our catalog
Driving SCIM for user provisioning
Co-authoring NAPPS standard for mobile SSO
Good standards prevail
SAML-based apps integrated with OneLogin
S T A R T B U I L D I N G T O D A Y
Major ISVs & Major Customers
Building NAPPS Apps Today
Free Toolkits Available
DEVELPERS.ONELOGIN.COM
email: napps-info@onelogin.com
Sandy, Contractor working at a cafe
MFA Required
Rob, Sales meetings from the HQ
Auto logged-in
M O B I L E T R E N D S - D E V I C E S A R E E V E R Y W H E R E
E N D P O I N T S A R E T H E N E W P E R I M E T E R
Brent, In-person Sales meetings at the HQ
No access to Billing
MFA Required
Brent, Designer working at the HQ
Auto logged-in
Finally can manage the actual risk
of mobile access
IT Admin
Private Key Protected
Policy Controlled
NAPPS Enabled
Launch any Web app
Launch any Native App
“Push” based OTP
O N E V E R Y D E V I C E
M O B I L E T R E N D S
• Mobile is becoming the primary mode of work
• % of employees that are full time, in office, is plummeting
• OS vendors are doing more of the heavy lifting for security
• Identity is a growing risk / gap
• Solving identity let’s employees do work without risk
U S E C A S E
On-Premises Provisioning and Onboarding
P R O V I S I O N I N G TO L E G A C Y A P P S
60+ custom fields
PROVISIONING
MAPPINGS
RULES
COMPLIANCE
SAML SSO
CLOUD
APPS
Firewall
PROXY
AGENT
CUSTO
M
PROVISIONING
SCIM
TLS SOCKETPROVISIONING POWER
• Org Hierarchy
• Any Custom Attributes
• Proxy Agents
• Custom Schema
• Scriptlets
• Photos
P R O V I S I O N I N G T R E N D S
• On-premise provisioning infrastructure not suitable for cloud
• Increasing desire to “move off” of on-premises pain
• Shift to Workday (SaaS HCM) puts the data in the cloud
anyway
• Shift to ServiceNow (SaaS ITSM) demands service activation
of cloud apps
• IDaaS is the logical conclusion for SaaS
• IDaaS doing on-premises provisioning makes it complete
U S E C A S E
Cloud Directory and Directory Consolidation
I D A A S A S M E T A D I R E C T O R Y
ACTIVE DIRECTORY
FOREST A
ACTIVE DIRECTORY
FOREST B
OPENLDAPWORKDAY
Contractors
Cloud Directory
APIs
LDAP
Policies
Partners
Employees
A L L T Y P E S O F U S E R S A L L T Y P E S O F A P P L I C A T I O N S
Customers
Custom AppsOn-Prem
Cloud
No External Directory Required
C L O U D D I R E C T O R Y
E X C I T I N G P O S S I B I L I T I E S
D I R E C T O R Y T R E N D S
Heterogeneity is the norm
Increasingly users are mastered in the cloud
This allows a modern workplace that is compliant
This allows policy enforcement outside the domain
Q & A
THANK YOU
David Meyer
Vice President, Product Management
david@onelogin.com
@meyerwork
Merritt Maxim
Senior Analyst, Security & Risk
mmaxim@forrester.com
@merrittmaxim

More Related Content

What's hot

Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a serviceDell World
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will failIBM Security
 
Workshop on Identity & Access Management.
Workshop on Identity & Access Management.Workshop on Identity & Access Management.
Workshop on Identity & Access Management.cisoplatform
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIBM Sverige
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...IBM Security
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
How to Build Security and Risk Management into Agile Environments
How to Build Security and Risk Management into Agile EnvironmentsHow to Build Security and Risk Management into Agile Environments
How to Build Security and Risk Management into Agile Environmentsdanb02
 
Responsible User Empowerment: Enabling Privileged Access Management
Responsible User Empowerment: Enabling Privileged Access ManagementResponsible User Empowerment: Enabling Privileged Access Management
Responsible User Empowerment: Enabling Privileged Access ManagementEnterprise Management Associates
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionCA API Management
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 

What's hot (20)

Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
CA Technologies and Deloitte: Unleash and Protect your Business with Identity...
 
Mt26 identity management as a service
Mt26 identity management as a serviceMt26 identity management as a service
Mt26 identity management as a service
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices 
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
 
Workshop on Identity & Access Management.
Workshop on Identity & Access Management.Workshop on Identity & Access Management.
Workshop on Identity & Access Management.
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
 
IDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENTIDENTITY ACCESS MANAGEMENT
IDENTITY ACCESS MANAGEMENT
 
Identity Governance Solutions
Identity Governance SolutionsIdentity Governance Solutions
Identity Governance Solutions
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
Managing Identity from the Cloud: Transformation Advantages at VantisLife Ins...
 
Tuebora Self Driven IAM
Tuebora Self Driven IAMTuebora Self Driven IAM
Tuebora Self Driven IAM
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
How to Build Security and Risk Management into Agile Environments
How to Build Security and Risk Management into Agile EnvironmentsHow to Build Security and Risk Management into Agile Environments
How to Build Security and Risk Management into Agile Environments
 
Responsible User Empowerment: Enabling Privileged Access Management
Responsible User Empowerment: Enabling Privileged Access ManagementResponsible User Empowerment: Enabling Privileged Access Management
Responsible User Empowerment: Enabling Privileged Access Management
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
 
Identity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT MissionIdentity Management for the 21st Century IT Mission
Identity Management for the 21st Century IT Mission
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
 

Viewers also liked

Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Aujas
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelSarah Moore
 
Leading Trends in IAM Webinar 2: Minimizing Complexities in IT Operations
Leading Trends in IAM Webinar 2: Minimizing Complexities in IT OperationsLeading Trends in IAM Webinar 2: Minimizing Complexities in IT Operations
Leading Trends in IAM Webinar 2: Minimizing Complexities in IT OperationsOneLogin
 
Sydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and HighlightsSydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and HighlightsForgeRock
 
Strategy Ppt External Env[1].C2.Hitt,Ireland&Hokkison
Strategy Ppt External Env[1].C2.Hitt,Ireland&HokkisonStrategy Ppt External Env[1].C2.Hitt,Ireland&Hokkison
Strategy Ppt External Env[1].C2.Hitt,Ireland&HokkisonAurnob Roy
 
Data Center Security
Data Center SecurityData Center Security
Data Center Securitydevalnaik
 
Data Center Security
Data Center SecurityData Center Security
Data Center SecurityCisco Canada
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the FutureCisco Security
 
Tia 942 Data Center Standards
Tia 942 Data Center StandardsTia 942 Data Center Standards
Tia 942 Data Center StandardsSri Chalasani
 
POWER POINT PRESENTATION ON DATA CENTER
POWER POINT PRESENTATION ON DATA CENTERPOWER POINT PRESENTATION ON DATA CENTER
POWER POINT PRESENTATION ON DATA CENTERvivekprajapatiankur
 
Data center Building & General Specification
Data center Building & General Specification Data center Building & General Specification
Data center Building & General Specification Ali Mirfallah
 
Project Management Office (PMO)
Project Management Office (PMO)Project Management Office (PMO)
Project Management Office (PMO)Anand Subramaniam
 
DataCenter:: Infrastructure Presentation
DataCenter:: Infrastructure PresentationDataCenter:: Infrastructure Presentation
DataCenter:: Infrastructure PresentationMuhammad Asad Rashid
 

Viewers also liked (13)

Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016Identity and Access Management Playbook CISO Platform 2016
Identity and Access Management Playbook CISO Platform 2016
 
The Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity ModelThe Gartner IAM Program Maturity Model
The Gartner IAM Program Maturity Model
 
Leading Trends in IAM Webinar 2: Minimizing Complexities in IT Operations
Leading Trends in IAM Webinar 2: Minimizing Complexities in IT OperationsLeading Trends in IAM Webinar 2: Minimizing Complexities in IT Operations
Leading Trends in IAM Webinar 2: Minimizing Complexities in IT Operations
 
Sydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and HighlightsSydney Identity Unconference Introduction and Highlights
Sydney Identity Unconference Introduction and Highlights
 
Strategy Ppt External Env[1].C2.Hitt,Ireland&Hokkison
Strategy Ppt External Env[1].C2.Hitt,Ireland&HokkisonStrategy Ppt External Env[1].C2.Hitt,Ireland&Hokkison
Strategy Ppt External Env[1].C2.Hitt,Ireland&Hokkison
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the Future
 
Tia 942 Data Center Standards
Tia 942 Data Center StandardsTia 942 Data Center Standards
Tia 942 Data Center Standards
 
POWER POINT PRESENTATION ON DATA CENTER
POWER POINT PRESENTATION ON DATA CENTERPOWER POINT PRESENTATION ON DATA CENTER
POWER POINT PRESENTATION ON DATA CENTER
 
Data center Building & General Specification
Data center Building & General Specification Data center Building & General Specification
Data center Building & General Specification
 
Project Management Office (PMO)
Project Management Office (PMO)Project Management Office (PMO)
Project Management Office (PMO)
 
DataCenter:: Infrastructure Presentation
DataCenter:: Infrastructure PresentationDataCenter:: Infrastructure Presentation
DataCenter:: Infrastructure Presentation
 

Similar to The Future of Enterprise Identity Management

Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfمنیزہ ہاشمی
 
Building the digital enterprise for the age of the customer (part 2)
Building the digital enterprise for the age of the customer (part 2)Building the digital enterprise for the age of the customer (part 2)
Building the digital enterprise for the age of the customer (part 2)AE - architects for business and ict
 
Finding Success with Managed Services in the Azure Environment
Finding Success with Managed Services in the Azure EnvironmentFinding Success with Managed Services in the Azure Environment
Finding Success with Managed Services in the Azure EnvironmentHostway|HOSTING
 
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...CA Technologies
 
NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...
NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...
NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...Yottaa
 
How to Automate User Provisioning
How to Automate User Provisioning How to Automate User Provisioning
How to Automate User Provisioning OneLogin
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloudtcarrucan
 
PAC 2020 Santorin - Hari Krishnan Ramachandran
PAC 2020 Santorin - Hari Krishnan RamachandranPAC 2020 Santorin - Hari Krishnan Ramachandran
PAC 2020 Santorin - Hari Krishnan RamachandranNeotys
 
Introduction to Red Hat Mobile Application Platform
Introduction to Red Hat Mobile Application PlatformIntroduction to Red Hat Mobile Application Platform
Introduction to Red Hat Mobile Application PlatformRed Hat India Pvt. Ltd.
 
BusinessIntelligenze - MaaS & SaaS
BusinessIntelligenze - MaaS & SaaSBusinessIntelligenze - MaaS & SaaS
BusinessIntelligenze - MaaS & SaaSBusinessIntelligenze
 
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...Splunk
 
Faster and more efficient processes by combining BPM and Mobile – yes we can!
Faster and more efficient processes by combining BPM and Mobile – yes we can!Faster and more efficient processes by combining BPM and Mobile – yes we can!
Faster and more efficient processes by combining BPM and Mobile – yes we can!Sebastian Faulhaber
 
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud AdoptionAWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud AdoptionAmazon Web Services
 
Do-It-Yourself vs. Off-The-Shelf
Do-It-Yourself vs. Off-The-ShelfDo-It-Yourself vs. Off-The-Shelf
Do-It-Yourself vs. Off-The-ShelfApttus
 
SaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud CapabilitySaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud Capabilitymobiangle
 
Challenges of Mobile HR framework and program
Challenges of Mobile HR framework and programChallenges of Mobile HR framework and program
Challenges of Mobile HR framework and programJinen Dedhia
 
(DVO208) Mission-Critical Business Applications in the Cloud
(DVO208) Mission-Critical Business Applications in the Cloud(DVO208) Mission-Critical Business Applications in the Cloud
(DVO208) Mission-Critical Business Applications in the CloudAmazon Web Services
 
ServiceNow ecosystem - True Blue Partners - Review of key investment and mer...
ServiceNow ecosystem  - True Blue Partners - Review of key investment and mer...ServiceNow ecosystem  - True Blue Partners - Review of key investment and mer...
ServiceNow ecosystem - True Blue Partners - Review of key investment and mer...Sunil Grover
 
Transform DBMS to Drive Apps of Engagement Innovation
Transform DBMS to Drive Apps of Engagement InnovationTransform DBMS to Drive Apps of Engagement Innovation
Transform DBMS to Drive Apps of Engagement InnovationEDB
 

Similar to The Future of Enterprise Identity Management (20)

Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdfImprove_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
Improve_Application_Availability_and_Performance_Sales_Crib_Sheet.pdf
 
Building the digital enterprise for the age of the customer (part 2)
Building the digital enterprise for the age of the customer (part 2)Building the digital enterprise for the age of the customer (part 2)
Building the digital enterprise for the age of the customer (part 2)
 
Finding Success with Managed Services in the Azure Environment
Finding Success with Managed Services in the Azure EnvironmentFinding Success with Managed Services in the Azure Environment
Finding Success with Managed Services in the Azure Environment
 
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
Infrastructure Performance Management: Flexibility Combining Breadth, Depth ...
 
NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...
NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...
NextGen CDNs: Webinar with Dan Rayburn of Frost and Sullivan and Ari Weil of ...
 
Business Intelligenze Corporate
Business Intelligenze CorporateBusiness Intelligenze Corporate
Business Intelligenze Corporate
 
How to Automate User Provisioning
How to Automate User Provisioning How to Automate User Provisioning
How to Automate User Provisioning
 
Auditing in the Cloud
Auditing in the CloudAuditing in the Cloud
Auditing in the Cloud
 
PAC 2020 Santorin - Hari Krishnan Ramachandran
PAC 2020 Santorin - Hari Krishnan RamachandranPAC 2020 Santorin - Hari Krishnan Ramachandran
PAC 2020 Santorin - Hari Krishnan Ramachandran
 
Introduction to Red Hat Mobile Application Platform
Introduction to Red Hat Mobile Application PlatformIntroduction to Red Hat Mobile Application Platform
Introduction to Red Hat Mobile Application Platform
 
BusinessIntelligenze - MaaS & SaaS
BusinessIntelligenze - MaaS & SaaSBusinessIntelligenze - MaaS & SaaS
BusinessIntelligenze - MaaS & SaaS
 
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
 
Faster and more efficient processes by combining BPM and Mobile – yes we can!
Faster and more efficient processes by combining BPM and Mobile – yes we can!Faster and more efficient processes by combining BPM and Mobile – yes we can!
Faster and more efficient processes by combining BPM and Mobile – yes we can!
 
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud AdoptionAWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
AWS May Webinar Series - Industry Trends and Best Practices for Cloud Adoption
 
Do-It-Yourself vs. Off-The-Shelf
Do-It-Yourself vs. Off-The-ShelfDo-It-Yourself vs. Off-The-Shelf
Do-It-Yourself vs. Off-The-Shelf
 
SaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud CapabilitySaaS, MaaS, Cloud Capability
SaaS, MaaS, Cloud Capability
 
Challenges of Mobile HR framework and program
Challenges of Mobile HR framework and programChallenges of Mobile HR framework and program
Challenges of Mobile HR framework and program
 
(DVO208) Mission-Critical Business Applications in the Cloud
(DVO208) Mission-Critical Business Applications in the Cloud(DVO208) Mission-Critical Business Applications in the Cloud
(DVO208) Mission-Critical Business Applications in the Cloud
 
ServiceNow ecosystem - True Blue Partners - Review of key investment and mer...
ServiceNow ecosystem  - True Blue Partners - Review of key investment and mer...ServiceNow ecosystem  - True Blue Partners - Review of key investment and mer...
ServiceNow ecosystem - True Blue Partners - Review of key investment and mer...
 
Transform DBMS to Drive Apps of Engagement Innovation
Transform DBMS to Drive Apps of Engagement InnovationTransform DBMS to Drive Apps of Engagement Innovation
Transform DBMS to Drive Apps of Engagement Innovation
 

More from OneLogin

Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with  Integrated CASB & IDaaS SecurityStop Hackers with  Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityOneLogin
 
Crossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid World
Crossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid WorldCrossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid World
Crossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid WorldOneLogin
 
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS:  Achieve Both Security and Workforce ProductivityZero-compromise IDaaS:  Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce ProductivityOneLogin
 
Leading Trends in IAM Webinar 3: Optimizing User Experience in Cloud Initiatives
Leading Trends in IAM Webinar 3: Optimizing User Experience in Cloud InitiativesLeading Trends in IAM Webinar 3: Optimizing User Experience in Cloud Initiatives
Leading Trends in IAM Webinar 3: Optimizing User Experience in Cloud InitiativesOneLogin
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101OneLogin
 
Integrated Cloud Security
Integrated Cloud SecurityIntegrated Cloud Security
Integrated Cloud SecurityOneLogin
 
Making your Cloud Initiatives Successful
Making your Cloud Initiatives SuccessfulMaking your Cloud Initiatives Successful
Making your Cloud Initiatives SuccessfulOneLogin
 
Security and Convenience Without Compromise
Security and Convenience Without CompromiseSecurity and Convenience Without Compromise
Security and Convenience Without CompromiseOneLogin
 
Cloud Identity and Extending Active Directory Off-Premises
Cloud Identity and Extending Active Directory Off-PremisesCloud Identity and Extending Active Directory Off-Premises
Cloud Identity and Extending Active Directory Off-PremisesOneLogin
 
Fast Track Your Office 365 Deployments with OneLogin
Fast Track Your Office 365 Deployments with OneLoginFast Track Your Office 365 Deployments with OneLogin
Fast Track Your Office 365 Deployments with OneLoginOneLogin
 
How to Take Cloud Access Control to the Next Level
How to Take Cloud Access Control to the Next LevelHow to Take Cloud Access Control to the Next Level
How to Take Cloud Access Control to the Next LevelOneLogin
 
Compliance in the Era of Cloud
Compliance in the Era of CloudCompliance in the Era of Cloud
Compliance in the Era of CloudOneLogin
 
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...OneLogin
 
Is mobile access to cloud apps putting your company at risk?
Is mobile access to cloud apps putting your company at risk?Is mobile access to cloud apps putting your company at risk?
Is mobile access to cloud apps putting your company at risk?OneLogin
 

More from OneLogin (14)

Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with  Integrated CASB & IDaaS SecurityStop Hackers with  Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
 
Crossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid World
Crossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid WorldCrossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid World
Crossing the Chasm from On-prem to Cloud: Managing Identities in a Hybrid World
 
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS:  Achieve Both Security and Workforce ProductivityZero-compromise IDaaS:  Achieve Both Security and Workforce Productivity
Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
 
Leading Trends in IAM Webinar 3: Optimizing User Experience in Cloud Initiatives
Leading Trends in IAM Webinar 3: Optimizing User Experience in Cloud InitiativesLeading Trends in IAM Webinar 3: Optimizing User Experience in Cloud Initiatives
Leading Trends in IAM Webinar 3: Optimizing User Experience in Cloud Initiatives
 
Identity Access Management 101
Identity Access Management 101Identity Access Management 101
Identity Access Management 101
 
Integrated Cloud Security
Integrated Cloud SecurityIntegrated Cloud Security
Integrated Cloud Security
 
Making your Cloud Initiatives Successful
Making your Cloud Initiatives SuccessfulMaking your Cloud Initiatives Successful
Making your Cloud Initiatives Successful
 
Security and Convenience Without Compromise
Security and Convenience Without CompromiseSecurity and Convenience Without Compromise
Security and Convenience Without Compromise
 
Cloud Identity and Extending Active Directory Off-Premises
Cloud Identity and Extending Active Directory Off-PremisesCloud Identity and Extending Active Directory Off-Premises
Cloud Identity and Extending Active Directory Off-Premises
 
Fast Track Your Office 365 Deployments with OneLogin
Fast Track Your Office 365 Deployments with OneLoginFast Track Your Office 365 Deployments with OneLogin
Fast Track Your Office 365 Deployments with OneLogin
 
How to Take Cloud Access Control to the Next Level
How to Take Cloud Access Control to the Next LevelHow to Take Cloud Access Control to the Next Level
How to Take Cloud Access Control to the Next Level
 
Compliance in the Era of Cloud
Compliance in the Era of CloudCompliance in the Era of Cloud
Compliance in the Era of Cloud
 
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
Securing Apps and Data in the Cloud and On-Premises with OneLogin and Duo Sec...
 
Is mobile access to cloud apps putting your company at risk?
Is mobile access to cloud apps putting your company at risk?Is mobile access to cloud apps putting your company at risk?
Is mobile access to cloud apps putting your company at risk?
 

Recently uploaded

QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
How Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit LondonHow Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit LondonHostedbyConfluent
 
Mastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing PerformanceMastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing PerformanceHostedbyConfluent
 
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...HostedbyConfluent
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
AsyncAPI v3: What’s New? | Kafka Summit London
AsyncAPI v3: What’s New? | Kafka Summit LondonAsyncAPI v3: What’s New? | Kafka Summit London
AsyncAPI v3: What’s New? | Kafka Summit LondonHostedbyConfluent
 
Beyond Tiered Storage: Serverless Kafka with No Local Disks
Beyond Tiered Storage: Serverless Kafka with No Local DisksBeyond Tiered Storage: Serverless Kafka with No Local Disks
Beyond Tiered Storage: Serverless Kafka with No Local DisksHostedbyConfluent
 
Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactivestartupro
 
Transport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MITransport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MIRomil Mishra
 
Tecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for RotogravureTecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for RotogravureAntonio de Llamas
 
The Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data EcosystemThe Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data EcosystemSafe Software
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationBuild Intuit
 
Automation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions managementAutomation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions managementDianaGray10
 
Attacking (and Defending) Apache Kafka | Kafka Summit London
Attacking (and Defending) Apache Kafka | Kafka Summit LondonAttacking (and Defending) Apache Kafka | Kafka Summit London
Attacking (and Defending) Apache Kafka | Kafka Summit LondonHostedbyConfluent
 
Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...
Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...
Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...HostedbyConfluent
 
How to Build an Event-based Control Center for the Electrical Grid
How to Build an Event-based Control Center for the Electrical GridHow to Build an Event-based Control Center for the Electrical Grid
How to Build an Event-based Control Center for the Electrical GridHostedbyConfluent
 
Real-time Customer Impact Calculation on a Telecom Scale Knowledge Graph
Real-time Customer Impact Calculation on a Telecom Scale Knowledge GraphReal-time Customer Impact Calculation on a Telecom Scale Knowledge Graph
Real-time Customer Impact Calculation on a Telecom Scale Knowledge GraphHostedbyConfluent
 
Event-Driven Microservices: Back to the Basics
Event-Driven Microservices: Back to the BasicsEvent-Driven Microservices: Back to the Basics
Event-Driven Microservices: Back to the BasicsHostedbyConfluent
 
Case Study: Implementing a Data Mesh at NORD/LB
Case Study: Implementing a Data Mesh at NORD/LBCase Study: Implementing a Data Mesh at NORD/LB
Case Study: Implementing a Data Mesh at NORD/LBHostedbyConfluent
 
Exactly-once Stream Processing with Arroyo and Kafka
Exactly-once Stream Processing with Arroyo and KafkaExactly-once Stream Processing with Arroyo and Kafka
Exactly-once Stream Processing with Arroyo and KafkaHostedbyConfluent
 

Recently uploaded (20)

QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
How Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit LondonHow Do You Query a Stream? | Kafka Summit London
How Do You Query a Stream? | Kafka Summit London
 
Mastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing PerformanceMastering Kafka Producer Configs: A Guide to Optimizing Performance
Mastering Kafka Producer Configs: A Guide to Optimizing Performance
 
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
Leveraging Tiered Storage in Strimzi-Operated Kafka for Cost-Effective Stream...
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
AsyncAPI v3: What’s New? | Kafka Summit London
AsyncAPI v3: What’s New? | Kafka Summit LondonAsyncAPI v3: What’s New? | Kafka Summit London
AsyncAPI v3: What’s New? | Kafka Summit London
 
Beyond Tiered Storage: Serverless Kafka with No Local Disks
Beyond Tiered Storage: Serverless Kafka with No Local DisksBeyond Tiered Storage: Serverless Kafka with No Local Disks
Beyond Tiered Storage: Serverless Kafka with No Local Disks
 
Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactive
 
Transport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MITransport in Open Pits______SM_MI10415MI
Transport in Open Pits______SM_MI10415MI
 
Tecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for RotogravureTecnogravura, Cylinder Engraving for Rotogravure
Tecnogravura, Cylinder Engraving for Rotogravure
 
The Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data EcosystemThe Critical Role of Spatial Data in Today's Data Ecosystem
The Critical Role of Spatial Data in Today's Data Ecosystem
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientation
 
Automation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions managementAutomation Ops Series: Session 3 - Solutions management
Automation Ops Series: Session 3 - Solutions management
 
Attacking (and Defending) Apache Kafka | Kafka Summit London
Attacking (and Defending) Apache Kafka | Kafka Summit LondonAttacking (and Defending) Apache Kafka | Kafka Summit London
Attacking (and Defending) Apache Kafka | Kafka Summit London
 
Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...
Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...
Mastering Kafka Consumer Distribution: A Guide to Efficient Scaling and Resou...
 
How to Build an Event-based Control Center for the Electrical Grid
How to Build an Event-based Control Center for the Electrical GridHow to Build an Event-based Control Center for the Electrical Grid
How to Build an Event-based Control Center for the Electrical Grid
 
Real-time Customer Impact Calculation on a Telecom Scale Knowledge Graph
Real-time Customer Impact Calculation on a Telecom Scale Knowledge GraphReal-time Customer Impact Calculation on a Telecom Scale Knowledge Graph
Real-time Customer Impact Calculation on a Telecom Scale Knowledge Graph
 
Event-Driven Microservices: Back to the Basics
Event-Driven Microservices: Back to the BasicsEvent-Driven Microservices: Back to the Basics
Event-Driven Microservices: Back to the Basics
 
Case Study: Implementing a Data Mesh at NORD/LB
Case Study: Implementing a Data Mesh at NORD/LBCase Study: Implementing a Data Mesh at NORD/LB
Case Study: Implementing a Data Mesh at NORD/LB
 
Exactly-once Stream Processing with Arroyo and Kafka
Exactly-once Stream Processing with Arroyo and KafkaExactly-once Stream Processing with Arroyo and Kafka
Exactly-once Stream Processing with Arroyo and Kafka
 

The Future of Enterprise Identity Management

  • 1. T H E F U T U R E O F E N T E R P R I S E I D E N T I T Y M A N A G E M E N T Architecting for Identity & Access Management (IAM) in the Cloud
  • 2. Merritt Maxim Senior Analyst, Security & Risk David Meyer Vice President, Product Management S P E A K E R S
  • 3. / / / I N T R O D U C T I O N / / / F O R R E S T E R General SaaS Trends Challenges with Traditional On-premise IAM Recommendations How to Measure IDaaS Success / / / O N E L O G I N Mobile On-premises Provisioning Cloud Directory / / / Q & A + A G E N D A
  • 4. © 2015 Forrester Research, Inc. Reproduction Prohibited 4 Top line growth, not cost savings, is the new priority
  • 5. © 2015 Forrester Research, Inc. Reproduction Prohibited 5 The profile of the technology buyer is changing Source: February 10, 2014, “Understanding Shifting Technology Acquisition Patterns” Forrester report
  • 6. © 2015 Forrester Research, Inc. Reproduction Prohibited 6 Summary revenues for cloud platforms, business services, and applications — 2008 to 2020 Source: April 24, 2014, “The Public Cloud Market Is Now In Hypergrowth” Forrester report
  • 7. © 2015 Forrester Research, Inc. Reproduction Prohibited 7 Challenges with Traditional On-Premise IAM
  • 8. © 2015 Forrester Research, Inc. Reproduction Prohibited 8 History of IAM Ad-hoc in-house systems Custom web SSO, authz, provisioning . . . Extended help desk systems and password sync Workflow, attestation — and self- service password reset! On-premises point solutions Web SSO, feed-based provisioning , RBAC . . . Access governance Formal processes Cloud IAM Access mgmt, then ID mgmt
  • 9. © 2015 Forrester Research, Inc. Reproduction Prohibited 9 Challenges with traditional on-prem IAM › High total cost of ownership (TCO) › Initial deployment › Infrastructure › Ongoing maintenance & upgrades › Inflexible to support emerging enterprise requirements: › Mobile, SaaS, API › Inconsistent reporting/dashboards & analytics
  • 10. Cloud pulls the CISO in many directions CISO and security organization Shadow IT LOB procures cloud services. Cloud offers significant benefits (financial and operational). Security struggles to reduce cloud security risks. Data center is now loosely coupled. CISO can’t say no (all the time).
  • 11. © 2015 Forrester Research, Inc. Reproduction Prohibited 11 Partner apps SaaS apps Employees Contractors Partners Enterprise computers Personal devices Apps in public clouds App sourcing and hosting App access channels User populations Cloud apps and the extended enterprise drive the need for cloud IAM On-premises enterprise apps Apps in private clouds Members Customers Public computers Enterprise-issued devices
  • 12. © 2015 Forrester Research, Inc. Reproduction Prohibited 12 IAM for SaaS applications
  • 13. © 2015 Forrester Research, Inc. Reproduction Prohibited 13 IAM as SaaS aka IDaaS
  • 14. © 2015 Forrester Research, Inc. Reproduction Prohibited 14 How to Measure IDaaS Success
  • 15. © 2015 Forrester Research, Inc. Reproduction Prohibited 15 Buyers see value in IDaaS › Lower upfront costs › Shorter time to implement › Faster ROI › Reduced risk › Greater agility to support business › Frequent, automatic upgrades
  • 16. © 2015 Forrester Research, Inc. Reproduction Prohibited 16 Measuring the success of an IDaaS implementation Costs › Subscription fees › Professional services › Internal labor Benefits / Cost Savings › User performing self service – end user productivity improvements › Re-allocating IT headcount to higher value activities › Better visibility, reporting & analytics › Audit remediation avoided › Detecting unused SaaS users › Reducing risk of security breaches ROI of 100%+ over 3 years <
  • 17. © 2015 Forrester Research, Inc. Reproduction Prohibited 17 Recommendations
  • 18. © 2015 Forrester Research, Inc. Reproduction Prohibited 18 Recommendations › Pitch and deliver benefits to sponsors using metrics they can sell upward › Assess application coverage and fit of IDaaS vendors • SAML integration v. browser form-fill • On-prem v. SaaS v. custom apps › Plan for future IDaaS requirements now • Phase 1: SSO & 2-factor authentication • Phase 2: Provisioning, access governance, MDM longer-term › Promote the benefits • Important to keep awareness of IAM value high
  • 19. © 2015 Forrester Research, Inc. Reproduction Prohibited 19 Manage this handshake IDaaS vendor & your org have mutual responsibilities
  • 20. U S E C A S E S Mobile Identity and Access On-Premises Provisioning and Onboarding Cloud Directory and Directory Consolidation
  • 21. Firewall Active Directory Mobile Workers Customers & Partners Employees E N T E R P R I S E I D E N T I T Y L A N D S C A P E
  • 22. U S E C A S E Mobile Identity and Access
  • 23. O N E V E R Y D E V I C E
  • 24. Most mobile apps don’t even support SAML • Tiny keyboards are incompatible with passwords • SAML for web + password = #failure M O B I L E - T H E L A S T M I L E P R O B L E M I N S S O
  • 25. The mobile apps that do support SAML • Clunky SAML handshake that requires user to authenticate twice • Sessions not frequently revalidated because of the sign-in complexity M O B I L E - S A M L I S N O T T H E S O L U T I O N
  • 26. Designed for Mobile Standards-Based Superior User Experience Major driver in NAPPS specification work Leverage vendor traction to change the game T H E N E W S T A N D A R D F O R M O B I L E S S O I N B E T A W I T H C U S T O M E R S & P A R T N E R S N A P P S
  • 27. W E ’ V E D O N E I T B E F O R E OneLogin SAML toolkits adopted by 300+ ISVs 600+ SAML apps in our catalog Driving SCIM for user provisioning Co-authoring NAPPS standard for mobile SSO Good standards prevail SAML-based apps integrated with OneLogin
  • 28. S T A R T B U I L D I N G T O D A Y Major ISVs & Major Customers Building NAPPS Apps Today Free Toolkits Available DEVELPERS.ONELOGIN.COM email: napps-info@onelogin.com
  • 29. Sandy, Contractor working at a cafe MFA Required Rob, Sales meetings from the HQ Auto logged-in M O B I L E T R E N D S - D E V I C E S A R E E V E R Y W H E R E E N D P O I N T S A R E T H E N E W P E R I M E T E R Brent, In-person Sales meetings at the HQ No access to Billing MFA Required Brent, Designer working at the HQ Auto logged-in Finally can manage the actual risk of mobile access IT Admin
  • 30. Private Key Protected Policy Controlled NAPPS Enabled Launch any Web app Launch any Native App “Push” based OTP O N E V E R Y D E V I C E
  • 31. M O B I L E T R E N D S • Mobile is becoming the primary mode of work • % of employees that are full time, in office, is plummeting • OS vendors are doing more of the heavy lifting for security • Identity is a growing risk / gap • Solving identity let’s employees do work without risk
  • 32. U S E C A S E On-Premises Provisioning and Onboarding
  • 33. P R O V I S I O N I N G TO L E G A C Y A P P S 60+ custom fields PROVISIONING MAPPINGS RULES COMPLIANCE SAML SSO CLOUD APPS Firewall PROXY AGENT CUSTO M PROVISIONING SCIM TLS SOCKETPROVISIONING POWER • Org Hierarchy • Any Custom Attributes • Proxy Agents • Custom Schema • Scriptlets • Photos
  • 34. P R O V I S I O N I N G T R E N D S • On-premise provisioning infrastructure not suitable for cloud • Increasing desire to “move off” of on-premises pain • Shift to Workday (SaaS HCM) puts the data in the cloud anyway • Shift to ServiceNow (SaaS ITSM) demands service activation of cloud apps • IDaaS is the logical conclusion for SaaS • IDaaS doing on-premises provisioning makes it complete
  • 35. U S E C A S E Cloud Directory and Directory Consolidation
  • 36. I D A A S A S M E T A D I R E C T O R Y ACTIVE DIRECTORY FOREST A ACTIVE DIRECTORY FOREST B OPENLDAPWORKDAY
  • 37. Contractors Cloud Directory APIs LDAP Policies Partners Employees A L L T Y P E S O F U S E R S A L L T Y P E S O F A P P L I C A T I O N S Customers Custom AppsOn-Prem Cloud No External Directory Required C L O U D D I R E C T O R Y
  • 38. E X C I T I N G P O S S I B I L I T I E S
  • 39. D I R E C T O R Y T R E N D S Heterogeneity is the norm Increasingly users are mastered in the cloud This allows a modern workplace that is compliant This allows policy enforcement outside the domain
  • 40. Q & A
  • 41. THANK YOU David Meyer Vice President, Product Management david@onelogin.com @meyerwork Merritt Maxim Senior Analyst, Security & Risk mmaxim@forrester.com @merrittmaxim