Legacy on-premises identity and access management (IAM) solutions can slow your organization’s efficiency by forcing employees to focus on administrative tasks rather than business needs. Your organization can benefit from a tool to streamline IAM on AWS that securely connects users and ensures appropriate access to resources. Okta is an integrated identity and mobility management service. Learn through customer use cases how Okta has helped various organizations connect employees to the cloud by leveraging services such as AWS Identity and Access Management (AWS IAM) and logging services like AWS CloudTrail.
Join us to learn:
• Best practices for overcoming IAM challenges in the cloud, such as accessing multiple applications across multiple domains and securing your mobile workforce
• How to authenticate, manage, and secure your users’ access to the AWS Cloud more easily with Okta on AWS
• How to streamline identity management and the associated administrative tasks
Who should attend: IT Manager, IT Security Manager, Solution Architect, Cloud App Architect, Product Management, Product Manager, Business Development
2. $6.53M 56% 70%
Increase in theft of hard
intellectual property
Of consumers indicated
they’d avoid businesses
following a security breach
Average cost of a
data breach
Your Data and IP are Your Most Valuable Assets
https://www.csid.com/resources/stats/data-breaches/ http://www.pwc.com/gx/en/issues/cyber-
security/information-security-survey.html
https://www.csid.com/resources/stats/data-breaches/
3. In June 2015, IDC released a report which found that most customers
can be more secure in AWS than their on-premises environment. How?
Automating logging
and monitoring
Simplifying
resource access
Making it easy to
encrypt properly
Enforcing strong
authentication
AWS Can Be More Secure Than Your Existing
Environment
4. AWS and You Share Responsibility for Security
AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure
Regions
Availability Zones
Edge Locations
Identity &
Access Control
Network
Security
Customer Applications & Content
You get to
define your
controls ON
the Cloud
AWS takes
care of the
security OF
the Cloud
You
Inventory
& Config
Data
Encryption
5. Constantly Monitored
The AWS infrastructure is protected by extensive network and security
monitoring systems:
Network access is monitored by AWS
security managers daily
AWS CloudTrail lets you monitor
and record all API calls
Amazon Inspector automatically assesses
applications for vulnerabilities
6. Highly Available
The AWS infrastructure footprint protects your data from costly downtime
35 Availability Zones in 13 regions for
multi-synchronous geographic redundancy
Retain control of where your data resides
for compliance with regulatory requirements
Mitigate the risk of DDoS attacks using
services like AutoScaling, Amazon Route 53
7. Integrated With Your Existing Resources
AWS enables you to improve your security using many of your existing
tools and practices
Integrate your existing Active Directory
Use dedicated connections as a secure,
low-latency extension of your data center
Provide and manage your own encryption
keys if you choose
9. Streamlining Identity Management &
Administration on AWS
Stephen Lee – Dir. Business Development & Partner Solutions
October 20th, 2016
10. Value for IT Value for Developers
Productive workforce
Reduced IT costs
Enhanced security
IT Transformation
Build web, SaaS & mobile apps
Customer loyalty programs
Supply chain integrations
Increase Revenue
+
+
Okta Overview
+
+
13. This research note is restricted to the personal use of nick.wood@okta.com
This research note is restricted to the personal use of nick.wood@okta.com
Magic Quadrant
Figure 1. Magic Quadrant for Identity and Access Management as a Service, Worldwide
Source: Gartner (June 2016)
Gartner, Inc. | G00279633 Page 3 of 35
Category Creator, Category Leader
Okta has been a leader in every single Gartner IDaaS Magic
Quadrant, the only company to achieve this.
14. Thousands of Enterprise Customers
Ed, Gov,
Non-Profit
Services Media ConsumerTechnology
Manufacturing,
Energy
FinanceCloudHealth
17. How to Manage Multiple AWS Accounts with Okta?
Single
Sign-On
Universal
Directory
Lifecycle
Management
API Access
Management
Adaptive
Multi-Factor
Authentication
Mobility
Management
Developer
SDKs
18. What is a Cross-Account Role?
Retail Account
Cross-account trust
Amazon
EC2 Admins
Identity Account
Retail Amazon
EC2 Admins
Identity provider trust
22. What’s the Okta AWS-CLI Assume Role Tool?
Sign in with Okta on the command line
Select a role you have access to in the command line
The tool automatically
– Generates temporary API keys on your machine (1 hour)
– Generates a unique profile in the AWS credentials file
– (Optional) Maps to the cross-account role linked with the role you selected in the
AWS config file
Allows you to perform CLI operations with your Okta account
– Potentially using multiple profiles at the same time