Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Putting Security in Identity-as-a-Service

802 views

Published on

The identity-as-a-service solutions of today are helping many businesses address the password management problem, enabling a seamless experience to end users and delivering IT efficiencies. But, as more and more enterprises put the cloud at the center of their enterprise IT, is that enough? Join this session to learn about the security challenges of a SaaS-first world, the transformation needed in identity-as-a-service to address these challenges and what CA Technologies is doing to deliver on this transformation. Seating is limited and available first come-first served.

For more information, please visit http://cainc.to/Nv2VOe

Published in: Technology
  • Be the first to comment

Putting Security in Identity-as-a-Service

  1. 1. Putting Security in Identity-as-a-Service Nishant Kaushik Security CA Technologies Advisor, Product Management SCT22T @NishantK #CAWorld
  2. 2. 2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For Informational Purposes Only © 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The presentation provided at CA World 2015 is intended for information purposes only and does not form any type of warranty. Some of the specific slides with customer references relate to customer's specific use and experience of CA products and solutions so actual results may vary. Certain information in this presentation may outline CA’s general product direction. This presentation shall not serve to (i) affect the rights and/or obligations of CA or its licensees under any existing or future license agreement or services agreement relating to any CA software product; or (ii) amend any product documentation or specifications for any CA software product. This presentation is based on current information and resource allocations as of November 18, 2015, and is subject to change or withdrawal by CA at any time without notice. The development, release and timing of any features or functionality described in this presentation remain at CA’s sole discretion. Notwithstanding anything in this presentation to the contrary, upon the general availability of any future CA product release referenced in this presentation, CA may make such release available to new licensees in the form of a regularly scheduled major product release. Such release may be made available to licensees of the product who are active subscribers to CA maintenance and support, on a when and if- available basis. The information in this presentation is not deemed to be incorporated into any contract. Terms of this Presentation
  3. 3. 3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Agenda CLOUD IN THE ENTERPRISE SECURITY CONCERNS WHEN MANAGING SAAS INTRODUCING CA SAAS APP SECURITY THE SHARED RESPONSIBILITY MODEL THE MYTH OF SSO BASED CONTROL COMPREHENSIVE ENTERPRISE IDENTITY-AS-A-SERVICE 1 2 3 4 5 6
  4. 4. 4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Modern Enterprise IT is Cloudy
  5. 5. 5 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Greater Collaboration & Productivity
  6. 6. 6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Enabling the Agile Enterprise
  7. 7. 7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Any Where, Any Time, Any Device
  8. 8. 8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Impact on the Bottom Line
  9. 9. 9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Making the Leap to SaaS
  10. 10. 10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD But … What About Security?
  11. 11. 11 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Greater Convenience, Greater Risk
  12. 12. 12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Enterprises Recognize A Problem Over two-thirds of businesses lack full confidence in their ability to effectively and securely manage permissions within SaaS applications Source: A commissioned study conducted by Forrester Consulting on behalf of CA Technologies, September 2015
  13. 13. 13 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The Shared Responsibility Model Cloud Service Providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to & usage of the cloud application
  14. 14. 14 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD What is the most common way in which your organization has implemented the following security capabilities for SaaS applications?” Enterprises are Looking for Answers Source: A commissioned study conducted by Forrester Consulting on behalf of CA Technologies, September 2015 0% 20% 40% 60% 80% 100% 1 2 3 4 Series4 Series3 Series2 Series1
  15. 15. 15 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD A Problem of Scale & Expertise
  16. 16. 16 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD The Myth of SSO-based Control
  17. 17. 17 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Myth Busting SSO-based Control  Account De-provisioning  Reliance on password replay  Automatic provisioning  Entitlement process  Centralized compliance reporting
  18. 18. 18 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD So What are You Really Missing?  How do I get visibility into who has what access to my applications, and my data?  How can I manage the security of my cloud applications the same way I would on- premises applications?  IT’s new role is to enable, so how can I scale the secure adoption of SaaS?
  19. 19. 19 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Current IDaaS has Limited Scope Authentication BasicorJITUser Management DirectoryServices Federation DirectorySync SaaS Applications On-premises Applications Current IDaaS Directory
  20. 20. 20 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Comprehensive IDaaS Delivers Security Authentication IdentityAnalytics PrivilegedAccount Management IdentityLifecycle Management DirectoryServices+ Authorization Federation Fine-grained UserProvisioning SaaS Applications On-premises Applications Comprehensive IDaaS Access Governance
  21. 21. 21 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Introducing CA SaaS App Security
  22. 22. 22 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Introducing CA SaaS App Security  Deep, contextual identity-based security controls out-of- the-box enables organizations to Quickly Adopt SaaS Without Compromising Security  Increased Productivity and Security by automating your Identity & Access Management processes and enforcing policies  Deliver an Easy-to-Manage and Cost Effective IDaaS solution by enabling self-service administration, and providing predefined capabilities and integrations based on industry best practices  Simple, Intuitive User Experience for End-Users, Business Users and Administrators Built to Meet the Needs of the Modern Enterprise
  23. 23. 23 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Introducing CA SaaS App Security Built to Meet the Needs of the Modern Enterprise User Account Provisioning, De-provisioning Single Sign-on Rogue & Orphan Account Detection & Remediation Authentication w/ 2FA CA SaaS App Security Active Directory User Management
  24. 24. 24 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD A True Identity Graph The Foundation for delivering comprehensive, identity-based security services Chatter Moderator System Admin Sales Directors CFO Channel Sales Team jsmith@ forwardinc.com Sales Profile Profile Role Role Role App Account Person Person Department Has Account Has Manager Member Of Account Privilege Privilege Privilege Privilege Privilege Has Privilege Has Privilege
  25. 25. 25 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Make it Easy and Secure for People to Sign In  Authenticate users using a strong password supplemented by two-factor authentication  Reduce helpdesk overhead thanks to self- service password management and forgotten password recovery  Give your users the ease and convenience of Single Sign-On to your SaaS apps Authentication Services
  26. 26. 26 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Take Control of Who has What Access in your SaaS App Fine-Grained User Provisioning  Automate the provisioning and de-provisioning of user accounts in your SaaS Apps  Go deeper to manage the entitlements (groups, roles, permissions) of your users  Get visibility into existing accounts & entitlements  Detect and remediate the existence of orphan and rogue accounts thanks to continuous monitoring  Leverage pre-defined integrations that understand the specific nuances of the target application
  27. 27. 27 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Manage the Lifecycle of Identities and Enforce Policies Identity Lifecycle Management  Comprehensive Joiner, Mover and Leaver processes  Automated Rule-based Provisioning and De-provisioning of Accounts (with Entitlements) triggered by Joiner & Mover events  Leaver Process that automates Account De-provisioning  Self-Service and Administrative Profile Management
  28. 28. 28 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Some Ways that CA SaaS App Security Can Help Manage and Control Access to Amazon Web Services  In a Devops and Agile environment, track the access and authorization users have in different AWS accounts  Automate the management of privileged accounts  Automate removal of access in response to change events  Provide SSO for users to access multiple AWS accounts Contractor Management  Create a System of Record for tracking contractors  Avoid forcing contractors into employee systems  Give hiring managers an easy way to self-manage their contractors  Define and enforce policies around contractor access  Remove access when the contractors leave
  29. 29. 29 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Partner With Us For a limited time, sign up to become a customer validation partner for CA SaaS App Security. Special incentives are available. Just register at http://bit.ly/validate-ca-saas- app-security, or send an email to nishant.kaushik@ca.com See A Demo Secure Access to SaaS Apps Exhibition Center Security Content Area Discuss Learn More About CA SaaS App Security Nishant Kaushik nishant.kaushik@ca.com
  30. 30. 30 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Recommended Sessions SESSION # TITLE DATE/TIME SCT18T Common Challenges of Identity Management and Federated Single Sign-On in a SaaS World 11/19/2015 at 3:45 pm
  31. 31. 31 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Q & A
  32. 32. 32 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD For More Information To learn more, please visit: http://cainc.to/Nv2VOe CA World ’15

×