Your SlideShare is downloading. ×
Optimizing IAM with Single Sign-On From the Cloud to On-Premise
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Optimizing IAM with Single Sign-On From the Cloud to On-Premise

365
views

Published on

Single sign-on is no longer an option – it’s critical to ensuring companies have secure access to the vast numbers of applications running internally, on the Web and in the cloud for competitive and …

Single sign-on is no longer an option – it’s critical to ensuring companies have secure access to the vast numbers of applications running internally, on the Web and in the cloud for competitive and strategic advantage. Mycroft and CA Technologies conducted a highly educational webinar that examined the different deployment and expansion options for SSO, including Mycroft’s newest low cost, on demand solution based on CA’s CloudMinder platform, and how these solutions can become extensions to existing on-premise environments, that effectively address today’s authentication challenges.

The first in a series focused on IAM innovation, this interactive webinar was be led by Lester Rivera, Mycroft Sr. Consultant & Product Solutions Manager Technologies’ Herb Mehlhorn, Advisor, Product Management

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
365
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Proactive MonitoringIncident ManagementProblem Management & Problem ReportingProblem Resolution and RoutingChange ManagementRelease ManagementConfiguration ManagementService Level ManagementQuery ManagementService ReportingData Collection Development ManagementRequest Management 
  • Transcript

    • 1. • Why SSO? • A Challenge for the Enterprise • Deployment models • Hybrid IAM • Q & A Optimizing IAM with Single Sign-On from the Cloud to On-Premise Copyright ©2013 Mycroft Inc. All rights reserved
    • 2. Moderator Shanley Stern, Sr. Director Marketing, Mycroft Inc. Presenter Lester Rivera, Sr. Business Solutions Architect, Mycroft Inc. Presenter Herb Mehlhorn, Product Manager, CA Technologies INTRODUCTIONS Copyright ©2013 Mycroft Inc. All rights reserved
    • 3. Why Single Sign-On? WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
    • 4. SSO – SIMPLY STATED Copyright ©2013 CA. All rights reserved Mobile employee or Customer Partner User Internal Employee Enterprise or Partner Apps Cloud Apps/Platforms & Web Services SaaS Data Identities App/Resource App/Resource ClientSide
    • 5. A Challenge for the Enterprise WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
    • 6. WHAT TO LOOK FOR IN SSO PRODUCTS – CLIENT SIDE Copyright ©2013 CA. All rights reserved User Administrator Resources Supported Devices Supported User Interfaces Browser Mobile Application Terminal Emulator Desktop/ Laptop Tablet Smart Phone
    • 7. WHAT TO LOOK FOR IN SSO PRODUCTS – RESOURCE SIDE Copyright ©2013 CA. All rights reserved User Administrator Resources Apps/Resources Location of App On Premise Partner Site Partner App Access Path PaaS SiteSaaS App Rest API via Gateway Http over corp. Network Http over Internet Web Services
    • 8. WHAT TO LOOK FOR IN SSO PRODUCTS – FROM CLIENT TO RESOURCE Copyright ©2013 CA. All rights reserved Administrator Resources Authentication User Experience User Password SmartCard + X.509 ArcotID® OpenID OAuth Single Sign on Personalized Experience Single Logoff Enforcement Context of the authentication Web Agent Proxy Gateway Native to the App
    • 9. WHAT TO LOOK FOR IN SSO PRODUCTS – ADMINISTRATION Copyright ©2013 CA. All rights reserved User Administrator Resources • Managing SSO • Ability to manage the authentication and access via a UI or programmatic interface • …with efficiency • for all resource types via a single UI • for all access paths via a single UI • for all authentication policies via single UI • ….with confidence • provide ability to flexibly segregate and delegate administration • generating necessary log and audit data for governance and compliance purposes
    • 10. SSO also requires: DON’T FORGET THESE OTHER KEY REQUIREMENTS Copyright ©2013 CA. All rights reserved User Administrator Resources Identity life cycle management Effective monitoring Efficient delivery if using physical authentication methods
    • 11. WHAT’S AVAILABLE IN THE MARKET Thick Client SSO Web/Html Client SSO TIME Web/Html Client SSO via Federation Web/SOAP Client SSO via WS-* Web & Mobile native SSO via REST & API • Similarities across each of these developments: - SSO experience for the end user - Needed security characteristics of the solution • Differences - Location of the resource - Access path to the resource Copyright ©2013 CA. All rights reserved
    • 12. Deployment Models WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
    • 13. CHOOSE YOUR DEPLOYMENT MODEL Copyright ©2013 Mycroft Inc. All rights reserved On-Demand • Deployed in third- party datacenter • Subscription pricing model, no hardware required • Federated SSO everywhere • No VPN, no Firewall changes • Fully managed On-Premise • Deployed at enterprise datacenter • Allows for customization • Requires professional services, longer deployment times Hosted • Deployed in third- party datacenter (private cloud) • Connected to enterprise thru VPN • Available as Managed Service
    • 14. CHOOSE YOUR DEPLOYMENT MODEL Copyright ©2013 Mycroft Inc. All rights reserved On-Demand Important to me: • Tactical solution • Very quick to market • OpEX rather than CapEX • Standardized & ooB • Local market • No hardware hassle • Very small TCO On-Premise Important to me: • Strategic solution • Innovation • Individuality • Differentiate also by services • Tend to prefer CapEx • International market • Ownership Hosted Important to me: • Quick time to market • Some individuality • Some innovation • Tend to prefer OpEx • Sense of ownership • TCO • Differentiate from competition by assortment & price
    • 15. HOW DO THEY COMPARE? Not only about CAPEX vs. OPEX • About optimizing 3 Es • Effectiveness • Economy • Efficiency On-Premise Hosted On Demand Benefits of Hosted Infrastructure Hardware acquisition not required Implementation SMEs readily available Operation 24x7 SOC, no internal management needed Security Top tier Most effective, economical & efficient More effective, economical & efficient Effective, economical & efficient Copyright ©2013 Mycroft Inc. All rights reserved
    • 16. THINGS TO CONSIDER SSO…is even MORE important • Federate, Federate, Federate, Federate, Federate, Federate, Federate, F.E.D.E.R.A.T.E. • Request for access needs to be simple, powerful, pervasive…not just about user accounts! • SAML, OAuth, OpenID, WS-FED (Office365) Provisioning goes Just-In-Time • More SaaS applications supports it • BUT, no real automated de-provisioning Identity Governance continues to be important • Governance, risk, & compliance (GRC) • Ignores the enterprise “fence”; Data and users are mobile Think APIs…Everything is an API • Keep simple & authorize well • BUT not every API requires user accounts; sometimes you authorize device, source, etc. • AND sometimes the point is really identify the source Security is Policy-based • Security takes place outside of the app • Programmatic vs. declarative Copyright ©2013 Mycroft Inc. All rights reserved
    • 17. Hybrid IAM WHY SSO? A CHALLENGE FOR THE ENTERPRISE DEPLOYMENT MODELS HYBRID IAM Q & A Copyright ©2013 Mycroft Inc. All rights reserved
    • 18. HYBRID IAM Copyright ©2013 Mycroft Inc. All rights reserved
    • 19. On-Premise Enterprise Apps Customers Partners Federated SSO Advanced Authentication Employees Privileged Identity Mgt Identity Governance Identity Management Identity Management Identity Governance Advanced Authentication Access Management Privileged Identity Mgt On-Premise Connector Cloud Platforms SaaS Enterprise Datacenter Copyright ©2013 Mycroft Inc. All rights reserved MYCROFT XSPECTRA ON-DEMAND SERVICE ARCHITECTURE
    • 20. A single log-on, launch any SaaS application available to you Copyright ©2013 Mycroft Inc. All rights reserved MYCROFT XSPECTRA ON-DEMAND SERVICE
    • 21. IN A NUTSHELL SSO…is critical • Simple, powerful access to applications a single log on - whether on-premise, in the cloud or hosted • Increased user productivity & overall company efficiency • Essential for security Deployment Models • Your organization has options • Cloud vs on-premise vs on-demand. Examine the pros and cons as it relates to your environment, as well as the overall efficiency, effectiveness & economy of each option Hybrid IAM • It doesn’t matter where your application is – behind the firewall or in the cloud • Scalable – seamless end-user experience between on-premise & cloud-based applications Security is Policy-based • Security takes place outside of the app • Programmatic vs. declarative Copyright ©2013 Mycroft Inc. All rights reserved
    • 22. Q & A Contact Mycroft: 212-983-2656 info@mycroftinc.com www.mycroftcloud.com @MycroftXSpectra Sales Inquiries: Nicole Koopman 347-244-5481 Nicole.koopman@mycroftinc.com