Identity and Access Management (IAM) is a crucial part of living in a connected world. It involves managing multiple identities of an individual or entity, distributed across disparate portals. In an enterprise, IAM solutions serve as a mean to secure access, control user activities and manage authentication for an App or a group of software (infrastructure).
This detailed PowerPoint brings you the most fundamental concepts and ideas related to identity and access management. Plus, we have debunked some popular IAM myths, so do checkout!
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
Identity and Access Management (IAM) enables more cost-effective and efficient access management, authentication, identity management, and governance across your enterprise.
Read more on How IAM benefits your business and best practices for an effective IAM implementation.
Read more: https://www.veritis.com/solutions/identity-and-access-management-services/
A Zero Trust approach should extend throughout the entire digital estate and serve as an integrated security philosophy and end to end strategy.
Identities. Identities whether they represent people, services, or IOT devices define the Zero Trust control plane. When an identity attempts to access a resource, we need to verify that identity with strong authentication, ensure access is compliant and typical for that identity, and follows least privilege access principles.
Devices. Once an identity has been granted access to a resource, data can flow to a variety of different devices From IoT devices to smartphones, BYOD to partner managed devices, and on premises workloads to cloud hosted servers. This diversity creates a massive attack surface area, requiring we monitor and enforce device health and compliance for secure access.
Applications. Applications and APIs provide the interface by which data is consumed. They may be legacy on premises, lift and shifted to cloud workloads, or modern SaaS applications. Controls and technologies should be applied to discover Shadow IT, ensure appropriate in-app permissions, gate access based on real-time analytics, monitor for abnormal behavior, control of user actions, and validate secure configuration options.
Data. Ultimately, security teams are focused on protecting data. Where possible, data should remain safe even if it leaves the devices, apps, infrastructure, and networks the organization controls. Data should be classified, labeled, and encrypted, and access restricted based on those attributes.
Infrastructure. Infrastructure (whether on premises servers, cloud based VMs, containers, or micro services) represents a critical threat vector. Assess for version, configuration, and JIT access to harden defense, use telemetry to detect attacks and anomalies, and automatically block and flag risky behavior and take protective actions.
Networks. All data is ultimately accessed over network infrastructure. Networking controls can provide critical “in pipe” controls to enhance visibility and help prevent attackers from moving laterally across the network. Networks should be segmented (including deeper in network micro segmentation) and real time threat protection, end to end encryption, monitoring, and analytics should be employed.
Each of these six foundational elements serves as a source of the signal, a control plane for enforcement, and a critical resource to defend. You should appropriately spread your investments across each of these elements for maximum protection.
Identity and Access Management (IAM) is a crucial part of living in a connected world. It involves managing multiple identities of an individual or entity, distributed across disparate portals. In an enterprise, IAM solutions serve as a mean to secure access, control user activities and manage authentication for an App or a group of software (infrastructure).
This detailed PowerPoint brings you the most fundamental concepts and ideas related to identity and access management. Plus, we have debunked some popular IAM myths, so do checkout!
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
Identity and Access Management (IAM) enables more cost-effective and efficient access management, authentication, identity management, and governance across your enterprise.
Read more on How IAM benefits your business and best practices for an effective IAM implementation.
Read more: https://www.veritis.com/solutions/identity-and-access-management-services/
A Zero Trust approach should extend throughout the entire digital estate and serve as an integrated security philosophy and end to end strategy.
Identities. Identities whether they represent people, services, or IOT devices define the Zero Trust control plane. When an identity attempts to access a resource, we need to verify that identity with strong authentication, ensure access is compliant and typical for that identity, and follows least privilege access principles.
Devices. Once an identity has been granted access to a resource, data can flow to a variety of different devices From IoT devices to smartphones, BYOD to partner managed devices, and on premises workloads to cloud hosted servers. This diversity creates a massive attack surface area, requiring we monitor and enforce device health and compliance for secure access.
Applications. Applications and APIs provide the interface by which data is consumed. They may be legacy on premises, lift and shifted to cloud workloads, or modern SaaS applications. Controls and technologies should be applied to discover Shadow IT, ensure appropriate in-app permissions, gate access based on real-time analytics, monitor for abnormal behavior, control of user actions, and validate secure configuration options.
Data. Ultimately, security teams are focused on protecting data. Where possible, data should remain safe even if it leaves the devices, apps, infrastructure, and networks the organization controls. Data should be classified, labeled, and encrypted, and access restricted based on those attributes.
Infrastructure. Infrastructure (whether on premises servers, cloud based VMs, containers, or micro services) represents a critical threat vector. Assess for version, configuration, and JIT access to harden defense, use telemetry to detect attacks and anomalies, and automatically block and flag risky behavior and take protective actions.
Networks. All data is ultimately accessed over network infrastructure. Networking controls can provide critical “in pipe” controls to enhance visibility and help prevent attackers from moving laterally across the network. Networks should be segmented (including deeper in network micro segmentation) and real time threat protection, end to end encryption, monitoring, and analytics should be employed.
Each of these six foundational elements serves as a source of the signal, a control plane for enforcement, and a critical resource to defend. You should appropriately spread your investments across each of these elements for maximum protection.
The cloud is all the rage. Does it live up to its hype? What are the benefits of the cloud? Join me as I discuss the reasons so many companies are moving to the cloud and demo how to get up and running with a VM (IaaS) and a database (PaaS) in Azure. See why the ability to scale easily, the quickness that you can create a VM, and the built-in redundancy are just some of the reasons that moving to the cloud a “no brainer”. And if you have an on-prem datacenter, learn how to get out of the air-conditioning business!
by Apurv Awasthi, Sr. Technical Product Manager, AWS
This session introduces the concepts of AWS Identity and Access Management (IAM) and walks through the tools and strategies you can use to control access to your AWS environment. We describe IAM users, groups, and roles and how to use them. We demonstrate how to create IAM users and roles, and grant them various types of permissions to access AWS APIs and resources. We also cover the concept of trust relationships, and how you can use them to delegate access to your AWS resources. This session covers also covers IAM best practices that can help improve your security posture. We cover how to manage IAM users and roles, and their security credentials. We also explain ways for how you can securely manage you AWS access keys. Using common use cases, we demonstrate how to choose between using IAM users or IAM roles. Finally, we explore how to set permissions to grant least privilege access control in one or more of your AWS accounts. Level 100
Cloud computing and management in IBM.
What is Cloud Management with the example of how IBM uses cloud computing and management to help provide solutions.
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
The cloud is all the rage. Does it live up to its hype? What are the benefits of the cloud? Join me as I discuss the reasons so many companies are moving to the cloud and demo how to get up and running with a VM (IaaS) and a database (PaaS) in Azure. See why the ability to scale easily, the quickness that you can create a VM, and the built-in redundancy are just some of the reasons that moving to the cloud a “no brainer”. And if you have an on-prem datacenter, learn how to get out of the air-conditioning business!
by Apurv Awasthi, Sr. Technical Product Manager, AWS
This session introduces the concepts of AWS Identity and Access Management (IAM) and walks through the tools and strategies you can use to control access to your AWS environment. We describe IAM users, groups, and roles and how to use them. We demonstrate how to create IAM users and roles, and grant them various types of permissions to access AWS APIs and resources. We also cover the concept of trust relationships, and how you can use them to delegate access to your AWS resources. This session covers also covers IAM best practices that can help improve your security posture. We cover how to manage IAM users and roles, and their security credentials. We also explain ways for how you can securely manage you AWS access keys. Using common use cases, we demonstrate how to choose between using IAM users or IAM roles. Finally, we explore how to set permissions to grant least privilege access control in one or more of your AWS accounts. Level 100
Cloud computing and management in IBM.
What is Cloud Management with the example of how IBM uses cloud computing and management to help provide solutions.
Cloud Security is critical to Data Security and Application Resilience against CyberAttacks. This talk looks at Security Best Practices that need to be practised.
This talk was presented at AWS Community Day Bengaluru 2019 by Amar Prusty, Cloud-Data Center Consultant Architect, DXC Technology
Was Ist Identity Relationship Management (IRM) - Webinar auf DeutschForgeRock
Webinar Highlights:
Vorstellung der zwei wichtigsten Säulen des IRM Geschäftlich / Technisch relevante Säulen; Mit dem Forgerock Stack agil auf neue Geschäftstätigkeiten reagieren; Projekt-/Umsetzungsbeispiele
An IAM for Beginners session led by ForgeRock Senior Instructor Matthias Tristl
Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/
Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
Key components of the Enterprise Mobility Suite are Azure AD Premium, Windows Intune and Azure Rights Management.
Learn from Peter De Tender, Microsoft Infrastructure Architect, MCT and MVP not only what the Microsoft Enterprise Mobility Suite is, but also how one can deploy it in an enterprise organization. By attending this session, you will gain the knowledge to optimize the adoption of IT, BYOD and SaaS as the core cloud solution components. Key concepts that will be covered are identity and access management, mobile device management and data protection.
Protect your business with identity and access management in the cloudMicrosoft
Identity is the new control plane. But what do we mean with “control plane” and what about protecting your plane? How do we bring enterprise-grade visibility, control,
and protection to your applications? Identify suspicious activities and advanced attacks on-premises and in the cloud to protect your “control plane”.
Businesses are now challenged to deal with increased workforce mobility and the rise of technology avenues in the market to better serve customers and partners. The prime goal for any business is to protect the assets (digital & physical) and make them securely accessible to customers, partners, vendors and employees. Identity and Access Management (IAM) has been a strong security pillar over the years providing these safe guards. Now, new IAM architecture concepts are rapidly evolving. One such concept is “Hybrid Identity”
Once you integrated with AD for one reason (SSO, one specific workload, etc), gaining access to the rest of the platform (other workloads, different dev stack, etc) is nearly free. Most common tasks take far less code and config than people think! Microsoft Graph makes it possible to do interesting things most people don’t realize, with less effort than anticipated. Come learn how to leverage what you've already done to drive additional business value at scale.
One of the major concerns for most organizations considering cloud services is security in the cloud. Are you looking to secure your cloud environment or services, no matter what they may be – data, operating system, domain or applications from intrusion and vulnerabilities? Azure Active Directory is Microsoft's multi-tenant, cloud-based directory, and identity management service helping secure your cloud and on-premise environments.
In this presentation, we discussed Azure Active Directory (Azure AD) Identity Protection, Conditional Access, Identity Management which uses AI and machine learning capabilities to help secure your cloud environment – Office 365 and Azure. In this session, we discussed
Advanced features of Azure AD
Demonstrate the detection capabilities, and real-time prevention
Navigating Identity and Access Management in the Modern EnterpriseWSO2
Key topics covered:
- Understanding the basics of IAM and its significance in the modern enterprise.
IAM in a platformless environment
- Tackling real-world issues like prioritizing frictionless yet secure user access, securing high-value APIs, integrating to business, compliance, and adapting to cloud native environments with scalable solutions
- Practical demonstrations of how WSO2 products can be instrumental in deploying efficient IAM solutions
- Preparing for upcoming trends and innovations in identity management
3 Building Blocks For Managing Cloud Applications WebinarTodd Clayton
Cost savings and the promise of greater business agility are driving larger numbers of companies to consider moving their business applications to the Cloud. But getting there can be a daunting task. In this Webinar Identity and Access Management experts from CoreBlox, Ping Identity and Radiant Logic will share successful approaches streamlining user provisioning, password management and centralized administration across all of your Cloud-based applications – to help ...
Today, with the advancement of technology, the number of devices, applications,
and users is also growing. It is critical to have a solid Identity and Access
Management (IAM) solution to manage these digital identities and limit the risk of
connections. SailPoint is a pioneer in the field. Therefore, the demand for experts
knowledgeable in secure Identity and Access Management (IAM) technologies such
as SailPoint has surged. Many reputable firms provide fantastic opportunities for
these professionals with a variety of packages
SPIntersection 2016 - MICROSOFT CLOUD IDENTITIES IN AZURE AND OFFICE 365Scott Hoag
Looking to reduce the number of post-it notes you see stuck around the office? Seeking to automate your user creation processes for Office 365? Or maybe you're interested in single sign-on for everything you host in the cloud? Are you questioning what a cloud identity is?
This session will take you through the basics of identity in the Microsoft Cloud and show you to how to set up and configure Office 365 with Azure Active Directory using the Azure Active Directory Synchronization Connect tools.
Hybrid Identity Made Simple - Microsoft World Partner Conference 2016 Follow UpNicole Bray
In this webinar replay you will learn how you can ignite your company’s managed services offering with ServiceControl’s Simplified Hybrid Identity and Account Governance platform. This is the follow-up webinar to our sponsorship of the Microsoft Worldwide Partner conference in July, 2016.
Mark Diodati, Ping Identity
An exploration of three specific trends—the inevitability of adaptive identity (and its impact on APIs), requirements for enterprise-grade IDaaS, and the great challenges of hybrid identity governance—along with recommendations for enterprises that are leaning into modern identity
This is the slide deck used on my webinar session titled " Fundamentals of Microsoft 365 security , Identity and Compliance" .You can find the recording of this webinar here : https://youtu.be/akrEnqK6Dsc
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
2. Stay connected to Allidm
Find us on Facebook:
http: //www. facebook.com/allidm
Follow us on Twitter:
http: //twitter.com/aidy_idm
Look for us on LinkedIn:
http: //www. linkedin.com/allidm
Visit our blog:
http://www.allidm.com/blog
3. Disclaimer and Acknowledgments
The contents here are created as a own personal endeavor and
thus does not reflect any official stance of any Identity and
Access Management Vendor on any particular technology
4. Contact Us
On this presentation we’ll talk about some useful topics that
you can use no matter which identity and access management
solution or product you are working on.
If you know one that make a big difference please tell us to
include it in the future
aidy.allidm@gmail.com
5. What’s Cloud
Cloud computing refers to applications and services
that run on a distributed network using virtualized
resources and accessed by common Internet
protocols and networking standards.
6. Why Identity and Access
Management Cloud?
More IT services are moved to the cloud, determining
who has access to which cloud service is vital to
ensuring privacy and security, as well as the overall
performance of the cloud model.
It also can be complex, especially when multiple cloud
models delivering multiple cloud services are
involved.
7. What look for an IAM Cloud Solution?
User Management
User provisioning
Account management policies
Profile management
Authentication Management
Authorization Management
Investigation support
Logs and audit trails
Compliance management
Regulations such as SOX, the Gramm-Leach-Bliley Act (GLBA), and HIPAA
industry standards such as PCI DSS
8. What look for an IAM Cloud
Solution?...
Federation
Privileged user management
Developer user management
End user management
9. Identity Cloud
The two major IAM solutions you need to look on the cloud are
Single Sign-On ( SSO ) to the Cloud
Users authenticate once and then access multiple Cloud Solutions
without having to log on every time they accessed the system again.
Admin users to have multiple sessions through different browsers
open simultaneously
Provision Cloud Applications
Automated and integrated key IAM functions such as identity and
access governance, user provisioning and password management
Manage user identity attributes on those accounts in Synch
10. Non Technical Identity Cloud
Features
No hardware, software or administration costs
Pay-as-you-go, scalable model
Service levels up to 7×24×365
11. Technical Identity Cloud Features
Deployment option with private cloud, public cloud or
hybrid model
Connect to every customer and partner securely
Synchronize Provisioning and user profiles updates among
Cloud applications
User provisioning/de-provisioning
Automated de-provisioning
Assign rights and access based on identity and role
Detect when a user has been terminated and deprovision
Role Based Provisioning Workflow
12. Technical Identity Cloud Features
Password management and synchronization
Strong Authentication
Two-factor authentication
One-time password
Audit, Compliance and Reporting.
Advanced reporting on user access
13. Support popular target systems
Salesforce
Google Apps
Microsoft Live
Workday
Taleo
Microsoft Business Productivity Online Services
(BPOS)
SPML enabled cloud services
14. Common Identity Cloud Use
Cases
Employees and on-site contractors of an organization
accessing a SaaS service using identity federation
with corporate identities and credentials
IT administrators accessing the Cloud management
console to provision resources and access for users
using a corporate identity
e.g., IT administrators provisioning virtual machines or
VMs in Amazon’s EC2 service
Developers creating accounts for partner users in a
Cloud platform
15. Common Identity Cloud Use
Cases
End users accessing storage service in the cloud and
sharing files and objects with users, within and
outside a domain using access policy management
features
An application residing in a cloud service provider
accessing storage from another cloud service
16. IAM Cloud Standards
SAML
avoid duplication of identity, attributes, and credentials
and provide a single sign-on user experience for users
SPML
Automatically provision user accounts with cloud
services
Automate the process of provisioning and
deprovisioning
XACML
Provision user accounts with appropriate privileges