Identity and Access. Management in Cloud. December 21, 2012

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Identity and Access. Management in Cloud. December 21, 2012"

Transcription

1 Identity and Access Management in Cloud December 21, 2012

2 Agenda 1. Identity and Access Management (IAM) 2. What is Cloud 3. Operating Models 4. Risk and Challenges 5. Vendors Landscape 1

3 Identity and Access Management

4 What is a digital identity? The digital representation of a user, including a unique identifier, credentials, and both common and application-specific profiles. User Identity: First Name, Last Name, Unique Identifier, Date of Birth Account Credentials: Login ID and password SecurID card, other strong authentication factors Common Profiles: Job Functional Roles Business Unit Office Location Manager/Supervisor User User s Digital ID Application Profiles: Permission levels Access control items Limited Access* Update Personal Web Parts Add/Remove Personal Web Parts Manage Personal Views Approve Items Delete Versions View Versions Cancel Checkout Open Items View Items Delete Items Read ü ü ü Contribute Design Full Control ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü ü New in Window SharePoint Services (version 3)? No No No New New New No New No No 3

5 Large Financial Institution - Case Study in Identity Fraud Creates a false portfolio and begins issuing trades circumventing Credit and trade size controls (late 2006) Flag: Failure to detect inappropriate access and SOD violations SoD Violation John starts work in the Risk Compliance and Control section of the bank s middle office (2000) Forges trade acknowledgements from bank that goes unconfirmed triggering an investigation (Jan 2008) Misappropriate names and passwords of colleagues to mask his fraud. Flag: Ineffective user authentication & Identity risk management Transfers to front office as a trader (2005) Flag: Failure to deprovision access Social Engineering Enters fabricated offsetting trades before nightly reconciliation concealing his fictitious trade positions (thru 2007) Flag: Inadequate user activity logging/monitoring Ineffective Deprovisioning Processes Abuse of privileges Outmaneuvers trading risk control Framework Flag: Ineffective IT Risk management No SIEM Company loses $7.2B after unwinding the fraudulent trade positions (Jan 24, 2008) 4

6 How to relate Identity and Access? Ensuring that only authorized users have access to information resources means managing Digital Identities for diverse user populations, with access needs based on their business relationship with the enterprise. Control Visibility Audit 5

7 Identity management: Provisioning Processes for on-boarding, transferring, and off-boarding of employees, third-party business partner users, contractors, and brokers/agents. Revalidation of these users and recertification of their access privileges to managed resources integrated with the IAM System are also addressed. 6

8 Access management: Resource access A system that provides a single point of authentication and authorization for web applications by implementing security policies across a wide range of Web and application resources. Increases overall system security and Improves user experience by providing web single Sign-on. User Repository Policy Store IAM Administrator Create, Modify, Delete User, Group, Policy Request Resource Security Administration Provide Credentials Access Gateway Authenticate User Authorize User Resource Page Resource Page Resource Page Requestor Protected Resources Produce Audit Reports Audit Report Access Management System 7

9 What is Role Based Access Control? Access Control mess Compliance problems SoD violations Streamlined access control Ease of access monitoring Before Without Roles After With Roles Systems: Systems: Supervisors System Supervisor Role System Directory Directory Database Database Staff Service Role Internet Internet 8

10 What is Cloud?

11 What is Cloud? The Cloud is a collection of internet based or private network services providing users with scalable, abstracted IT capabilities, including software, development platforms and virtualized servers & storage Also known as IT Resources Accessible Over Web Dynamically Scalable Computing Power Virtualization Abstraction of IT Infrastructure On Demand Computing Utility based Computing Related Buzzwords : IaaS, PaaS, SaaS 10

12 Cloud Delivery Model The cloud be in the deployed in three different delivery model Software-as-a-Service (SaaS) As-a-service delivery of applications targeted at private users (e.g. social networking, micro-blogging) and business users (e.g. ERP, CRM) Platform-as-a-Service (PaaS) As-a-service delivery of tools for development, testing, deployment, hosting and application maintenance Infrastructure-as-a-Service (IaaS) As-a-service delivery of virtual CPUs, disk space, and database services Vendor Cloud (External) Private cloud (Internal) Cloud Delivery Model Hybrid Cloud Community cloud 11

13 Operating Models

14 How IAM For A Cloud? Identity and Access management can be deployed in two operating models within Cloud environment Model Description IAM for a Cloud Cloud Service Providers Identity & Access Management Functionality extension of an existing IAM infrastructure Standards for interoperability between on-premises and in-cloud applications Strong authentication and encryption Ability to leverage and sustain existing risk, compliance, and privacy controls built within the enterprise 13

15 How IAM In A Cloud? Identity and Access management can be deployed in two operating models within Cloud environment Model Description IAM in a Cloud Cloud Service Providers Identity & Access Management An IAM solution hosted in a cloud Ability to pay only for the IAM functionality required Reduction in costs related to IAM maintenance Limited in-house expertise required On-demand increase of capacity, functionality, predetermined Service Level Agreements (SLAs), and accountability 14

16 Risks and Challenges

17 Risks associated with IAM in cloud environment Enterprises need to be aware about the risks associated with deploying IAM in a cloud environment. Some important risks are listed below: Service Level Agreements Security of Identity System Integration Total Cost of Ownership (TCO) CA CouldMinder Vendors Stability Downtime will affect the access to the applications and can stop a business in its tracks. Sure, short and infrequent IAM system outages may not be as critical as the other business applications downtime; nonetheless, when people aren't able to access the system it has a negative cascading effect throughout the business. The number one concern for companies opting for the IAM in a cloud. Companies cannot afford to risk compromise of customer / employee identity information. Factors that include are vendor s security policies; data encryption; firewalls. Make aware of compliance policies with regards to data handling and the vendor s liability in case data is compromised IAM solutions shall be capable to integrate with all the applications. A failure to integrate business information systems across the company results in an increase of manual processes for the identity life cycle management. The Cloud IAM service provider shall provide interfaces and ability to integrate with any enterprise application. While predictable expenditures and a utilization based pricing model are welcome news in the business systems software industry, IAM systems must also deliver a comparable total cost of ownership when stacked against the prior on premise solution Assess the vendor for its stability and capability to deliver on its promise. If the vendor decides to wind up operations, is he bound to inform you in advance? What happens to the data if he sells his business? What if there is a change in the usage policies? 16

18 Vendor Landscape

19 Major Providers Vendor landscape increased competitive intensity As Cloud computing grows, an increasing variety of vendors have emerged including traditional IAM vendors influencing the game with innovative solutions and services. Product Vendors CA Entrust Evidian IBM Microsoft Novell OpenIAM Oracle Ping Identity RSA Safew here Siemens Symlabs (Quest Softw are) Ubisecure Service Providers CA Arcot Clavid Cloud Identity Covisint Exostar FuGen Solutions CryptoCard Gluu PingConnect ProtectNetw ork Signicat SSOCircle Symplified VMw are Horizon App Manager Myonelogin Key trends that will impact the Cloud providers in the coming years Specialized hosted identity service companies are trying to expand their reach into the identity federation space Niche as well as established technology vendors provide an opportunity to partner Managed identity service providers are looking to expand their capabilities and cater to multiple market segments globally There is no consistency in the standards supported by vendors 18

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

White. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013

White. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013 White Paper Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by McAfee. and is distributed

More information

Identity and Access Management Point of View

Identity and Access Management Point of View Identity and Access Management Point of View Agenda What is Identity and Access Management (IAM)? Business Drivers and Challenges Compliance and Business Benefits IAM Solution Framework IAM Implementation

More information

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management Introductions KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management Agenda 1. Introduction 2. What is Cloud Computing? 3. The Identity Management

More information

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,

More information

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis

THOUGHT LEADERSHIP. Journey to Cloud 9. Navigating a path to secure cloud computing. Alastair Broom Solutions Director, Integralis Journey to Cloud 9 Navigating a path to secure cloud computing Alastair Broom Solutions Director, Integralis March 2012 Navigating a path to secure cloud computing 2 Living on Cloud 9 Cloud computing represents

More information

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon

More information

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this

More information

1 The intersection of IAM and the cloud

1 The intersection of IAM and the cloud 1 The intersection of IAM and the cloud Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Theory, practice, pros and cons with a focus on enterprise deployments of IAM and cloud

More information

Cloud Computing in Banking

Cloud Computing in Banking Financial Services the way we see it Cloud Computing in Banking What banks need to know when considering a move to the cloud Contents 1 Overview 3 2 Why Cloud Computing for Banks? 4 2.1 Cost Savings and

More information

SIEM and IAM Technology Integration

SIEM and IAM Technology Integration SIEM and IAM Technology Integration Gartner RAS Core Research Note G00161012, Mark Nicolett, Earl Perkins, 1 September 2009, RA3 09302010 Integration of identity and access management (IAM) and security

More information

How to Get to Single Sign-On

How to Get to Single Sign-On How to Get to Single Sign-On Gregg Kreizman Neil Wynne Twitter: @neilwynne Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in

More information

Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation

Securing the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns

More information

OPENIAM ACCESS MANAGER. Web Access Management made Easy

OPENIAM ACCESS MANAGER. Web Access Management made Easy OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access

More information

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet

More information

Secure Your Cloud and Outsourced Business with Privileged Identity Management

Secure Your Cloud and Outsourced Business with Privileged Identity Management Secure Your Cloud and Outsourced Business with Privileged Identity Management Table of Contents Executive Summary... 3 Understanding Privilege... 3 Do All Service Providers Get It?... 5 Managing Privilege

More information

Interoperate in Cloud with Federation

Interoperate in Cloud with Federation Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra

More information

Ragy Magdy Regional Channel Manager MEA IBM Security Systems

Ragy Magdy Regional Channel Manager MEA IBM Security Systems Ragy Magdy Regional Channel Manager MEA IBM Security Systems 1 Started my career in Security in 2003 by Joining ISS 2005 was named the ISS Regional Manager for the Middle East 2006 ISS was acquired by

More information

When millions need access: Identity management in an increasingly connected world

When millions need access: Identity management in an increasingly connected world IBM Software Thought Leadership White Paper January 2011 When millions need access: Identity management in an increasingly connected world Best practice solutions that scale to meet today s huge numbers

More information

CA Technologies Strategy and Vision for Cloud Identity and Access Management

CA Technologies Strategy and Vision for Cloud Identity and Access Management WHITE PAPER CLOUD IDENTITY AND ACCESS MANAGEMENT CA TECHNOLOGIES STRATEGY AND VISION FEBRUARY 2013 CA Technologies Strategy and Vision for Cloud Identity and Access Management Sumner Blount Merritt Maxim

More information

Web Application Hosting Cloud Solution Architecture. http://www.cloud-council.org/web-app-hosting-wp/index.htm

Web Application Hosting Cloud Solution Architecture. http://www.cloud-council.org/web-app-hosting-wp/index.htm Web Application Hosting Cloud Solution Architecture http://www.cloud-council.org/web-app-hosting-wp/index.htm February, 2015 Presenters Heather Kreger CTO International Standards, IBM US kreger@us.ibm.com

More information

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud 1 What is meant by Cloud Computing, or Going To The Cloud? A model

More information

Security of Cloud Computing for the Power Grid

Security of Cloud Computing for the Power Grid ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 Security of Cloud Computing for the Power Grid Industry Panel November 12, 2014 UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY

More information

Enterprise Identity Management Reference Architecture

Enterprise Identity Management Reference Architecture Enterprise Identity Management Reference Architecture Umut Ceyhan Principal Sales Consultant, IDM SEE Agenda Introduction Virtualization Access Management Provisioning Demo Architecture

More information

Dynamic Security for the Hybrid Cloud

Dynamic Security for the Hybrid Cloud Dynamic Security for the Hybrid Cloud Marc van Zadelhoff, VP Strategy, Marketing and Product Management, IBM Security Nataraj Nagaratnam, Distinguished Engineer and CTO Security Solutions, IBM Security

More information

Identity & Access Management

Identity & Access Management TY TI EN ID WHITE PAPER ON Identity & Access Management Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 IDENTITY AND ACCESS MANAGEMENT FRAMEWORK... 3 AUTHENTICATION... 3 AUTHORISATION...

More information

Top Eight Identity & Access Management Challenges with SaaS Applications. Okta White Paper

Top Eight Identity & Access Management Challenges with SaaS Applications. Okta White Paper Top Eight Identity & Access Management Challenges with SaaS Applications Okta White Paper Table of Contents The Importance of Identity for SaaS Applications... 2 1. End User Password Fatigue... 2 2. Failure-Prone

More information

Security Landscape of Cloud Computing

Security Landscape of Cloud Computing Security Landscape of Cloud Computing Amrith Nawoor Sales Consulting Team Leader East Africa & SADC 1 This document is for informational purposes. It is not a commitment to deliver any material, code,

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Security Inspection Inc. Solutions to secure your network

Security Inspection Inc. Solutions to secure your network Security Inspection Inc. TM Solutions to secure your network Secure Cloud Utilization Strategies! responsibilities Out of 127 cloud providers surveyed, a recently released study showed that only 25% of

More information

Top 8 Identity and Access Management Challenges with Your SaaS Applications. Okta White paper

Top 8 Identity and Access Management Challenges with Your SaaS Applications. Okta White paper Okta White paper Top 8 Identity and Access Management Challenges with Your SaaS Applications Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-top8-113012

More information

Keynote: Gartner Magic Quadrants and MarketScopes. Ant Allan Felix Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson

Keynote: Gartner Magic Quadrants and MarketScopes. Ant Allan Felix Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson Keynote: Gartner Magic Quadrants and MarketScopes Ant Allan Feli Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson IAM Technologies by Primary Function Administration Intelligence Authentication Authorization

More information

Take Control of Identities & Data Loss. Vipul Kumra

Take Control of Identities & Data Loss. Vipul Kumra Take Control of Identities & Data Loss Vipul Kumra Security Risks - Results Whom you should fear the most when it comes to securing your environment? 4. 3. 2. 1. Hackers / script kiddies Insiders Ex-employees

More information

20 th Year of Publication. A monthly publication from South Indian Bank. www.sib.co.in

20 th Year of Publication. A monthly publication from South Indian Bank. www.sib.co.in To kindle interest in economic affairs... To empower the student community... Open YAccess www.sib.co.in ho2099@sib.co.in A monthly publication from South Indian Bank 20 th Year of Publication Experience

More information

Cloud Services. More agility. More freedom. More choice.

Cloud Services. More agility. More freedom. More choice. Cloud Services More agility. More freedom. More choice. What is cloud computing? No longer on the horizon: the cloud has come to business computing. Why consider moving to a cloud model? Why now? Cloud

More information

PCI Compliance for Cloud Applications

PCI Compliance for Cloud Applications What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage

More information

Incident Handling in the Cloud and Audit s Role

Incident Handling in the Cloud and Audit s Role Incident Handling in the Cloud and Audit s Role David Cole, CPA, CISA ISACA National Capital Area Chapter Cloud Computing Conference March 17, 2015 1 Outline Cloud Service Models Cloud Types Summary of

More information

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps

ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps ISSA Phoenix Chapter Meeting Topic: Security Enablement & Risk Reducing Best Practices for BYOD + SaaS Cloud Apps Agenda Security Enablement Concepts for BYOD & SaaS Cloud Apps! Intro and background! BYOD

More information

On Premise Vs Cloud: Selection Approach & Implementation Strategies

On Premise Vs Cloud: Selection Approach & Implementation Strategies On Premise Vs Cloud: Selection Approach & Implementation Strategies Session ID#:10143 Prepared by: Praveen Kumar Practice Manager AST Corporation @Praveenk74 REMINDER Check in on the COLLABORATE mobile

More information

How cloud computing can transform your business landscape

How cloud computing can transform your business landscape How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not

More information

EAaaS Cloud Security Best Practices

EAaaS Cloud Security Best Practices EAaaS Cloud Security Best Practices A Technical White Paper by Sennovate Inc Jan 2013 EAaaS Cloud Security Best Practices Page 1 Introduction: Cloud security is an ever evolving subject that is difficult

More information

SAP Business One OnDemand. SAP Business One OnDemand Solution Overview

SAP Business One OnDemand. SAP Business One OnDemand Solution Overview SAP Business One OnDemand SAP Business One OnDemand Solution Overview SAP Business One OnDemand Table of Contents 4 Executive Summary Introduction SAP Business One Today 8 A Technical Overview: SAP Business

More information

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing

More information

Developing SAP Enterprise Cloud Computing Strategy

Developing SAP Enterprise Cloud Computing Strategy White Paper WFT Cloud Technology SAP Cloud Integration Service Provider Developing SAP Enterprise Cloud Computing Strategy SAP Cloud Computing is a significant IT paradigm change with the potential to

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

NAREIM Session: Dangers and challenges of The Cloud. President, NiceNets Consulting, LLC

NAREIM Session: Dangers and challenges of The Cloud. President, NiceNets Consulting, LLC Main Types of Cloud Environments: - Public Cloud: A service built on an external platform run by a cloud service provider such as IBM, Amazon Web Services or Microsoft Azure. Subscribers can get access

More information

Speeding Office 365 Implementation Using Identity-as-a-Service

Speeding Office 365 Implementation Using Identity-as-a-Service August 2015 www.sarrelgroup.com info@sarrelgroup.com Speeding Office 365 Implementation Using Identity-as-a-Service White paper August 2015 This white paper is sponsored by Centrify. August 2015 www.sarrelgroup.com

More information

Six Best Practices for Cloud-Based IAM

Six Best Practices for Cloud-Based IAM a best practices guide Six Best Practices for Cloud-Based IAM Making Identities Work Securely in the Cloud Symplified 1600 Pearl Street, Suite 200» Boulder, CO, 80302» www.symplified.com» @Symplified Executive

More information

Cloud Computing; What is it, How long has it been here, and Where is it going?

Cloud Computing; What is it, How long has it been here, and Where is it going? Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where

More information

Allidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM Training. @aidy_idm facebook/allidm

Allidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM Training. @aidy_idm facebook/allidm Discovering IAM Solutions Leading the IAM Training @aidy_idm facebook/allidm SSO Introduction Disclaimer and Acknowledgments The contents here are created as a own personal endeavor and thus does not reflect

More information

Front cover IBM SmartCloud: Becoming a Cloud Service Provider

Front cover IBM SmartCloud: Becoming a Cloud Service Provider Front cover IBM SmartCloud: Becoming a Cloud Service Provider Redguides for Business Leaders Joe McIntyre Learn about the IBM CCRA Cloud Service Provider adoption pattern Understand the key cloud service

More information

Leveraging the Cloud for Smarter Development On Oilfields; What Does that Entail? Kevin Wagner, Director - Energy

Leveraging the Cloud for Smarter Development On Oilfields; What Does that Entail? Kevin Wagner, Director - Energy Leveraging the Cloud for Smarter Development On Oilfields; What Does that Entail? Kevin Wagner, Director - Energy Covisint Overview Cloud platform enabling organizations with complex business relationships

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

NEXT UP: John Sanderson, Windows Azure Specialist johnsand@microsoft.com 303-546-1397 (Denver) Page 1

NEXT UP: John Sanderson, Windows Azure Specialist johnsand@microsoft.com 303-546-1397 (Denver) Page 1 NEXT UP: John Sanderson, Windows Azure Specialist johnsand@microsoft.com 303-546-1397 (Denver) Page 1 The Cloud The Foundation for Private Cloud A Platform for ISV s Page 2 Cloud Computing Landscape Page

More information

PROTECT YOUR WORLD. Identity Management Solutions and Services

PROTECT YOUR WORLD. Identity Management Solutions and Services PROTECT YOUR WORLD Identity Management Solutions and Services Discussion Points Security and Compliance Challenges Identity Management Architecture CSC Identity Management Offerings Lessons Learned and

More information

EDC COLLABORATION WHITE PAPER Cloud Computing IT Services Delivery Transformation

EDC COLLABORATION WHITE PAPER Cloud Computing IT Services Delivery Transformation EDC COLLABORATION WHITE PAPER Cloud Computing IT Delivery Transformation By W. Fred Rowell Vice President and Chief Technology Officer Companion Data, LLC APRIL, 2011 Table of Contents and List of Figures

More information

Cloud Computing: Risks and Auditing

Cloud Computing: Risks and Auditing IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Cloud Computing: Risks Auditing Phil Lageschulte/Partner/KPMG Sailesh Gadia/Director/KPMG

More information

a best practices guide Six Best Practices for Cloud-Based Identity Management Services Making Identities Work Securely in the Cloud

a best practices guide Six Best Practices for Cloud-Based Identity Management Services Making Identities Work Securely in the Cloud a best practices guide Six Best Practices for Cloud-Based Identity Management Services Making Identities Work Securely in the Cloud Figure 1 Cloud-based applications you might be using Identity and access

More information

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions.

IAM can utilize SIEM event data to drive user and role life cycle management and automate remediation of exception conditions. Research Publication Date: 1 September 2009 ID Number: G00161012 SIEM and IAM Technology Integration Mark Nicolett, Earl Perkins Integration of identity and access management (IAM) and security information

More information

The Benefits of an Integrated Approach to Security in the Cloud

The Benefits of an Integrated Approach to Security in the Cloud The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The

More information

Cloud Computing. Karan Saxena * & Kritika Agarwal**

Cloud Computing. Karan Saxena * & Kritika Agarwal** Page29 Cloud Computing Karan Saxena * & Kritika Agarwal** *Student, Sir M. Visvesvaraya Institute of Technology **Student, Dayananda Sagar College of Engineering ABSTRACT: This document contains basic

More information

Top 5 Cloud Computing Questions Answered!

Top 5 Cloud Computing Questions Answered! Top 5 Cloud Computing Questions Answered! Regardless of your vertical sector or business size, cloud computing is big news for you and your company. However, it s easy to be overwhelmed with the sheer

More information

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH VORAPOJ.L@G-ABLE.COM. Agenda. Security Cases What is Cloud? Road Map Security Concerns

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH VORAPOJ.L@G-ABLE.COM. Agenda. Security Cases What is Cloud? Road Map Security Concerns BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH VORAPOJ.L@G-ABLE.COM Agenda Security Cases What is Cloud? Road Map Security Concerns 1 Security Cases on Cloud Data Protection - Two arrested in ipad

More information

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003 Oracle Identity Management Concepts and Architecture An Oracle White Paper December 2003 Oracle Identity Management Concepts and Architecture Introduction... 3 Identity management... 3 What is Identity

More information

The Keys to the Cloud: The Essentials of Cloud Contracting

The Keys to the Cloud: The Essentials of Cloud Contracting The Keys to the Cloud: The Essentials of Cloud Contracting September 30, 2014 Bert Kaminski Assistant General Counsel, Oracle North America Ken Adler Partner, Loeb & Loeb LLP Akiba Stern Partner, Loeb

More information

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure

More information

Fundamental Concepts and Models

Fundamental Concepts and Models Fundamental Concepts and Models 1 1. Roles and Boundaries Could provider The organization that provides the cloud based IT resources Cloud consumer An organization (or a human) that has a formal contract

More information

IBM Security Privileged Identity Manager helps prevent insider threats

IBM Security Privileged Identity Manager helps prevent insider threats IBM Security Privileged Identity Manager helps prevent insider threats Securely provision, manage, automate and track privileged access to critical enterprise resources Highlights Centrally manage privileged

More information

Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management

Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management Ensuring High Service Levels for Public Cloud Deployments Keys to Effective Service Management Table of Contents Executive Summary... 3 Introduction: Cloud Deployment Models... 3 Private Clouds...3 Public

More information

Centrify Cloud Connector Deployment Guide

Centrify Cloud Connector Deployment Guide C E N T R I F Y D E P L O Y M E N T G U I D E Centrify Cloud Connector Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as

More information

Running a World-Class SaaS Organization. Dr. Richard Northing SVP of Global Services Flexera Software

Running a World-Class SaaS Organization. Dr. Richard Northing SVP of Global Services Flexera Software Running a World-Class SaaS Organization Dr. Richard Northing SVP of Global Services Flexera Software Agenda SaaS Market Overview and Trends SaaS as a Business Transformation for Incumbents Running a World

More information

Traditionally, large IT organizations have utilized their own

Traditionally, large IT organizations have utilized their own White Paper Cloud Identity Services Cloud Identity Services TCO Substantially Reducing Cost with Cloud Identity Services Traditionally, large IT organizations have utilized their own resources to design,

More information

Analysis of the European Platform-as-a-service Market. The Need for Efficient Application Delivery will Influence PaaS Growth

Analysis of the European Platform-as-a-service Market. The Need for Efficient Application Delivery will Influence PaaS Growth Analysis of the European Platform-as-a-service Market The Need for Efficient Application Delivery will Influence PaaS Growth April 2015 Contents Section Slide Number Executive Summary 5 Key Findings 6

More information

Addressing Cloud Computing Security Considerations

Addressing Cloud Computing Security Considerations Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft

More information

Understanding Financial Cloud Services

Understanding Financial Cloud Services Understanding Financial Cloud Services A Complete Guide for Hedge Funds About RFA RFA (Richard Fleischman & Associates) has been a Financial Cloud and trusted technology partner to our financial services

More information

journey to a hybrid cloud

journey to a hybrid cloud journey to a hybrid cloud Virtualization and Automation VI015SN journey to a hybrid cloud Jim Sweeney, CTO GTSI about the speaker Jim Sweeney GTSI, Chief Technology Officer 35 years of engineering experience

More information

Security Considerations for Public Mobile Cloud Computing

Security Considerations for Public Mobile Cloud Computing Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of

More information

Cost effective methods of test environment management. Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA

Cost effective methods of test environment management. Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA Cost effective methods of test environment management Prabhu Meruga Director - Solution Engineering 16 th July SCQAA Irvine, CA 2013 Agenda Basic complexity Dynamic needs for test environments Traditional

More information

SaaS, PaaS & TaaS. By: Raza Usmani

SaaS, PaaS & TaaS. By: Raza Usmani SaaS, PaaS & TaaS By: Raza Usmani SaaS - Introduction Software as a service (SaaS), sometimes referred to as "on-demand software. software and its associated data are hosted centrally (typically in the

More information

Access Management and Federation

Access Management and Federation KuppingerCole Report LEADERSHIP COMPASS by Martin Kuppinger September 2013 Leaders in innovation, product features, and market reach for Access Management and Identity Federation. Your compass for finding

More information

The Hybrid Cloud Approach: CA ARCserve D2D On Demand

The Hybrid Cloud Approach: CA ARCserve D2D On Demand The Hybrid Cloud Approach: CA ARCserve D2D On Demand Small businesses benefit from a hybrid cloud solution for data backup and recovery White Paper Published: January 2012 Applies to: Microsoft Windows

More information

OVERVIEW OF MICROSOFT AZURE

OVERVIEW OF MICROSOFT AZURE Hybrid Cloud Solution to Increase Business Value CloudLink is a hybrid cloud solution that interacts with existing onpremises ERP systems. With the hybrid approach, we can leverage the on-premises software

More information

Different Patterns of Identity Management Implemented in Cloud Computing

Different Patterns of Identity Management Implemented in Cloud Computing 2011 International Conference on Advancements in Information Technology With workshop of ICBMG 2011 IPCSIT vol.20 (2011) (2011) IACSIT Press, Singapore Different Patterns of Identity Management Implemented

More information

1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing

1 Introduction to Identity Management. 2 Identity and Access Needs are Ever-Changing 1 Introduction to Identity Management Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications An overview of business drivers and technology solutions. 2 Identity and Access Needs

More information

Cloud Technology: Do you Compute? Presented by Pete Eichorn, Director of Technology, Texas.gov

Cloud Technology: Do you Compute? Presented by Pete Eichorn, Director of Technology, Texas.gov Cloud Technology: Do you Compute? Presented by Pete Eichorn, Director of Technology, Texas.gov Award-winning, official website for Texas Self-funded, public/ private partnership Subsidiary of NIC, the

More information

A Smarter Way to Manage Identity

A Smarter Way to Manage Identity IdentityIQ A Smarter Way to Manage Identity COMPLIANCE MANAGER LIFECYCLE MANAGER GOVERNANCE PLATFORM INTEGRATION MODULES SailPoint is competing and winning against some very large companies in the identity

More information

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)

More information

Hybrid Cloud Identity and Access Management Challenges

Hybrid Cloud Identity and Access Management Challenges Hybrid Cloud Identity and Access Management Challenges Intro: Timothy P. McAliley timothy.mcaliley@microsoft.com Microsoft Premier Field Engineer, SQL Server, Washington, DC CISA, CISM, CISSP, ITIL V3,

More information

Three Ways to Integrate Active Directory with Your SaaS Applications OKTA WHITE PAPER. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

Three Ways to Integrate Active Directory with Your SaaS Applications OKTA WHITE PAPER. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 OKTA WHITE PAPER Three Ways to Integrate Active Directory with Your SaaS Applications Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-3waysad-113012 Table

More information

SAML SSO Configuration

SAML SSO Configuration SAML SSO Configuration Overview of Single Sign-, page 1 Benefits of Single Sign-, page 2 Overview of Setting Up SAML 2.0 Single Sign-, page 3 SAML 2.0 Single Sign- Differences Between Cloud-Based Meeting

More information

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

Securing the Cloud infrastructure with IBM Dynamic Cloud Security Securing the Cloud infrastructure with IBM Dynamic Cloud Security Ngo Duy Hiep Security Brand Manager Cell phone: +84 912216753 Email: hiepnd@vn.ibm.com 12015 IBM Corporation Cloud is rapidly transforming

More information

Quick guide: Using the Cloud to support your business

Quick guide: Using the Cloud to support your business Quick guide: Using the Cloud to support your business This Quick Guide is one of a series of information products targeted at small to medium sized enterprises (SMEs). It is designed to help businesses

More information

Enterprise Global Security in an era of Hybrid Cloud and Smart Mobile

Enterprise Global Security in an era of Hybrid Cloud and Smart Mobile Enterprise Global Security in an era of Hybrid Cloud and Smart Mobile M. Asif Riaz, CISM, CISSP, CEH Agenda Users are demanding access to applications and services from wherever they are, whenever they

More information

Cloud Computing and HIPAA Privacy and Security

Cloud Computing and HIPAA Privacy and Security Cloud Computing and HIPAA Privacy and Security This is just one example of the many online resources Practical Law Company offers. Christine A. Williams, Perkins Coie LLP, with PLC Employee Benefits &

More information

The Unique Alternative to the Big Four. Identity and Access Management

The Unique Alternative to the Big Four. Identity and Access Management The Unique Alternative to the Big Four Identity and Access Management Agenda Introductions Identity and Access Management (I&AM) Overview Benefits of I&AM I&AM Best Practices I&AM Market Place Closing

More information

Cloud Computing: What IT Professionals Need to Know

Cloud Computing: What IT Professionals Need to Know Learning Cloud Computing: What IT Professionals Need to Know Cloud computing promises new career opportunities for IT professionals. In many cases, existing core skill sets transfer directly to cloud technologies.

More information

Glinda Cummings World Wide Tivoli Security Product Manager

Glinda Cummings World Wide Tivoli Security Product Manager Featured Speaker IBM Security Solutions! Glinda Cummings World Wide Tivoli Security Product Manager 2010 IBM Corporation IBM Security Solutions! How IBM defines Cloud Computing IBM Security Solutions!

More information

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation

Healthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application

More information