• Save
Securing the enterprise  where do i start
Upcoming SlideShare
Loading in...5
×
 

Securing the enterprise where do i start

on

  • 1,073 views

Cloud Asia Singapore 16 May 2013

Cloud Asia Singapore 16 May 2013

Statistics

Views

Total Views
1,073
Views on SlideShare
1,073
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Securing the enterprise  where do i start Securing the enterprise where do i start Presentation Transcript

  • Copyright ©2013 Ping Identity Corporation. All rights reserved.1
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.2Trends Challenging Traditional Security Practices
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.3Old Products Can’t Solve Today’s ProblemsGartner predicts that in less than 3 years 35% of enterprise ITexpenditures will happen outside of the corporate ITbudget.Employees will regularly subscribe to collaboration,analytic and other cloud services they want, all with thepress of a button. Others will simply build their ownapplications using readily available cloud-based tools anddevelopment platforms.IDC says companies will initiate an average of 40 new ITprojects, with or without IT.40$$Analysis put the cost of managing 1 corporate employeeidentity at over $100 and in many cases well over $1,000every year.
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.4EnterpriseAppsAPIYou likely haven’t considered thisEnterprise FirewallPortalCustomersConsumersAffiliatesEmployeesMobile Employees
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.5Click to edit Master title styleYesterday’s Security ModelUsers, applications anddata neatly located inone domain andprotected by a firewall.
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.6Click to edit Master title styleYesterday’s model doesn’t address proliferating silos, BYOD and partner integrationacross the cloud.Partner AppsBYOD &Mobile AppsToday’s Distributed RealityToday’s Distributed RealityEverything important isnow on the outside.
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.7Click to edit Master title styleIdentity is the New PerimeterPartner AppsBYOD &Mobile AppsPerimeter beingredefined as identityto enable a single point ofcontrol across distributedusers, apps & data.
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.8Security Paradigm ShiftIdentity is the new perimeter– Dan Headrick, GE
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.9Future Without PasswordsWhat if you could make your corporate identityportable; enabled via an identity services layerthat is leveraged by ALL applications; much likedatabases and the network are today?
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.10Customer andPartner IdentityEnabling a seamless website experience forcustomers and partnersWorkforce IdentityEnabling convenient workforce SSO/IAMwith centralized IT control.2.Two Primary Use Cases
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.11Enterprise Identity Security CapabilitiesFederation Standard Support• SAML 1.0• SAML 1.1• SAML 2.0• WS-Federation• OpenID• OpenIDConnect• Oauth 2.0• SCIM• WS-Security• WS-Trust• WS-FederationFederation Roles• Identity Provider (IdP)• Service Provider (SP)• Identity Bridge• IdP Discovery• Token Validation• Token Exchange• Authorization Server• Policy Service• API Gateway• Identity BridgeSAML Bindings• HTTP Post• HTTP Artifact• HTTP Redirect• SOAPKey Capabilities• IdP-Initiated SSO• SP-Initiated SSO• Single Log-Out• Attribute Query & XASP• IdP Discovery• Account Linking• Account Mapping• Adaptive Authentication• LDAP• JDBC• Custom (via SDK)• Password Management• Access Portal• Multifactor Authentication• Certificate Management• Express ProvisioningCertificate Validation• CRL• OCSPTrust Models• Unanchored• AnchoredLogging, Monitoring and HA• File-based• Common Event Format (CEF)• Database• Published MIB• N node Clustering• Global Load BalancingSupporting Capabilities• Metadata Exchange• Integration with Thales nShield• Password Management• Integration with MDM products• Support for O365 (active andpassive)Kantara/Liberty Alliance SAMLInterop Certifications• IdP Lite• SP Lite• eGov
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.12Custom Code and Tool Kit Reality – If you’re luckyFederation Standard Support• SAML 1.0• SAML 1.1• SAML 2.0• WS-Federation• OpenID• OpenIDConnect• Oauth 2.0• SCIM• WS-Security• WS-Trust• WS-FederationFederation Roles• Identity Provider (IdP)• Service Provider (SP)• Identity Bridge• IdP Discovery• Token Validation• Token Exchange• Authorization Server• Policy Service• API Gateway• Identity BridgeSAML Bindings• HTTP Post• HTTP Artifact• HTTP Redirect• SOAPKey Capabilities• IdP-Initiated SSO• SP-Initiated SSO• Single Log-Out• Attribute Query & XASP• IdP Discovery• Account Linking• Account Mapping• Adaptive Authentication• LDAP• JDBC• Custom (via SDK)• Password Management• Access Portal• Multifactor Authentication• Certificate Management• Express ProvisioningCertificate Validation• CRL• OCSPTrust Models• Unanchored• AnchoredLogging, Monitoring and HA• File-based• Common Event Format (CEF)• Database• Published MIB• JMX Support• N node ClusteringSupporting Capabilities• Metadata Exchange• Integration with Thales nShield• Password Management• Integration with MDM products• Support for O365 (active andpassive)Kantara/Liberty Alliance SAMLInterop Certifications• IdP Lite• SP Lite• eGov
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.13Legacy IAM StackFEDERATION Single domain (not Cloud-Scale) Proprietary first, standardssecond Costly, heavy & complex– Requires large IT budgets– Lengthy implementations andhidden costs– Requires significantdevelopment resources– Cumbersome migration andupgrade processes Inflexible– Lack of modular, scalablesolutions– Limited deployment optionsCURRENT STACKLIMITATIONS
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.14The Next Generation Proprietary/Customer On-premise software Heavy agent-basedintegration Web only Single Domain Tightly coupled stack Rigid, user-based perpetualpricingTRADITIONAL Open Standards(SAML, SCIM, Oauth, OpenID Connect) Hybrid deploy – On-premiseand Cloud Managed Lightweight, agentlessintegration Web, API and Mobile Cloud & Internet-Scale Deep legacy integration Flexible pricingNEXT-GEN
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.15The Solution12WorkforceIdentityCustomer & PartnerIdentity
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.16Ping Identity Can HelpA desktop to the the cloud.One login. One place to access all work apps.
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.17Convenient, Secure Access for Customers & PartnersCustomer Access On Any Device
  • Copyright ©2013 Ping Identity Corporation. All rights reserved.18Thank you!Stop by our boothor visitwww.pingidentity.com