Mt26 identity management as a service

Dell World 2014
Identity and Access Management
MT26 Identity management as a service
Jackson Shaw, Senior Director of Product Management, November, 2014
Dell World
2014

Dell World 2014
IAM challenges in the real world
• For many growing organizations, access control needs have grown beyond their
staff’s ability to efficiently and securely enforce them
• More applications are moving to the cloud
• With the “jack-of-all-trades” approach to IAM, efficiency, security and compliance
inevitably suffer. The smaller the IT staff, the more broadly their skill set is required
to spread.
• The further the line-of-business moves away from provisioning, governance and
access management, the more likely it is that their “real world” of IAM is a mess.
• The skills, time, and tools needed to execute enterprise provisioning and
governance are not there
• The possibility of a big capital investment to address these problems isn’t realistic

Dell World 2014
When does a SaaS
offering make sense?

Dell World 2014
Dell One Identity as a Service
• Addresses your most pressing security, provisioning/de-provisioning, access
control, governance and compliance needs as an operational expense not a capital
investment.
• Delivered through a partnership with Simeio, an end-to-end IAM services and
solutions provider, leveraging Simeio’s Identity as a Service expertise and DirectAxs
cloud computing platform
• Technology
• Sales
• Marketing
• Branding
• Hosting
• Integration/customization
• Support

Dell World 2014
Three modules available
Dell One Identity as a Service
For Provisioning For Governance For Access Control
• Enterprise provisioning
• Access request portal
• Business-driven access
decisions
• Unified workflow and policy
• Self-service password resets
• Reporting
• Attestation/recertification
• Separation of duties
• Role management
• Role-based access control
• Compliance reporting
• Web SSO
• Just-in-time cloud provisioning
• Access control for web apps
• Self-service password resets
• Reporting on WAM rights and
activity

Dell World 2014
Provisioning use cases
Use Cases Description
Identity Origination
 External user self registration
 Integration with HR/Authoritative source
 User created in IAM solution
Self Service & Password Management
• User sets password & challenge response questions
• User forgets password and is able to reset password to all
provisioned applications
• Help desk is able to reset password for user based on
shared secret
Access Request Catalogue
 Application access request process
 2 Level approval Workflow
Provisioning & Deprovisioning
 Creates, modifies and deletes accounts on applications and
infrastructure following the completion of workflow
 Supports on-premises and SAAS applications
 Provisions based on roles defined by customer
Reporting
 Out of the box “who has access to what reports”
 Custom reports based on requirements

Dell World 2014
Provisioning and attestation/recertification

Dell World 2014
Self Service Request

Dell World 2014
Self-service password reset

Dell World 2014
Governance use cases
Identity Seeding
Application & Entitlement Synch
• Integration with applications through connector or flat file synch
• Load account and entitlements and correlate to users
• Define risk level for entitlements
Risk Based Access Certification
 User – Manager access certification
 Risk based view
 Ability for reviewer to certify/revoke access
 Mark accounts for termination
Segregation of Duties
 Define segregation of duty policies
 Enforce SOD compliant provisioning
 Run detective SOD checks
Role Mining
 Role mining using top down and bottom up attributes
Reporting

Dell World 2014
Organization Dashboard

Dell World 2014
IT Shop Dashboard

Dell World 2014
Identity Audit

Dell World 2014
Access control use cases
Identity Seeding
AD/LDAP Integration
• Integration with On Premise Authentication Directory
Self Service & Password Management
• User sets password & challenge response questions
• User forgets password and is able to reset password to all
provisioned applications
• Help desk is able to reset password for user based on shared secret
Web Single Sign On & Federation
 Integrations with On Premise and SAAS Applications for providing
Single Sign On
 Support for SAML, Form Fill, LDAP, Kerberos Authentication
mechanisms
Reporting
 Out of the box “Who accessed what reports”

Dell World 2014
Web single sign-on, federation and access control

Dell World 2014
Create new application for Web SSO

Dell World 2014
Benefits of a SaaS
delivery approach

Dell World 2014
Why Identity as a Service (SaaS) make sense
• Operational vs. capital expenditures
• With the subscription model for SaaS, the payment for IAM services moves from a capital
expenditure to an operational expense. Approvals and accounting for operational spending is
often faster and smoother than capital investments.
• Solution management and maintenance
• No need for an organization to manage on-premises software. Critical tasks such as software
patches, updates, and more fall to the service provider, not your IT team.
• Staff expertise
• Burden on IT staff to learn and become experts on new software is dramatically reduced. In
fact, with IAMaaS, IT can be entirely removed from some tasks, such as provisioning, access
management, and governance.
• Near-immediate deployment
• Most SaaS options can be deployed quickly, delivering value in a fraction of the time of their
on-premises counterparts

Dell World 2014
Why chose Dell One Identity as a Service?
• Built to help organizations move from the tactical to the
strategic and agility-enabling ideal of governance
• Place visibility and control required of IAM in the hands of
those that know “why” things should happen (line-of-
business personnel) not simply those that know “how” to
make them happen (IT)
• Designed with simplicity in mind. Modules are simple to
deploy and use, but also decrease the overall complexity
• Modular and integrated, so you can start where needed and
build from there. There’s no need for a heavy investment in
an underlying technology framework, or extensive
customization to make solutions work together

Dell World 2014
Validation
• By the end of 2017, 20% of IAM purchases will use the IDaaS delivery model, up from less than 10%
in 2014.
• Gartner, “Magic Quadrant for IDaaS,” June 2, 2014, Gregg Kreizman
• The average user must access 27 different applications to do his or her job, and has an average of
six enterprise-issued passwords. The same survey concluded that, on average, it takes more than a
day and a half to provision a new user, and more than half a day to de-provision a user.
• Aberdeen Group
• “We recognize Dell’s leadership when it comes to delivering a comprehensive IAM solution, and we
are pleased to partner with an industry leader to offer a full-featured Identity as a Service solution
to organizations that typically struggle to address IAM needs. The Simeio Business-Ready IAM
Cloud delivered via the industry's first and only Identity Intelligence Center, provides our clients
with a higher level of security and reliability.”
• Hemen Vimadalal, Simeio Solutions, CEO

Dell World 2014
Provisioning module

Dell World 2014
Governance module

Dell World 2014
Access control module
DEFENDER
DELL INTERCEPTOR
Primary
ON PREMISE ENTERPRISE
APPLICATIONS
ACTIVE DIRECTORY
Oracle
EBS
MAINFRAME
SAP
DB NODE 1 DB NODE 2
DELL
INTERCEPTOR
Disaster Recovery
Customer Data Centre
SECURED VPN TUNNELS
Cloud
SAAS
APPS
SAM
L
DELL IDaaS
ACCESS CONTROL
SERVICE
CAM PM
DATABASE
CLUSTER
(Load
Balancer)

Want to learn more about Dell’s
identity protection solutions?
Learn more via email. Start here.
Sign me up!

Mt26 identity management as a service

More Related Content

What's hot

Similar to Mt26 identity management as a service

More from Dell World

Mt26 identity management as a service