1 Hybrid Cloud Identity and Access Management Challenges
2 Intro: Timothy P. McAliley Microsoft Premier Field Engineer, SQL Server, Washington, DC CISA, CISM, CISSP, ITIL V3, MCSA, MCSE, MCITP, MCTS, MCT, PMP
3 Key Take-Aways Know the general definitions of Hybrid Cloud Identity & Access Management Know the challenges of Hybrid Cloud Identity & Access Management
4 Agenda Cloud Primer What Is Hybrid Identity & Access Management (IAM)? What Are The Challenges Of Hybrid IAM? Example of Hybrid IAM Capabilities From A Cloud Service Provider Resources
5 Cloud Primer
6 Cloud Primer Spot Quiz: What Document Provides Key Recommendations for Defining Cloud Computing? Answer: NIST Special Publication , The NIST Definition of Cloud Computing
7 Cloud Primer What Is In The NIST SP , Definition of Cloud Computing? Essential Characteristics: On-demand self-service. Broad network access. Resource pooling. Rapid elasticity. Measured service.
8 Cloud Primer What Is In The NIST SP , Definition of Cloud Computing? Service Models: Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) Identity and Access Management as a Service (IAMaaS)
9 Cloud Primer
10 Cloud Primer What Is In The NIST SP , Definition of Cloud Computing? Deployment Models: Private Cloud Community Cloud Public Cloud Hybrid Cloud
11 Cloud Trends By 2015, 50% of all new application independent software vendors will be pure SaaS providers. Through 2015, more than 90% of private cloud computing deployments will be for infrastructure as a service. By 2015, 50% of large global enterprises will rely on external cloud computing services for at least one of their top 10 revenue-generating processes. By 2016, all large global enterprises will use some level of public cloud services. Through 2020, the most common use of cloud services will be a hybrid model combining on-premises and external cloud services. Gartner: Cloud Computing Innovation Key Initiative Overview, 2014
12 Cloud Providers Amazon - Offerings include Amazon Web Services (AWS). Google - Offerings include the Google Cloud Platform. IBM - Offerings include enabling technologies to build private clouds and services for public cloud applications, platforms and infrastructure. Microsoft - Offerings include Microsoft Azure for public cloud, and Windows Server and Systems Center for private cloud. salesforce.com - Offerings include sales, marketing and customer service application services and platform services. VMware -Offerings include vcloud Hybrid Service for public cloud and the vcloud Suite for private cloud. Gartner: Cloud Computing Innovation Key Initiative Overview, 2014
13 What Is Microsoft Azure?
14 What Is Hybrid Identity & Access Management (IAM)?
15 What Is Hybrid Identity & Access Management (IAM)? Hybrid Identity: Identity solutions which span on-premises and cloud-based capabilities Creating a single user identity for authentication and authorization to all resources, regardless of location. Configuration and Administration of On-Premise and Cloud-Based Account & Authentication Management On-Premise and Cloud-Based Resource Access
16 What Is Hybrid Identity & Access Management (IAM)?
17 What Are The Challenges Of Hybrid IAM?
18 What Are The Challenges Of Hybrid IAM? Gartner Views on Cloud IAM Challenges: Identity management to the cloud being able to send something from the enterprise to the cloud. Identity management from the cloud being able to send something that exists somewhere else, to your organizations. Identity management within the cloud to cloud. Gartner- 2013
19 What Are The Challenges Of Hybrid IAM? Protection of Organizational Information User Productivity & Mobility The Consumerization of IT / BYOD Account Provisioning/Management Password Synchronization User/Group Change Synchronization Enterprise Access to SaaS Applications Operational Risks
20 Example of Hybrid IAM Capabilities From A Cloud Service Provider
21 Example of Hybrid IAM Capabilities From A Cloud Service Provider Microsoft Active Directory Extend On-Premises Active Directory Into the Cloud Azure Active Directory Multi-Factor Authentication
22 What is Azure Active Directory?
24 Identity across multiple devices
25 Flexible access makes for happy users
26 Extend On-Premises Active Directory Into the Cloud Azure AD Connect Azure AD Connect is the single tool and guided experience for connecting your on-premises directories with Azure Active Directory Synchronization - This part is made up of the the components and functionality previously released as Dirsync and AAD Sync. This is the part that is responsible for creating users and groups. It is also responsible for making sure that the information on users and groups in your on-premises environment, matches in the cloud. AD FS - This is an optional part of Azure AD Connect and can be used to setup a hybrid environment using an on-premises AD FS infrastructure. This part can be used by organization's to address complex deployments that include such things as domain join SSO, Enforcement of AD login policy and smart card or 3rd party MFA. Health Monitoring - For complex deployments using AD FS, Azure AD Connect Health can provide robust monitoring of your federation servers and provide a central location in the Azure portal to view this activity. NOTE: Dirsync and AAD Sync are longer being released individually, and all future improvements will be included in updates to Azure AD Connect, so that you always know where to get the most current functionality. Until the GA release of Azure AD Connect you can continue use Azure AD Sync for new production deployments.
27 Extend On-Premises Active Directory Into the Cloud Azure AD Connect
28 Extend On-Premises Active Directory Into the Cloud Run Domain Controllers on Azure VMs as Part of Your On-Premise AD
29 Centrally managed identities and access
30 Common identity with sync & federation
31 Monitor & protect access to enterprise apps
32 Monitor & protect access to enterprise apps
33 What is Azure multi-factor authentication?
34 How it works
36 Your directory on the cloud
37 Selection of pre-integrated SaaS apps
38 Example workload: single sign-on to 2,400+ SaaS apps
40 Resources Gartner: Cloud Computing Innovation Key Initiative Overview, 2014 https://www.gartner.com/doc/ ?ref=sitesearch&sthkw=cloud&fnl=search&srcid= GCN Special Report: Breaking Through the Security Cloud Microsoft Azure Compliance Portal Microsoft Azure Handbook Microsoft Azure Whitepapers
41 Resources Microsoft Azure Portal Microsoft Virtual Academy Azure Rights Management/Azure Active Directory Courses Microsoft TechNet Virtual Labs https://technet.microsoft.com/en-us/virtuallabs NIST Special Publication , The NIST Definition of Cloud Computing
42 Summary Cloud Primer What Is Hybrid Identity & Access Management (IAM)? What Are The Challenges Of Hybrid IAM? Example of Hybrid IAM Capabilities From A Cloud Service Provider Resources
43 Key Take-Aways Know the general definitions of Hybrid Cloud Identity & Access Management Know the challenges of Hybrid Cloud Identity & Access Management
Kent State University s Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
Seeing Though the Clouds A PM Primer on Cloud Computing and Security NIH Project Management Community Meeting Mark L Silverman Are You Smarter Than a 5 Year Old? 1 Cloud First Policy Cloud First When evaluating
Web Application Hosting Cloud Architecture Executive Overview This paper describes vendor neutral best practices for hosting web applications using cloud computing. The architectural elements described
Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment
Cloud Computing and Big Data What Technical Writers Need to Know Greg Olson, Senior Director Black Duck Software For the Society of Technical Writers Berkeley Chapter Black Duck 2014 Agenda Introduction
ArcGIS Cloud Security Roadmap & Best Practices for Federal Agencies Michael E. Young Agenda Introduction ArcGIS Cloud Capabilities ArcGIS Online (SaaS) Security ArcGIS Cloud Providers ArcGIS IaaS Security
Cloud Chasing 101: Planning And Preparing For Your Move To Cloud Collaboration Marie L. Scott Virginia Commonwealth University Agenda Introduction Why are organizations moving to the cloud? Planning and
Cloud Computing: Elastic, Scalable, On-Demand IT Services for Everyone Cloud.com White Paper April 2010 Table of Contents 1 Executive Summary... 2 2 Motivation Around Cloud Computing... 2 3 Comparing Cloud
WHITE PAPER Elastic Cloud Infrastructure: Agile, Efficient and Under Your Control - 1 - INTRODUCTION Most businesses want to spend less time and money building and managing infrastructure to focus resources
datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers
w h i t e p a p e r : c l o u d s e c u r i t y Securing the Cloud for the Enterprise A Joint White Paper from Symantec and VMware White Paper: Cloud Security Securing the Cloud for the Enterprise Contents
Cloud Technologies and GIS Nathalie Smith email@example.com Agenda What is Cloud Computing? How does it work? Cloud and GIS applications Esri Offerings Lots of hype Cloud computing remains the latest, most
Financial Services the way we see it Cloud Computing in Banking What banks need to know when considering a move to the cloud Contents 1 Overview 3 2 Why Cloud Computing for Banks? 4 2.1 Cost Savings and
White Paper Cloud Computing for Technology Tools Leveraging cloud principles to deliver tools to application developers and database professionals Embarcadero Technologies, Inc. March 2010 Corporate Headquarters
White Paper How Cloud Computing Will Change The Aviation Maintenance Operation Building Safer Operations and Increasing Productivity with Cloud-Based Information Services CONTENTS Introduction: What is
Appendix C Pricing Index DIR Contract Number DIR-TSO-2724 Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) Amazon Web Services (AWS) is a comprehensive cloud services platform that offers
Cloud Computing: Transforming the Enterprise Cloud computing is not just a trend. It is changing the way IT organizations drive business value. THINK SMART. ACT FAST. FLEX YOUR BUSINESS. EXECUTIVE SUMMARY
Kaseya White Paper Managing the Complexity of Today s Hybrid IT Environments There are many factors driving the increasing complexity of IT today. The rapid adoption of cloud computing, big data and mobile
Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit firstname.lastname@example.org 2 If cloud computing is so simple, then what s the big deal? What is the
Private Clouds Can Be Complicated: The Challenges of Building and Operating a Microsoft Private Cloud Tony Bradley Microsoft MVP, CISSP-ISSAP Principal Analyst, Bradley Strategy Group The connected, mobile