SecureAuth is an IDP. 14 November SecureAuth. All rights reserved.

Size: px
Start display at page:

Download "SecureAuth is an IDP. 14 November SecureAuth. All rights reserved."

Transcription

1 SecureAuth is an IDP 14 November 2012

2 WHY DOES AN ENTERPRISE NEED TO BECOME AN IDENTITY PROVIDER? 2005 ENTERPRISE USERS: 1X ID DEVICE PASSWORD FEW APPLICATIONS VS ENTERPRISE USERS: nx IDS DEVICES PASSWORDS MANY APPLICATIONS BYOD 2

3 WHAT WILL BE THE BENEFIT OF BECOMING AN IDENTITY PROVIDER? AN IDENTITY PROVIDER CAN APPLY SAME POLICIES, PROFILE & PROCEDURES TO CLOUD, MOBILE & WEB/NETWORK APPLICATIONS Copyright

4 WHAT IS AN IdP? 1 2 Enterprise Identity Provider (IdP) Definition: A system that creates, maintains, and manages identity information. Provides principal authentication to other service providers (applications) within a federation or distributed network. User 1. User directed to IdP 2. IdP authenticates user 3. User redirected to SP with token 3 Service Provider (SP) The IdP sends an attribute assertion containing trusted information about the user to the Service Provider (SP). An IdP (Identity Provider) establishes a circle of trust between the User and the Service Provider i.e. Applications 4 Source: MIT Knowledge Base

5 Responsibility Issue Benefits IT Security 2-Factor Log-in User log Network Security Application Manager WHAT CAN YOU DO FOR ME? User access provisioning VPN Wireless Devices SSO on Cloud SAML Provides an audit of access Reduces workflow burden on staff Reduces cost of management Secures access to proliferating apps Enables secure access to every application being managed, from mobile devices, desktops, geographically dispersed devices Streamlines the acceptance and authentication of all identities for application access, whether IDs are social, biometric, mobile, other industry-standard Facilitates the assertion of identities to any application and device on the network Facilitates Cloud migration by leveraging current investment in infrastructure 5

6 SecureAuth IdP Native Mobile Apps Assert identity 2F/SSO 1. Web 2. Gateway / VPN 3. SaaS / Cloud 4. Mobile Apps 2F/SSO for mobile provides 2-Factor Auth Directorybased Auth SSO to other apps No thick client

7 Secure IdP Value: Build vs. Buy Item Home Grown SecureAuth Build WebServer (IdP) (Hardened Server, WebServer, Forms) Manual Automated Identity Authentication (AD SSO) Manual Automated SAML Assertion Manual Automated SAML Attributes Manual Automated X.509 Storage/Signed with Cert Manual Automated SSO Portal (SaaS, Web) Manual Automated Federate ID Mapping Manual Automated 2-Factor Integration Manual Automated IdM tools (PWD reset, Help Desk, etc) Manual Automated Log Authentication Manual Automated Mobile SSO/2Factor Manual Automated 7

8 WHO IS USING SECUREAUTH IdP? FINANCIAL HEALTHCARE GOVERNMENT TECHNOLOGY ENTERTAINMENT RETAIL EDUCATION 2-factor Cisco 2-factor 2-factor ASA Cisco SaaS Portal SAML SP IdP Password Portal Google, reset Password Salesforce, reset Oracle User mgmt. 2-factor Juniper IdP SaaS/SAML portal 2-factor PW reset X.509 IdP SAML to Juniper User mgmt. Help Desk, PW Reset 2-factor IdP Portal for.net Apps User mgmt. 2-factor IdP IBM LDAP - SAML Google PW sync for Mobile 8

9 Western Union Challenge: Needed secure 2-factor for BYOD initiative that is easy to use. Tokens were not only lacking in the security needed, but were far too expensive and difficult to manage for a global deployment. Past Attempts: RSA SecurID No 2-factor Use of own PKI SecureAuth Solution: (10,000 Users) 2-Factor External 2-Factor SecureAuth X.509 on Android platforms and ios IdP SAML -> Juniper Current Project: Testing company portal for Single Sign-on to SaaS applications (Accellion, salesforce, workday) using SecureAuth as the Identity Provider 9

10 State of New Hampshire Challenge: Business Portal for State Web Applications (.NET and Lawson) Past Attempts: Home grown attempts Directory synching (AD, mysql (1M) users, LDAP(Lawson)) https://sson.nh.gov/ SecureAuth Solution: (250,000+ Users) Future: 2-Factor: ASA (VPN) IdP for Employees and Business portal.net apps Lawson IdM User Self-Management (User On-boarding) More web integrations (.NET and other) 10

11 Dish Networks Challenge: 2-Factor Remote Access and Identity/Access Portal Past Attempts: Tokens for remote access Looked at Ping and ADFS2 SecureAuth Solution: (6.5M Users) Future: 2-Factor Cisco ASA SecureAuth IdP Business Portal for Drivers, Employees, Suppliers Web Headers -> SAML SP (SecureAuth) [SAML Attributes] IdM Password Aging/Reset to Siebel partner portal IdP for Google IdP for Dish Hopper 11

12 Demo SecureAuth IdP

13 Blue Cross, Blue Shield - MI Challenge: Deploy Apps, securely to contractors overseas Remote Access Past Attempts: RSA SecurID (coupled with VPN thick client Cisco ASA) SecureAuth Solution: (40,000 Users) 2-Factor External 2-Factor (SecureAuth X.509 w/ SMS, Telephony registraion) International IdP SaaS / SAML IdM 2-Factor Password Reset 2-Factor User Self Management of IDs Help Desk Management of User IDs (2-Factor Revocation) Future: 100+ apps with 2-Factor SecureAuth through F5 APM 1

14 Additional Slides Thank you!

15 HOW DOES SECUREAUTH IdP WORK? 1. Consume Identity From varied resources, devices Desktop, Mobile, Web SSO, AD SSO 2. Map Identity From varied resources Map to relevant data store 3. Authenticate 2-Factor Authentication SMS, Tele, X.509, PIN, Yubikey KBA, , Help Desk 4. Assert Identity X.509 Web Identity VPN, Web, SaaS, Mobile 5. Log the event Text, Syslog 15

16 SecureAuth IdP 2-Factor Authentication SecureAuth Authentication Supports: X.509 v3 Certificates SMS OTP Telephony OTP OTP Help Desk Yubikey USB Keys CAC/PIV Cards Kerberos / IWA Static PIN Custom 16

17 1. SecureAuth IdP SSO (Web) 2-Factor K Assert identity 2F/SSO 1. Web 2. Gateway / VPN 3. SaaS / Cloud 4. Mobile Apps Enterprise Web Applications KBA P 17

18 3. SecureAuth IdP SSO (Cloud/SaaS) SaaS Apps Assert identity 2F/SSO 2-Factor K 1. Web 2. Gateway / VPN 3. SaaS / Cloud 4. Mobile Apps KBA P 18

19 2. SecureAuth IdP SSO (VPN/Gateway) Assert identity 2F/SSO 1. Web 2. Gateway / VPN 2-Factor Gateway / VPNs 3. SaaS / Cloud 4. Mobile Apps KBA P 19

20 SecureAuth IdP - The (4) Resources (4) (3) 4 Key IdP integrations 1. Web 2. VPN/Gateways (2) 3. SaaS/Cloud 4. Mobile (1)

21 HOW DOES SECUREAUTH IdP WORK? 1. Consume Identity From varied resources, devices Desktop, Mobile, Web SSO, AD SSO 2. Map Identity From varied resources Map to relevant data store 3. Authenticate 2-Factor Authentication SMS, Tele, X.509, PIN, Yubikey KBA, , Help Desk 4. Assert Identity X.509 Web Identity VPN, Web, SaaS, Mobile 5. Log the event Text, Syslog 21

I D C V E N D O R S P O T L I G H T

I D C V E N D O R S P O T L I G H T I D C V E N D O R S P O T L I G H T E n f o r c i n g I dentity a nd Access Management i n C l o u d a n d Mobile Envi r o n m e n t s November 2012 Adapted from Worldwide Identity and Access Management

More information

Citrix NetScaler Unified Gateway: Secure User Identity and Achieve Granular Access Control with Federation and Single Sign-On

Citrix NetScaler Unified Gateway: Secure User Identity and Achieve Granular Access Control with Federation and Single Sign-On Solution Brief Citrix NetScaler Unified Gateway: Secure User Identity and Achieve Granular Access Control with Federation and Single Sign-On Enterprise IT organizations face increasing complexity and cost

More information

SECUREAUTH IDP AND OFFICE 365

SECUREAUTH IDP AND OFFICE 365 WHITEPAPER SECUREAUTH IDP AND OFFICE 365 STRONG AUTHENTICATION AND SINGLE SIGN-ON FOR THE CLOUD-BASED OFFICE SUITE EXECUTIVE OVERVIEW As more and more enterprises move to the cloud, it makes sense that

More information

Secure Access Control for Mobile, Cloud, and Web Apps

Secure Access Control for Mobile, Cloud, and Web Apps Secure Access Control for Mobile, Cloud, and Web Apps SecureAuth IdP is a revolutionary platform that provides flexible and secure access control through strong authentication, single sign-on, and user

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

HOL9449 Access Management: Secure web, mobile and cloud access

HOL9449 Access Management: Secure web, mobile and cloud access HOL9449 Access Management: Secure web, mobile and cloud access Kanishk Mahajan Principal Product Manager, Oracle September, 2014 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Oracle

More information

SecureAuth IdP Device Fingerprinting

SecureAuth IdP Device Fingerprinting Technical Brief SecureAuth IdP Device Fingerprinting Low-Friction BYOD Authentication March 2015 Executive Overview The explosion of devices desktops, laptops, and now the plethora of mobile devices has

More information

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release

More information

BYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?

BYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD? BYOD How-To Guide How do I securely deliver my company s applications and data to BYOD? Table of Contents Harness the power of BYOD with Mobile Workspaces Why BYOD? Enterprise Mobile Requirements Mobile

More information

FortiAuthenticator. User Authentication and Identity Management. Last Updated: 17 th April 2015. Copyright Fortinet Inc. All rights reserved.

FortiAuthenticator. User Authentication and Identity Management. Last Updated: 17 th April 2015. Copyright Fortinet Inc. All rights reserved. FortiAuthenticator User Authentication and Identity Management Last Updated: 17 th April 2015 Copyright Fortinet Inc. All rights reserved. FortiAuthenticator Overview Answering your authentication challenges

More information

Cloud Secure Secure Access for Mobile and the Cloud. Alessandro Della Negra Practice Leader Security & Services - Sales Director Westcon

Cloud Secure Secure Access for Mobile and the Cloud. Alessandro Della Negra Practice Leader Security & Services - Sales Director Westcon Cloud Secure Secure Access for Mobile and the Cloud Alessandro Della Negra Practice Leader Security & Services - Sales Director Westcon About Pulse Secure Launch of Pulse Secure business infrastructure

More information

WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES

WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES Executive Overview U.S. Federal mandates dictates that personal with defense related initiatives must prove access

More information

WHITEPAPER SECUREAUTH IDP DEVICE FINGERPRINTING LOW-FRICTION, BYOD AUTHENTICATION

WHITEPAPER SECUREAUTH IDP DEVICE FINGERPRINTING LOW-FRICTION, BYOD AUTHENTICATION WHITEPAPER SECUREAUTH IDP DEVICE FINGERPRINTING LOW-FRICTION, BYOD AUTHENTICATION Executive Overview The explosion of devices laptops, desktops and now the plethora of mobile devices has left enterprises

More information

White Paper. What is an Identity Provider, and Why Should My Organization Become One?

White Paper. What is an Identity Provider, and Why Should My Organization Become One? White Paper What is an Identity Provider, and Why Should My Organization Become One? May 2015 Executive Overview Tame Access Control Security Risks: Become an Identity Provider (IdP) Organizations today

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report KuppingerCole Report EXECUTIVE VIEW by Dave Kearns March 2015 SecureAuth IdP SecureAuth IdP combines cloud single sign-on capabilities with strong authentication and risk-based access control while focusing

More information

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Vikas Jain Director, Product Management Intel Corporation Jesper Tohmo CTO, Nordic Edge (an Intel company) Session ID:

More information

nexus Hybrid Access Gateway

nexus Hybrid Access Gateway Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries

More information

Roadmap to Solving Enterprise Mobility

Roadmap to Solving Enterprise Mobility Roadmap to Solving Enterprise Mobility OUTLINE Enterprise Mobility Problem Start with email and device security Workspace is the right solution for existing assets How to build new apps? Bringing it all

More information

The Who, What, When, Where and Why of IAM Bob Bentley

The Who, What, When, Where and Why of IAM Bob Bentley The Who, What, When, Where and Why of IAM Bob Bentley Product Management Director October 2014 It s a Jungle Out There IAM is more than just provisioning user accounts and managing access to web pages

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

Table of Contents. ProtectID White Paper

Table of Contents. ProtectID White Paper White Paper StrikeForce Technologies, Inc. 1090 King Georges Post Road #603 Edison, NJ 08837, USA http://www.sftnj.com Tel: 732 661-9641 Fax: 732 661-9647 Table of Contents Executive Summary...3 The Challenges...3

More information

WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT

WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT WHITEPAPER SAML ALONE IS NOT SECURE - HERE S HOW TO FIX IT Executive Overview SAML (Security Assertion Markup Language) is a standard that facilitates the exchange of security information. Developed by

More information

Two-Factor Authentication

Two-Factor Authentication WHITE PAPER: TWO-FACTOR AUTHENTICATION: A TCO VIEWPOINT........................................ Two-Factor Authentication Who should read this paper This whitepaper is directed at IT, Security, and Compliance

More information

How to Get to Single Sign-On

How to Get to Single Sign-On How to Get to Single Sign-On Gregg Kreizman Neil Wynne Twitter: @neilwynne Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in

More information

Building Secure Applications. James Tedrick

Building Secure Applications. James Tedrick Building Secure Applications James Tedrick What We re Covering Today: Accessing ArcGIS Resources ArcGIS Web App Topics covered: Using Token endpoints Using OAuth/SAML User login App login Portal ArcGIS

More information

Get Cloud Ready: Secure Access to Google Apps and Other SaaS Applications

Get Cloud Ready: Secure Access to Google Apps and Other SaaS Applications Get Cloud Ready: Secure Access to Google Apps and Other SaaS Applications Matt Weisberg Vice President & CIO, Weisberg Consulting, Inc. matt@weisberg.net Paul McKeith Technical Sales, Novell, Inc. pmckeith@novell.com

More information

TrustedX - PKI Authentication. Whitepaper

TrustedX - PKI Authentication. Whitepaper TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...

More information

SAML SSO Configuration

SAML SSO Configuration SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting

More information

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML

More information

API-Security Gateway Dirk Krafzig

API-Security Gateway Dirk Krafzig API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing

More information

The Cloud, Mobile and BYOD Security Opportunity with SurePassID

The Cloud, Mobile and BYOD Security Opportunity with SurePassID The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs January 2014 SurePassID At A Glance Founded 2009 Headquartered in Orlando, FL 6 sales offices in North America,

More information

Adding Stronger Authentication to your Portal and Cloud Apps

Adding Stronger Authentication to your Portal and Cloud Apps SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well

More information

Horizon Workspace Administrator's Guide

Horizon Workspace Administrator's Guide Horizon Workspace Administrator's Guide Horizon Workspace 1.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition.

More information

The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition

The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition Find out what organizations need to know to compare two-factor vendors and check

More information

RSA Security. RSA, RC2, RC4, RC5, MD5 AES RC6 PKCS RSA Keon PKI. RSA BSAFE 5 Web. RSA SecurID 4000

RSA Security. RSA, RC2, RC4, RC5, MD5 AES RC6 PKCS RSA Keon PKI. RSA BSAFE 5 Web. RSA SecurID 4000 RSA Security RSA, RC2, RC4, RC5, MD5 AES RC6 PKCS RSA Keon PKI RSA BSAFE 5 Web RSA SecurID 4000 EMC Security Strategy 1 Assess Risk EMC Infoscape Discovery Solutions EMC TS Security Practice EMC Services

More information

PROTECT YOUR WORLD. Identity Management Solutions and Services

PROTECT YOUR WORLD. Identity Management Solutions and Services PROTECT YOUR WORLD Identity Management Solutions and Services Discussion Points Security and Compliance Challenges Identity Management Architecture CSC Identity Management Offerings Lessons Learned and

More information

Technology Day 2015 Xylos

Technology Day 2015 Xylos Stay in control of your identity with Azure Active Directory (Premium) Technology Day 2015 Xylos Robin Vermeirsch Sr. IT consultant CCM Azure Active Directory Introduction Competence Center Messaging (CCM)

More information

How Intel Cloud SSO Works

How Intel Cloud SSO Works TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities

More information

PingFederate. SSO Integration Overview

PingFederate. SSO Integration Overview PingFederate SSO Integration Overview 2006-2012 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.6 January, 2012 Ping Identity Corporation 1001 17th Street,

More information

Using Shibboleth for Single Sign- On

Using Shibboleth for Single Sign- On Using Shibboleth for Single Sign- On One Logon to Rule them all.. Kirk Yaros Director, Enterprise Services Mott Community College 1 Agenda Overview of Mott Overview of Shibboleth and Mott s Project Review

More information

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect

Identity Federation: Bridging the Identity Gap. Michael Koyfman, Senior Global Security Solutions Architect Identity Federation: Bridging the Identity Gap Michael Koyfman, Senior Global Security Solutions Architect The Need for Federation 5 key patterns that drive Federation evolution - Mary E. Ruddy, Gartner

More information

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user

More information

PERSPECTIVES. State of the Art. Mobile Single Sign-On to Microsoft Exchange with OWA and ActiveSync

PERSPECTIVES. State of the Art. Mobile Single Sign-On to Microsoft Exchange with OWA and ActiveSync State of the Art Mobile Single Sign-On to Microsoft Exchange with OWA and ActiveSync This document describes a secure single sign-on (SSO) solution for accessing Microsoft Exchange on tablets and smartphones.

More information

Biometric SSO Authentication Using Java Enterprise System

Biometric SSO Authentication Using Java Enterprise System Biometric SSO Authentication Using Java Enterprise System Edward Clay Security Architect edward.clay@sun.com & Ramesh Nagappan CISSP Java Technology Architect ramesh.nagappan@sun.com Agenda Part 1 : Identity

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information

Swivel Secure, ADFS and Office 365

Swivel Secure, ADFS and Office 365 Swivel Secure, ADFS and Office 365 Authentication for Office 365 Abstract This whitepaper describes how, by exploiting the capabilities of Active Directory Federation Services (ADFS) you can deliver both

More information

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY Shane Weeden IBM Session ID: CLD-W01 Session Classification: Advanced Agenda Cloud security

More information

Authentication Addressing a Changing IT Environment

Authentication Addressing a Changing IT Environment Authentication Addressing a Changing IT Environment Seth Geftic RSA, The Security Division of EMC 1 Agenda AGENDA Today s challenges Technology overview Scenarios 2 2 Strong Authentication Supports business

More information

Protect Everything: Networks, Applications and Cloud Services

Protect Everything: Networks, Applications and Cloud Services Protect Everything: Networks, Applications and Cloud Services Tokens & Users Cloud Applications Private Networks Corporate Network API LDAP / Active Directory SAML RADIUS Corporate Network LDAP / Active

More information

Defining Identity and Access Management

Defining Identity and Access Management 2016 Hitachi ID Systems, Inc. All rights reserved. Identity and access management (IAM) systems automate business processes to manage identities, credentials and access rights across systems and applications.

More information

Deploying Multi-Factor Authentication with UCLA Logon

Deploying Multi-Factor Authentication with UCLA Logon Deploying Multi-Factor Authentication with UCLA Logon Common Systems Group Meeting April 26, 2016 Multi-Factor Authentication (MFA) MFA is authentication requiring more than one type of assurance Common

More information

A SEAMLESS EXPERIENCE FOR THE MOBILE DESKTOP

A SEAMLESS EXPERIENCE FOR THE MOBILE DESKTOP A SEAMLESS EXPERIENCE FR THE MBILE DESKTP Frictionless Access Authentication +1-888-690-2424 entrust.com Table of contents Agile Identity For The Evolving Mobile Desktop Page 3 The Need For An Agile Mobile

More information

FIVE REASONS WHY SSO PROJECTS FAIL

FIVE REASONS WHY SSO PROJECTS FAIL FIVE REASONS WHY SSO PROJECTS FAIL FIVE REASONS WHY SSO PROJECTS FAIL Identity is the fundamental security control in the multi-perimeter Enterprise world. Through 2016, Federated Single Sign-On will be

More information

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.

More information

From a functional perspective, here are the general issues covering traditional SSO Identity solutions:

From a functional perspective, here are the general issues covering traditional SSO Identity solutions: What is Keeper SSO Connect? Keeper SSO Connect is a SAML 2.0 and OpenID Connect application which leverages Keeper s zero-knowledge security architecture to securely and seamlessly authenticate users into

More information

Facebook s Security Philosophy, and how Duo helps.

Facebook s Security Philosophy, and how Duo helps. Facebook s Security Philosophy, and how Duo helps. How Duo Factors in to Facebook s Information Security Philosophy The Challenge: Facebook manages personal data for 1.19 billion active users 1 across

More information

The Role of Identity Enabled Web Services in Cloud Computing

The Role of Identity Enabled Web Services in Cloud Computing The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions

More information

The Total Identity Solution

The Total Identity Solution Oracle Identity Management The Total Identity Solution Dan Norris Practice Manager Piocon Technologies, Inc. dnorris@piocon.com Presentation created by Matt Topper Agenda Who is Dan? What is Identity Management?

More information

Masdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae

Masdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department jmikhael@masdar.ac.ae Masdar Institute Single Sign-On: Standards-based Identity Federation John Mikhael ICT Department jmikhael@masdar.ac.ae Agenda The case for Single Sign-On (SSO) Types of SSO Standards-based Identity Federation

More information

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services 1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided

More information

Identity. Provide. ...to Office 365 & Beyond

Identity. Provide. ...to Office 365 & Beyond Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A

More information

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult. Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying

More information

Achieving Identity Federation

Achieving Identity Federation Achieving Identity Federation Tony Da Costa Principal Pre-Sales Consultant African Operations Copyright 2014, Oracle and/or its affiliates. All rights reserved. Safe Harbor Statement The following is intended

More information

PingFederate. SSO Integration Overview

PingFederate. SSO Integration Overview PingFederate SSO Integration Overview 2008-2010 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.2 February, 2010 Ping Identity Corporation 1099 18th Street,

More information

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges 1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda Business challenges

More information

Identity Federation Hub

Identity Federation Hub Identity Federation Hub Federated Fachtagung Single für IAM Sign und On Cybersecurity 31. Oktober 2013, Zürich Agenda On the way to the Deployment Options Inside the Cloud Applications The Beginning: Just

More information

THE MOBILE HELIX SECURE DELIVERY PLATFORM

THE MOBILE HELIX SECURE DELIVERY PLATFORM SECURE ENTERPRISE HTML5 THE MOBILE HELIX SECURE DELIVERY PLATFORM A MOBILE HELIX WHITEPAPER THE MOBILE HELIX SECURE DELIVERY PLATFORM This whitepaper describes the way the Mobile Helix solution delivers

More information

ADDING STRONGER AUTHENTICATION for VPN Access Control

ADDING STRONGER AUTHENTICATION for VPN Access Control ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows

More information

A Standards-based Mobile Application IdM Architecture

A Standards-based Mobile Application IdM Architecture A Standards-based Mobile Application IdM Architecture Abstract Mobile clients are an increasingly important channel for consumers accessing Web 2.0 and enterprise employees accessing on-premise and cloud-hosted

More information

Speeding Office 365 Implementation Using Identity-as-a-Service

Speeding Office 365 Implementation Using Identity-as-a-Service August 2015 www.sarrelgroup.com info@sarrelgroup.com Speeding Office 365 Implementation Using Identity-as-a-Service White paper August 2015 This white paper is sponsored by Centrify. August 2015 www.sarrelgroup.com

More information

Oracle Mobile Security

Oracle Mobile Security Oracle Mobile Security What s New in OMSS 11gR2 Patch Set 3 ORACLE WHITE PAPER MAY 2015 Disclaimer The following is intended to outline our general product direction. It is intended for information purposes

More information

Enable Your Applications for CAC and PIV Smart Cards

Enable Your Applications for CAC and PIV Smart Cards Enable Your Applications for CAC and PIV Smart Cards Executive Summary Since HSPD-2 was signed in 2004, government agencies have issued over 5 million identity badges. About 90% of government workers and

More information

SAM Context-Based Authentication Using Juniper SA Integration Guide

SAM Context-Based Authentication Using Juniper SA Integration Guide SAM Context-Based Authentication Using Juniper SA Integration Guide Revision A Copyright 2012 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete

More information

STRONGER AUTHENTICATION for CA SiteMinder

STRONGER AUTHENTICATION for CA SiteMinder STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive

More information

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon

More information

Connecting Users with Identity as a Service

Connecting Users with Identity as a Service Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service

More information

Web Access Management and Single Sign-On

Web Access Management and Single Sign-On Web Access Management and Single Sign-On Ronnie Dale Huggins In the old days of computing, a user would sit down at his or her workstation, login to the desktop, login to their email system, perhaps pull

More information

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013 MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY EMEA Webinar July 2013 Protecting the Enterprise Full Footprint Mobile user Application access management & Application security Enterprise headquarters

More information

Brief History of Enterprise Mobility. Existing Stuff

Brief History of Enterprise Mobility. Existing Stuff Brief History of Enterprise Mobility Existing Stuff YOUR ASSETS ARE ON A PC TODAY YOU HAVE 50-500 APPS 90% ON-PREMISE 70% WEB 25% WINDOWS IT Owned IT Managed Domain Joined 90% CIFS 5% NATIVE 50% SHAREPOINT

More information

The Centrify Vision: Unified Access Management

The Centrify Vision: Unified Access Management The Centrify Vision: Unified Access Management Control, Secure and Audit Access To Your On-Premise and Cloud-based Infrastructure On-premise Centrify the Enterprise Cloud Personal Devices Mobile Devices

More information

SecureAuth homes in on BYOD management and mobile app access

SecureAuth homes in on BYOD management and mobile app access SecureAuth homes in on BYOD management and mobile app access Analyst: Steve Coplan 16 Apr, 2012 Securing access to enterprise applications from smartphones and mobile tablets has percolated to the top

More information

Exploring Public & Custom Apps in the Enterprise

Exploring Public & Custom Apps in the Enterprise Exploring Public & Custom Apps in the Enterprise Assets: Data from 15,000 apps that organizations have distributed since January 2013 over the last 14 months Data: Average Number of Apps on Mobile Devices

More information

Workspot, Inc. RSA SecurID Ready Implementation Guide. Partner Information. Last Modified: September 16, 2013. Product Information Partner Name

Workspot, Inc. RSA SecurID Ready Implementation Guide. Partner Information. Last Modified: September 16, 2013. Product Information Partner Name RSA SecurID Ready Implementation Guide Partner Information Last Modified: September 16, 2013 Product Information Partner Name Web Site Product Name Version & Platform Product Description, Inc. workspot.com

More information

ADAPTIVE USER AUTHENTICATION

ADAPTIVE USER AUTHENTICATION ADAPTIVE USER AUTHENTICATION SMS PASSCODE is the leading technology in adaptive multi-factor authentication, improving enterprise security and productivity through an easy to use and intelligent solution

More information

SAML-Based SSO Solution

SAML-Based SSO Solution About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,

More information

An Overview of Samsung KNOX Active Directory-based Single Sign-On

An Overview of Samsung KNOX Active Directory-based Single Sign-On C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android

More information

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow VMware Identity Manager AUGUST 2015 V1 Configuring Single Sign-On from VMware Identity Manager to ServiceNow Table of Contents

More information

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper StrikeForce Technologies, Inc. 1090 King Georges Post Rd. Edison, NJ 08837, USA Tel: 732 661-9641 Fax: 732 661-9647 http://www.sftnj.com

More information

Microsoft Enterprise Mobility Suite

Microsoft Enterprise Mobility Suite Microsoft Enterprise Mobility Suite Standalone - overview Peter Daalmans http://configmgrblog.com, peter@daalmans.com IT-Concern John Marcum Enterprise Client Management Architect / johnmarcum@outlook.com

More information

User Identity and Authentication

User Identity and Authentication User Identity and Authentication WordPress, 2FA, and Single Sign-On Isaac Potoczny-Jones ijones@tozny.com http://tozny.com About the Speaker Galois, Inc. - @galoisinc. Research & Development for computer

More information

An Oracle White Paper April Qualcomm Case: Supporting User Federation using Oracle Identity Federation

An Oracle White Paper April Qualcomm Case: Supporting User Federation using Oracle Identity Federation An Oracle White Paper April 2011 Qualcomm Case: Supporting User Federation using Oracle Identity Federation Disclaimer The following is intended to outline our general product direction. It is intended

More information

Secure Collaboration within Organizations, B2B and B2C. eberhard@keyon.ch staible@keyon.ch

Secure Collaboration within Organizations, B2B and B2C. eberhard@keyon.ch staible@keyon.ch Secure Collaboration within Organizations, B2B and B2C eberhard@keyon.ch staible@keyon.ch Definition of the term Collaboration : Working with others to do a task and to achieve shared goals. Major Business

More information

SAML Authentication Quick Start Guide

SAML Authentication Quick Start Guide SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.

More information

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide Samsung KNOX EMM Authentication Services SDK Quick Start Guide June 2014 Legal notice This document and the software described in this document are furnished under and are subject to the terms of a license

More information

OPENIAM ACCESS MANAGER. Web Access Management made Easy

OPENIAM ACCESS MANAGER. Web Access Management made Easy OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access

More information

Integration Guide. SafeNet Authentication Service. Juniper SA Configuration for SAML Authentication with SAS

Integration Guide. SafeNet Authentication Service. Juniper SA Configuration for SAML Authentication with SAS SafeNet Authentication Service Integration Guide Juniper SA Configuration for SAML Authentication with SAS Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013

More information

Self Service Portal and 2FA User Guide

Self Service Portal and 2FA User Guide Self Service Portal and 2FA User Guide Accessing Symantec Self Service Portal Self Service Portal (SSP) is a web-based application which you can use to register, test, reset, or remove Symantec VIP credentials.

More information

Proposal Document TitleDocument Version 1.0 TitleDocument

Proposal Document TitleDocument Version 1.0 TitleDocument G-Cloud - Strong Authentication Service - Service Definition Proposal Document Author TitleDocument Version 1.0 TitleDocument Document publication date - 02/12/2014 Title Document Classification - Public

More information

SAML-Based SSO Solution

SAML-Based SSO Solution About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,

More information