Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Identity As A Service Evaluation, Implementation, Realized Benefits

1,435 views

Published on

Learn how to evaluate IAM offerings and the trade-off between the customization level available on-premises, and the speed/cost model benefits of SaaS. See how CA Secure Cloud (formerly CA CloudMinder™) can efficiently enable the business with faster implementation times, improved compliance and a reduction in infrastructure and support costs.

For more information on Security solutions from CA Technologies, please visit: http://bit.ly/10WHYDm

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Identity As A Service Evaluation, Implementation, Realized Benefits

  1. 1. ca Securecenter Identity As A Service Evaluation, Implementation, Realized Benefits Drew Koenig SCT10S @binaryblogger #CAWorld Manager of Information Security & Risk Management Univita Health
  2. 2. 2 © 2014 CA. ALL RIGHTS RESERVED. Abstract How to evaluate IAM offerings and the trade- off between the customization level available on-premises, and the speed/cost model benefits of SaaS. How CA Secure Cloud (formerly CA CloudMinder™) can efficiently enable the business with faster implementation times, improved compliance and a reduction in infrastructure and support costs. Drew Koenig Univita Health Manager of Information Security & Risk Management @BinaryBlogger Binaryblogger.com
  3. 3. 3 © 2014 CA. ALL RIGHTS RESERVED. Agenda INTRO IDENTITY MANAGEMENT BACKGROUND Q&A THE MOVE TO THE CLOUD JUSTIFICATION –COSTS AND TIME REALIZED BENEFITS 1 2 3 4 5 6
  4. 4. 4 © 2014 CA. ALL RIGHTS RESERVED. Introduction Information security professional for over 15 years –Financial and health industry –Focused on IAM for a majority of the career Made the move from on-premises IdMto the cloud –CA Identity Manager to CA Secure Cloud –Primary reason was speed of enablement and overall cost value Drew Koenig –Manager of Information Security and Risk Management
  5. 5. 5 © 2014 CA. ALL RIGHTS RESERVED. Identity Management Background On-premises for 2 years, hand built from the ground up. –Windows based, SQL DBs –Out-of-the-box CA Identity Manager installation (JBOSS, CA Directory, etc…) –Dev and prod, internally accessible only, no CA Single Sign-On The team was only 1 to 1 ½ FTE to maintain and advance it The expanding business use became time consuming On-premises Environment CA Identity Manager 12.6 SP2 on-premise
  6. 6. 6 © 2014 CA. ALL RIGHTS RESERVED. Identity Management Background Self-service password reset –Limited to internal access only, need for internet capability Service Desk features for resets, unlocks and other account maintenance features Basic account provisioning with heavy custom flows and processes On-premises Environment CA Identity Manager 12.6 SP2 on-premise
  7. 7. 7 © 2014 CA. ALL RIGHTS RESERVED. The Move To The Cloud Participated in the early alpha tests of CA Secure Cloud Accomplished more in 1 week than 3 months on-premises start to finish –Build, configuration, test Made the strategic decision to move Alpha to Production CA Secure Cloud (formerly know as CA CloudMinder™)
  8. 8. 8 © 2014 CA. ALL RIGHTS RESERVED. The Move To The Cloud The early proposal was declined immediately Initially management only looked at the license costs vs. subscription costs, ignored the proposed value The business looked at IAM as a technology project, not as business enablement Initial Proposal CA Secure Cloud X
  9. 9. 9 © 2014 CA. ALL RIGHTS RESERVED. Justification Went back and broke down the full set of CA Secure Cloud services Laid out exactly what the subscription delivered Built a cost model to show a comparable on-premises build out Expanded internally with HR and Compliance to gain support True Business Value, Look At Everything IAM
  10. 10. 10 © 2014 CA. ALL RIGHTS RESERVED. Identity Management Components IdentityManagement Stack Directory Services Provisioning Engine Workflows Identity and Role Admin Identity Verification Authentication/Authorization/ Federation IT Platform Databases OperatingSystems / Virtualization Storage Networking Hardware HA / DR Consumable Identity Service ServiceInterfaces Customer SpecificConfigurations Customizations To do a legitimate comparison, I laid out the costs to build an on-premises environment that could provide the same set of services that we would receive from CA Secure Cloud
  11. 11. 11 © 2014 CA. ALL RIGHTS RESERVED. Justification –CA Identity Manager –CA Single Sign-On –CA Federation –CA Advanced Authentication –Microsoft Windows, SQL –NetAppStorage, VMWare, HP The Cost To Build Secure Cloud Capabilities On-Premises Required Components
  12. 12. 12 © 2014 CA. ALL RIGHTS RESERVED. Justification Build three environments –Preview, Staging, Production –Approx. 5 servers per environment Patching, troubleshooting, maintenance –Java, Microsoft, CA, backups All outages, issues, problem resolution are yours to solve –Even with vendor assistance Infrastructure Footprint Preview Staging Production
  13. 13. 13 © 2014 CA. ALL RIGHTS RESERVED. IDaaSAllows Full Focus On IdM IdentityManagement StackDirectory ServicesProvisioning Engine Workflows Identity and Role Admin Identity VerificationAuthentication/Authorization/Federation IT Platform Databases OperatingSystems / Virtualization Storage Networking Hardware HA / DR Consumable Identity Service ServiceInterfaces Customer SpecificConfigurations Customizations •Eliminated busy work and trouble shooting •Allowed the Identity Management team to focus on Identity Management
  14. 14. 14 © 2014 CA. ALL RIGHTS RESERVED. Decision to Move Total cost to build was less than pure license vs. subscription Maintenance was a fraction of previous cost –Patching alone saved 20-40 company man-hours a month Complete justification model made it an easy business decision This approach is now used for all cloud service evaluations –Cloud service or ‘build it ourselves’ total cost assessment Value Prevailed Over Cost Components
  15. 15. 15 © 2014 CA. ALL RIGHTS RESERVED. Instant Benefits Within hours of the service being enabled we were online Small JCS server to hook into AD for resets took less than an hour One “Explore and Correlate” and all the users were in Secure Cloud and we were resetting passwords through internet Off and Running Days not months
  16. 16. 16 © 2014 CA. ALL RIGHTS RESERVED. Instant Benefits Unique application model required B2B users deep account access Until CA Secure Cloud the only way they could manage accounts was to call the Service Desk –hundreds a month Now they go to CA Secure Cloud -calls reduced 80 percent in days for B2B calls Off and Running Days not months
  17. 17. 17 © 2014 CA. ALL RIGHTS RESERVED. Summary Improvements In All Areas Overall the move to CA Secure Cloud will save the company money in time, resources and speed to deliver new identity management services to our employees and customers. There is no pressing need to grow the internal team as the capabilities grow. Through the CA Secure Cloud services we have closed several audit findings, strengthened partnership confidence and are able to focus more on improving advanced offerings such as deeper role based provisioning, federation portal capabilities and reporting. The success of the move was not to look at the costs alone but the total value of what those costs brought in terms of services, then compare those to what it would take to do it yourself.
  18. 18. 18 © 2014 CA. ALL RIGHTS RESERVED. For More Information To learn more about Security, please visit: http://bit.ly/10WHYDm Insert appropriate screenshot and textoverlayfrom following“More Info Graphics” slide here; ensure it links to correct page Security
  19. 19. 19 © 2014 CA. ALL RIGHTS RESERVED. For Informational Purposes Only This presentation provided at CA World 2014 is intended for information purposes only and does not form any type of warranty. Content provided in this presentation has not been reviewed for accuracy and is based on information provided by CA Partners and Customers. Terms of this Presentation

×