CA Technologies Strategy and Vision for Cloud Identity and Access Management
|
|
- Gerard Dawson
- 8 years ago
- Views:
Transcription
1 WHITE PAPER CLOUD IDENTITY AND ACCESS MANAGEMENT CA TECHNOLOGIES STRATEGY AND VISION FEBRUARY 2013 CA Technologies Strategy and Vision for Cloud Identity and Access Management Sumner Blount Merritt Maxim CA Security Management agility made possible
2 Table of Contents Executive Summary 3 Section 1: 4 Embrace the Hybrid Cloud Securely Section 2: 5 Security Challenges of the Cloud Section 3: 5 Three Perspectives on Cloud Security Section 4: 9 CA Technologies Strategy for Cloud Security Section 5: 14 Conclusions Section 6: 15 About the Authors 2
3 Executive Summary Challenge Cloud computing introduces new security challenges for both consumers and providers of cloud services across all types of IT environments. Organizations are seeking to extend existing investments in identity and access management (IAM) solutions to support cloud services and maintain interoperability between cloud and on-premise identity-based systems. A hybrid IAM solution empowers organizations to migrate to the cloud at a pace that meets their requirements to reduce operational costs and enhance agility. Cloud service providers also face ongoing security challenges relating to their existing and new cloud services, including securing virtualized multi-tenant environments and how to maintain the security and integrity of tenant data. Note: Identity and access management (IAM) is the set of processes and the supporting infrastructure for the creation, management, and use of digital identities and enforcement of access policies. Opportunity Cloud computing offers significant potential economic and operational efficiencies. However, these efficiencies are often accompanied with new regulatory requirements around the security of applications and data that are stored in the cloud. The CA Technologies vision and strategy for cloud-based identity services enable organizations and service providers to: Securely provision to, and access, cloud-based services and on-premise apps Choose the IAM deployment option (on-premise, hybrid, or cloud) that meets their unique organizational and security needs Simplify the management of IAM services across both on-premise and cloud deployments The cloud also provides opportunities for organizations which may have previously viewed IAM as out of reach because of perceived complexity or lack of appropriate internal skillsets. 3
4 Benefits CA CloudMinder offers cloud security solutions that enable organizations to access cloud IAM services and enterprise resources securely and from a centralized consistent interface. CA CloudMinder services enable organizations to centrally control users identities and their access to both SaaS services and on-premise applications in a hybrid environment. This helps organizations utilize the cloud with confidence and adopt a best-of-breed approach that relies on existing onpremise apps and SaaS services, while helping to reduce the cost of security administration. These services enable organizations of all types and sizes to realize efficiency gains while still protecting their critical digital resources, regardless of whether those resources are on-premise or in the cloud. This can result in: Reduced security risk for all systems, applications, and information Reduced administrative expenses and improved efficiency Improved IT agility through flexible deployment options across on-premise and cloud environments Ability to move to the cloud on a comfortable schedule Section 1: Embrace the Hybrid Cloud Securely Introduction CA Technologies has been an active leader in the IAM market for over a decade as part of our overarching strategy to help organizations govern, manage, and secure IT. We have continually expanded our IAM solutions to address a growing set of use cases that organizations face on a daily basis, and to incorporate new and evolving technologies. The cloud is a disruptive, business-driven IT model created in response to the economic realities and mounting pressures to reduce operating costs and increase efficiency, while improving overall business agility. It introduces new (yet familiar) models for consumption and delivery of applications that have a democratizing effect: applications and other IT services that were once only available to companies with large IT shops are now accessible to all. The cloud is the new opportunity leveler, providing the same capabilities to both large and small organizations. A hybrid cloud approach is one that enables organizations to continue to use on-premise IAM solutions while beginning to implement security in the cloud, and have the flexibility to move to the cloud on their own schedule, instead of being forced to adopt an all or nothing approach. One thing that is clear is that identity, and the management and controls dependent on it, are absolutely central to the secure adoption of cloud services. The goal of this paper is to provide the reader with an overview of the CA Technologies CloudMinder strategy and vision for identity and access management. 4
5 Section 2: Security Challenges of the Cloud As organizations increase their consumption of cloud services, they re becoming more concerned with how they can effectively secure their information and services in the cloud especially since they have limited direct control or visibility over them while remaining obligated to meet data protection legal and regulatory requirements. At the same time, cloud service providers (CSPs) are working to earn the trust of cloud consumers so that they can host increasingly sensitive applications and information. And, some specialized CSPs are looking into delivering security services from the cloud. Whether an organization is looking to provide or consume cloud services, security and control requirements must be addressed. This is true whether those cloud services are complete applications (SaaS), built on hosted application development and deployment services (PaaS) or are focused on basic IT infrastructure as a service (IaaS). Sensitive information and applications will be migrated at least in part to cloud services; the question is whether the cloud will be ready from a security and control perspective. So what needs to happen to make the cloud ready? First, cloud providers and consumers need to recognize that security is an issue and commit to collaborating on solutions. Second, IT professionals need to demonstrate through preparation, actions and investments that acquiring cloud services without such solutions in place is both unwise and unnecessary. Third, CSPs that desire to handle more sensitive workloads and data need to invest in putting greater security control and visibility into the hands of their cloud consumers. Finally, all participants must recognize that cloud security is inherently a joint effort between the cloud consumer and the CSP and that security controls, whether preventive or detective, need to operate reliably without a gap between the players. Section 3: Three Perspectives on Cloud Security TO THE CLOUD Extending IAM services such as provisioning and federated single sign-on to the cloud From the perspective of cloud-consuming organizations many of which already have hundreds of deployed, on-premise applications cloud-based services are implemented in addition to, rather than in place of, existing applications. Security and audit professionals at these organizations are challenged to extend consistent existing security systems and practices which may have continually evolved and improved over the years to encompass their cloud services, whether they are SaaS-, PaaS- or IaaS-based. An example of this would be an organization s extending identity management to the cloud by leveraging the established user identity, authentication and provisioning processes of their on- 5
6 premise applications. In this instance, access to cloud services can be managed as part of existing security systems and processes, thus helping to satisfy relevant security and compliance requirements. Another common use case is providing universal single sign-on (SSO) to cloud services and existing on-premise applications. In this scenario, the organization owns the application and identity and is merely looking to simplify the user experience. For users, the benefits are clear-no more need to remember lots of passwords for different sites, and a single seamless experience across application environments. And in cases where there are elevated concerns around accessing sensitive data in the cloud, organizations can layer strong two-factor authentication as an added security control. The common theme with these examples is that cloud security controls and processes can be implemented by extending existing enterprise systems and processes to the cloud. This approach depends on cloud consumers and providers being able to easily integrate their security systems with one another, normally through standard protocols. Fortunately, multiple well-vetted security standards exist that enable this type of cross-domain security interoperability, such as SAML, WS-Security, XACML, SCIM and more. The following illustrates extending IAM services to the cloud through user provisioning and SSO: Figure A. TO THE CLOUD Extending IAM services such as provisioning and federated single sign-on to the cloud. 6
7 FOR THE CLOUD - Providing privileged user management and data protection for cloud-based services If CSPs want to earn the level of trust required by potential cloud-consuming organizations to handle their most sensitive applications and data, they need to have the most effective and up-to-date security controls in place. For example, they must have sufficient control over application and data access for regular and privileged users as well as adequate control processes for user management, authentication, authorization, logging, reporting, delegated administration and more. Privileged users in the service provider s datacenter are an especially high risk area because they often have complete access to your critical applications and information. Granular access entitlements must be available that help ensure that Admins can perform only those actions that they need to based on their role, and only on appropriate systems. In addition, all privileged users must be uniquely identified and not use shared accounts, in order to reduce risk and simplify compliance audits. Furthermore, CSPs must be able to prove the existence and operation of these controls to both customers and external auditors in order to establish compliance with relevant policies and regulations. On top of that, CSPs security systems and processes must be open and interoperable via standards to the security systems of their cloud-consuming customers. A robust and comprehensive identity and access management platform is necessary to provide the level of security and automation that this requirement demands. When the CSP has deployed these core IAM capabilities, the security and privacy of clients key applications and data is significantly improved, and therefore the compliance profile of the client is also enhanced. The client may live and die by the reputation for security controls that they can establish with their own customer base, so a robust IAM platform in the CSP environment (similar to an on-premise IAM platform) can help enhance that image. The following highlights the key identity capabilities that cloud service providers will need to help ensure the security of their environments: Figure B. FOR THE CLOUD - Providing privileged user management and data protection for cloud-based services. 7
8 FROM THE CLOUD - Delivering a suite of cloud-based identity and access management services to suit the changing needs of your business from the cloud The emergence of the cloud is revolutionizing all aspects of IT service delivery. Organizations are now rationalizing their entire portfolio of IT applications, deciding which are core differentiators and value creators, and which are commodities that are better provided by suppliers. Security systems and processes are not immune to this reevaluation. In fact, it could be argued that many organizations are not particularly adept at providing their own security. And while good security is important to earning customer and partner trust, security in and of itself is not always a key business differentiator. Thus, there are many compelling business reasons to look to the cloud for the delivery of security services. Identity services from the cloud are particularly compelling. They can provide robust security services that can communicate with on-premise IAM services and identity stores, so as to present a unified, consistent set of security services to the application user or administrator. And, by moving various IAM capabilities to the cloud, enterprises can gain the often significant efficiency and agility benefits that a hybrid approach can provide. Another quickly emerging use case involving cloud-based identity services is around social media and marketing. The explosion of services such as Facebook now means that some organizations can utilize those existing third-party identities for accessing their cloud services. The benefit to the business is that they can utilize their existing trusted identities to develop deeper understanding and analytics of their end users, while the benefit to the end user is a simplified user experience especially around the account creation and registration process. The following highlights the importance of cloud-based identity services, and the flexibility and agility that can be achieved by this deployment model: Figure C. FROM THE CLOUD - Delivering a suite of cloud-based identity and access management services to suit the changing needs of your business from the cloud. 8
9 Although the two previous use case examples are important, this deployment model is the one that many organizations will find the most compelling, even though it requires careful planning and a staged implementation. It is also the model that enables organizations to take best advantage of the cloud s many operational benefits. Section 4: CA Technologies Strategy for Cloud Security Introduction Organizations of all sizes and types must now deal with several significant IT issues including: 1. Pressure to keep IT operating budgets in check Today, IT organizations face flat (or shrinking) budgets, but with an increasing demand for IT security services. As a result, organizations are interested in cloud-based services for things like identity and access management. These cloud IAM services can provide better predictability around budget issues by reducing hardware expenses and moving to more manageable per user utility based pricing. 2. Maintaining appropriate security over increasingly distributed environments In today s world with the need for more and more cooperation between companies, partners and customers, companies are looking to extend their resources to other groups of users outside their company. CA CloudMinder can allow them to simplify the process of getting access to and leveraging the validated identities of others, while still maintaining control. 3. Extending IAM to large new external user communities (B2B/B2C) With the exponential growth in Web-based marketing, organizations that want to grow revenue and reach new markets need to extend their reach to massively large user communities. The cost of managing these identities internally is very high. With cloud-based identity services, this becomes more cost effective, easily scalable, greatly simplifying the IT infrastructure and allowing support for new business models and initiatives. 4. Leveraging third-party identities through social login Social media marketing is becoming a standard marketing practice. The ability to consume and utilize identities issued by other trusted social media identity providers like Facebook, Google, LinkedIn, and others allows the business to direct their customers with seamless single sign-on into their marketing sites, register and track them and leverage the information available by their identity provider. This results in increased customer relationship management. 5. Reducing IT risk While organizations see the benefits of cloud services, they are equally concerned about the security of using a cloud service and are looking for ways that they can maintain the consistent security between on-premise and cloud environments. Therefore, they are looking for cloud services that can deliver consistent security for identities and access for on-premise and cloud environments without unnecessarily increasing risk. 9
10 These issues are driving many IT organizations to adopt cloud-based services. But, one major inhibitor of more widespread cloud adoption is concern about the security of applications and information that reside in the cloud. Because of these concerns, customers are adopting cloud services in a phased approach in order to limit risk and help ensure the success of their cloud initiatives. Over time, they will continue to move more applications to the cloud. As IAM becomes available as a service, it must be able to support the security requirements of both cloud and on-premise applications in order to allow customers to gradually and gracefully adopt cloud models over time. One solution approach will not fit all needs. In summary, organizations are adopting cloud models gradually and with caution. They need to be able to access comprehensive identity services, running either on-premise or in the cloud, in order to protect applications running either on-premise or in the cloud. Because of their phased deployment requirements, flexibility in their choice of IAM capabilities and in their choice of deployment options are essential. CA CloudMinder is an IAM cloud platform that organizations can utilize for identity services regardless of whether the services, or the applications being protected, are deployed on-premise or in the cloud. Ultimately, enterprises will be able to choose whether their identity components are running on-premise, or in the cloud, or in a hybrid configuration. And, regardless of where it is deployed, this solution can control access to either on-premise or cloud-based applications. These capabilities enable organizations to have very high flexibility in their deployment options, which leads to improved business agility. The goal of CA CloudMinder is to provide the identity services that organizations need, regardless of whether the services, or the applications being protected, are deployed on-premise or in the cloud. Ultimately, customers will be able to choose whether their identity components are running onpremise, or in the cloud, or in a hybrid configuration. And, regardless of where it is deployed, our solution will be able to control access to either on-premise or cloud-based applications. The CA CloudMinder strategy is to offer very high flexibility to our customers in terms of the IAM components they can choose, and how they access identity services. They can adopt cloud-based IAM services according to their own needs and timetables. They can start with a completely on-premise solution, and then migrate certain components to the cloud, operating in a hybrid manner, as their needs and security considerations dictate. 10
11 CA CloudMinder an Overview CA CloudMinder is a suite of IAM solutions that are delivered as hosted, cloud services. These services are based on CA Technologies existing portfolio of market-leading IAM security solutions and can be deployed individually or together in a modular fashion. The following illustrates the CA CloudMinder approach, and shows how it enables both access to cloud services from on-premise solutions, or identity services deployed in the cloud. CA CloudMinder services enable organizations to centrally control users identities and their access for both SaaS services and on-premise applications. This helps organizations utilize the cloud with confidence and adopt a best-of-breed approach that relies on existing on-premise apps and SaaS services, while helping to reduce the cost of security administration. CA CloudMinder delivers five major operational benefits: 1. Accelerated On-Boarding Process: on-boarding new customers to your service should take just minutes, accelerating your implementation and speeding adoption. 11
12 2. Increased Usage: reliable, seamless SSO access to your service accelerates adoption and usage, translating to a broader service footprint and higher renewal rates. 3. Predictable TCO: with a flat-rate pricing model, you keep your cost of ownership low and predictable. 4. High-Performance: SaaS operates at the speed of cloud, so cloud identity and access management must ensure high-availability, multi-tenant architecture and secure SAML-based SSO to enable performance. 5. Increased Usage: reliable, seamless SSO access to your service accelerates adoption and usage, translating to a broader service footprint and higher renewal rates. CA CloudMinder currently consists of the following distinct services: Advanced Authentication CA CloudMinder Advanced Authentication provides a centralized versatile authentication service which consolidates the management of authentication methods across heterogeneous IT environments. This service provides support for a broad range of authentication methods including password, security Q&A, one-time password via SMS/ and OATH tokens. In addition, it offers unique two-factor authentication credentials that are more cost effective and user friendly than traditional methods. The Advanced Authentication capabilities also include soft tokens that provide greater security over the familiar hard tokens, without all the management hassles and expense of continually re-licensing these tokens. Software tokens provide the same user experience as passwords, while providing significantly greater security for user authentications, at a lower TCO. In addition to strong authentication, the capability to detect and prevent potential fraudulent activities on the part of users is also important to reducing overall security risk. The risk of online identity fraud continues to grow with attackers often targeting identity credentials and using them to access sensitive systems. CA CloudMinder Advanced Authentication also includes a cloud-based fraud detection and prevention service based on our on-premise solution, CA RiskMinder. This capability provides protection against online fraud by monitoring online access attempts and calculating a risk score based on a broad set of variables. The risk score can then be used to determine whether to allow access or initiate additional action; the risk score is also shared with other CA CloudMinder components, like CA CloudMinder Single Sign-On. CA CloudMinder Advanced Authentication thereby provides an effective way to improve the security of user authentication while maintaining a convenient experience for users. Identity Management The growth in users, and systems for which they require access, is leading to a growth in digital identities that needs to be managed. The management of identities throughout their lifecycle includes multiple aspects including account creation, identity-proofing, assignment of access rights, fielding access requests and managing related identity attributes. Organizations require a solution which allows them to centrally aggregate and control identities for use across the IT and cloud environment. 12
13 CA CloudMinder Identity Management includes three critical capabilities for managing users across on-premise and cloud environments. User Management provides cloud-based identity management capabilities including user self-service, profile creation, password reset and distribution of forgotten user names. Provisioning automates the process of adding, modifying and deleting user accounts, including user attributes and role associations which can be used to assign privileges on target systems. Provisioning to popular SaaS applications such as Google Apps, SalesForce.com, and others are supported both from CA CloudMinder and from our on-premise provisioning solution, CA IdentityMinder. Access Request Management provides the capability for users to submit access requests online. The cloud service can then route requests through workflow approvals based on defined policies and, where appropriate, provision the user to those systems automatically. Single Sign-On Business boundaries are quickly expanding beyond the IT domains directly controlled by your organization as users regularly need to access partner applications or those hosted in the cloud. Many of these sites are secured, requiring proper credentials and authentication, yet users do not want to be burdened with managing separate sets of credentials for disparate applications. The ultimate experience is a seamless single sign-on experience regardless of who actually owns the application. CA CloudMinder Single Sign-On provides cross-domain federated single sign-on for both identity and service providers, through federation of identities across partner sites. Once users have properly authenticated, their credentials and related attributes will be securely shared to enable authentication to partner sites without requiring user action. CA CloudMinder Single Sign-On provides pre-tested application support for many common SAML applications and also provides support for a wide range of identity federation standards, including SAML 1.1 as well as 2.0, WS-Fed 1.2, OpenID 2.0, OAuth 2.0 and WS-Trust 1.4. In addition, CloudMinder support for standards like OpenID allows consumers to use their existing social identity to easily access your websites and applications in a simple and secure way. This streamlines the user experience but also enables organizations to track consumer identities and potentially even reduce the increasing costs of customer acquisition. It also provides Just-in-Time (JIT) Provisioning that allows a user who does not have an account on a specific application to have account creation and SSO into that application via a single seamless step. This includes leveraging a user s association to a given group or role to assign them certain privileges on target systems. CA Cloud Security looking to the future The overall CA Technologies strategy for CA CloudMinder is to provide flexibility in how our customers access and deploy identity services, and how they transition from their current environment. To that end, we will continue to offer additional identity services as both on-premise and cloud-based services. These additional cloud services would include, for example, access governance and privileged user management, among others. In this way, we will be able to provide organizations and managed service providers with very high flexibility in how they deploy critical identity services. The business agility that results from this flexibility can enable you to more effectively leverage the efficiency benefits of cloud services, while also improving your overall security posture. 13
14 Section 5: Conclusions Leveraging enterprise security services from the cloud can deliver many important benefits to your organization, including: Elasticity The identity services your organization needs can be expanded, or contracted, based on your current needs. In addition, cloud licensing models mean you only pay for what you use. Low cost of entry The cloud-based model can eliminate the need for you to procure hardware, facilities and other costly IT infrastructure that is often needed to support enterprise security solutions. Quick time-to-value The ability to get up and running with cloud-based security applications quickly gives you the business agility you need to effectively respond to changing competitive or market events Low cost of ownership Ongoing solution support and maintenance is handled by trusted service providers allowing you to focus your resources on initiatives that differentiate your business. The elasticity provided by this cloud model also allows you to maintain a cost that accurately reflects your usage of the service. Shorter deployment cycles Installation and configuration of the software solution s underlying cloud services has already been taken care of by service providers, meaning you can sign up for and implement services quickly and easily. CA Technologies has a clear and innovative strategy and vision for providing identity services for the cloud to our customers, based on the CA CloudMinder suite of solutions. CA CloudMinder gives you the flexibility to securely adopt cloud computing on your own schedule, according to your own needs. With CA Cloudminder, customers can leverage CA Technologies proven IAM capabilities to securely extend IAM services to new large external user communities that support your rapidly evolving business requirements for cloud services as well as existing on-premise applications while reducing the total cost of ownership. This gives organizations maximum flexibility and enables them to support new emerging business models in exponentially growing user communities in a cost effective and predictable manner while allowing them to focus on their core business. We empower you to securely and confidently adopt IAM in the cloud with a choice of capabilities and deployment models. 14
15 Section 6: About the Authors Sumner Blount has been associated with the development and marketing of software products for over 25 years. He has managed the large computer operating system development group at Digital Equipment and Prime Computer, and managed the Distributed Computing Product Management Group at Digital. More recently, he has held a number of product management positions, including product manager for the SiteMinder product family at Netegrity. He is currently focusing on security and compliance solutions at CA Technologies. Merritt Maxim has 15 years of product management and product marketing experience in the information security industry, including stints at RSA Security, Netegrity and OpenPages. In his current role at CA Technologies, Merritt handles product marketing for the CA Technologies identity management and cloud security initiatives. The co-author of Wireless Security Merritt blogs on a variety of IT security topics, and can be followed at Merritt received his BA cum laude from Colgate University and his MBA from the MIT Sloan School of Management. Agility Made Possible: The CA Technologies Advantage CA Technologies (NASDAQ: CA) provides IT management solutions that help customers manage and secure complex IT environments to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. CA Technologies is committed to ensuring our customers achieve their desired outcomes and expected business value through the use of our technology. To learn more about our customer success programs, visit ca.com/ customer-success. For more information about CA Technologies go to ca.com. Copyright 2013 CA. All rights reserved. Windows Server and Active Directory are registered trademarks or trademarks of Microsoft Corporation in the United States and/ or other countries. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill, or lost data, even if CA is expressly advised in advance of the possibility of such damages. CA does not provide legal advice. Neither this document nor any software product referenced herein serves as a substitute for your compliance with any laws (including but not limited to any act, statute, regulation, rule, directive, standard, policy, administrative order, executive order, and so on (collectively, Laws )) referenced herein or any contract obligations with any third parties. You should consult with competent legal counsel regarding any such Laws or contract obligations. CS3516_0213
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly
More informationIdentity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control
Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control agility made possible Enterprises Are Leveraging Both On-premise and Off-premise
More informationidentity as the new perimeter: securely embracing cloud, mobile and social media agility made possible
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
More informationAuthentication Strategy: Balancing Security and Convenience
Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new
More informationSOLUTION BRIEF SEPTEMBER 2014. Healthcare Security Solutions: Protecting your Organization, Patients, and Information
SOLUTION BRIEF SEPTEMBER 2014 Healthcare Security Solutions: Protecting your Organization, Patients, and Information SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT 94% of healthcare organizations
More informationexpanding web single sign-on to cloud and mobile environments agility made possible
expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online
More informationCA Automation Suite for Data Centers
PRODUCT SHEET CA Automation Suite for Data Centers agility made possible Technology has outpaced the ability to manage it manually in every large enterprise and many smaller ones. Failure to build and
More informationCA SiteMinder SSO Agents for ERP Systems
PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationSOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?
SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY How Can I Both Enable and Protect My Organization in the New Application Economy? CA Security solutions can help you enable and protect your business
More informationagility made possible
SOLUTION BRIEF CA Technologies and NetApp Integrated Service Automation Across the Data Center can you automate the provisioning and management of both virtual and physical resources across your data center
More informationFederated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
More informationAn Enterprise Architect s Guide to API Integration for ESB and SOA
An Enterprise Architect s Guide to API Integration for ESB and SOA The New Digital Imperative While some are still adjusting to the idea, you re well aware that we re living in an application economy.
More informationagility made possible
SOLUTION BRIEF Mainframe Software Rationalization Program want to reduce costs and rationalize your mainframe software change management environment? agility made possible CA Endevor Software Change Manager
More information1 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com. CA Security SaaS Validation Program. Copyright 2015 CA. All Rights Reserved.
1 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com CA Security SaaS Validation Program 2 CA SECURITY SAAS VALIDATION PROGRAM 2015 ca.com At a Glance KEY BENEFITS/ RESULTS The CA Security SaaS Validation
More informationCA Technologies Healthcare security solutions:
CA Technologies Healthcare security solutions: Protecting your organization, patients, and information agility made possible Healthcare industry imperatives Security, Privacy, and Compliance HITECH/HIPAA
More informationHow Can I Deliver Innovative Customer Services Across Increasingly Complex, Converged Infrastructure With Less Management Effort And Lower Cost?
solution brief September 2012 How Can I Deliver Innovative Customer Services Across Increasingly Complex, Converged Infrastructure With Less Management Effort And Lower Cost? Converged Infrastructure Management
More informationagility made possible
SOLUTION BRIEF CA Private Cloud Accelerator for Vblock Platforms how quickly can your private cloud support the increasing demand for business services and accelerate time-to-value for your Vblock platforms
More informationCA Arcot RiskFort. Overview. Benefits
PRODUCT SHEET: CA Arcot RiskFort CA Arcot RiskFort CA Arcot RiskFort provides real-time protection against identity theft and online fraud via risk based, adaptive authentication. It evaluates the fraud
More informationagility made possible
SOLUTION BRIEF ConfigXpress Utility in CA IdentityMinder can my identity management solution quickly adapt to changing business requirements and processes? agility made possible With the ConfigXpress tool
More informationSOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?
SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT
More informationSOLUTION BRIEF CA Cloud Compass how do I know which applications and services to move to private, public and hybrid cloud? agility made possible
SOLUTION BRIEF CA Cloud Compass how do I know which applications and services to move to private, public and hybrid cloud? agility made possible You don t. But you can get complete visibility to the cloud
More informationSecurely Outsourcing to the Cloud: Five Key Questions to Ask
WHITE PAPER JULY 2014 Securely Outsourcing to the Cloud: Five Key Questions to Ask Russell Miller Tyson Whitten CA Technologies, Security Management 2 WHITE PAPER: SECURELY OUTSOURCING TO THE CLOUD: FIVE
More informationSOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management
SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management improving SAP security with CA Identity and Access Management The CA Identity and Access Management (IAM) suite can help you
More informationEXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES
pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon
More informationCA Service Desk Manager
DATA SHEET CA Service Desk Manager CA Service Desk Manager (CA SDM), on-premise or on-demand, is designed to help you prevent service disruptions, better manage change risks, and provides a 360-degree
More informationGovernance and Control of Privileged Identities to Reduce Risk
WHITE PAPER SEPTEMBER 2014 Governance and Control of Privileged Identities to Reduce Risk Merritt Maxim CA Security Management 2 WHITE PAPER: PRIVILEGED IDENTITY GOVERNANCE Table of Contents Executive
More informationSallie Mae slashes change management costs and complexity with CA SCM
CUSTOMER SUCCESS STORY Sallie Mae slashes change management costs and complexity with CA SCM CUSTOMER PROFILE Industry: Financial services Company: Sallie Mae Customers: 23 million Student loan portfolio:
More informationSimplify and Secure Cloud Access to Critical Business Data
SAP Brief SAP Technology SAP Cloud Identity Objectives Simplify and Secure Cloud Access to Critical Business Data Gain simplicity and security in a single cloud solution Gain simplicity and security in
More informationmanaging SSO with shared credentials
managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout
More informationCA Technologies optimizes business systems worldwide with enterprise data model
CUSTOMER SUCCESS STORY CA Technologies optimizes business systems worldwide with enterprise data model CLIENT PROFILE Industry: IT Organization: CA Technologies Employees: 13,600 Revenue: $4.8 billion
More informationWhite paper December 2008. Addressing single sign-on inside, outside, and between organizations
White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli
More informationWIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com
WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM) www.wipro.com Table of Contents 03...Introduction 04...Wipro Cloud (WIC) as a Service Type 05...Wipro Cloud Capabilities
More informationSOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business
SOLUTION BRIEF MOBILE SECURITY Securely Accelerate Your Mobile Business CA Technologies allows you to accelerate mobile innovation for customers and employees without risking your enterprise data or applications.
More informationSecurity Services. Benefits. The CA Advantage. Overview
PRODUCT BRIEF: CA SITEMINDER FEDERATION SECURITY SERVICES CA SiteMinder Federation Security Services CA SITEMINDER FEDERATION SECURITY SERVICES EXTENDS THE WEB SINGLE SIGN-ON EXPERIENCE PROVIDED BY CA
More informationHow To Use Ca Product Vision
DATA SHEET CA Product Vision CA Product Vision helps manage project and product requirements and enables a comprehensive release planning process insuring only the features your customers really need are
More informationHow to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications
SOLUTION BRIEF: PROTECTING ACCESS TO THE CLOUD........................................ How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications Who should read this
More informationSOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio
SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY Identity-centric Security: The ca Securecenter Portfolio How can you leverage the benefits of cloud, mobile, and social media, while protecting
More informationHow can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?
SOLUTION BRIEF Content Aware Identity and Access Management May 2010 How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward? we can CA Content
More informationVALUE PROPOSITION FOR SERVICE PROVIDERS. Helping Service Providers accelerate adoption of the cloud
VALUE PROPOSITION FOR SERVICE PROVIDERS Helping Service Providers accelerate adoption of the cloud Partnership with Service Providers Enabling Your Cloud Services in Complex Environments Today s challenge
More informationHow Can Central IT Use Cloud Technologies to Revolutionize Remote Store Operation?
SOLUTION BRIEF CA APPLOGIC CLOUD PLATFORM FOR ENTERPRISE How Can Central IT Use Cloud Technologies to Revolutionize Remote Store Operation? agility made possible CA AppLogic combines applications, virtual
More information5 Pillars of API Management with CA Technologies
5 Pillars of API Management with CA Technologies Introduction: Managing the new open enterprise Realizing the Opportunities of the API Economy Across industry sectors, the boundaries of the traditional
More informationTECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management
TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 The Need for
More informationcontent-aware identity & access management in a virtual environment
WHITE PAPER Content-Aware Identity & Access Management in a Virtual Environment June 2010 content-aware identity & access management in a virtual environment Chris Wraight CA Security Management we can
More informationDatacenter Management and Virtualization. Microsoft Corporation
Datacenter Management and Virtualization Microsoft Corporation June 2010 The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the
More informationSOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite
SOLUTION BRIEF Enterprise Mobility Management Critical Elements of an Enterprise Mobility Management Suite CA Technologies is unique in delivering Enterprise Mobility Management: the integration of the
More informationHow To Comply With Ffiec
SOLUTION BRIEF authentication in the internet banking environment: The solution for FFIEC compliance from CA Technologies agility made possible Introduction to FFIEC Compliance In October of 2005, the
More informationCA Federation Manager
PRODUCT BRIEF: CA FEDERATION MANAGER CA FEDERATION MANAGER PROVIDES STANDARDS-BASED IDENTITY FEDERATION CAPABILITIES THAT ENABLE THE USERS OF ONE ORGANIZATION TO EASILY AND SECURELY ACCESS THE DATA AND
More informationagility made possible
SOLUTION BRIEF Flexibility and Choices in Infrastructure Management can IT live up to business expectations with soaring infrastructure complexity and challenging resource constraints? agility made possible
More informationProvide access control with innovative solutions from IBM.
Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business
More informationBusiness-Driven, Compliant Identity Management
SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance
More informationInteroperate in Cloud with Federation
Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra
More informationagility made possible
SOLUTION BRIEF CA IT Asset Manager how can I manage my asset lifecycle, maximize the value of my IT investments, and get a portfolio view of all my assets? agility made possible helps reduce costs, automate
More informationsolution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms?
solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms? CA Capacity Management and Reporting Suite for Vblock Platforms
More informationAn Overview of Samsung KNOX Active Directory-based Single Sign-On
C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationProduct overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities
PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationIntroductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management
Introductions KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management Agenda 1. Introduction 2. What is Cloud Computing? 3. The Identity Management
More informationaccelerating time to value in Microsoft Hyper-V environments
SOLUTION BRIEF accelerating time to value in Microsoft Hyper-V environments 01 CA Technologies 30-year partnership with Microsoft uniquely positions us to help you exceed your Microsoft virtual and cloud
More informationFederated Identity and Single Sign-On using CA API Gateway
WHITE PAPER DECEMBER 2014 Federated Identity and Single Sign-On using Federation for websites, Web services, APIs and the Cloud K. Scott Morrison VP Engineering and Chief Architect 2 WHITE PAPER: FEDERATED
More informationhow can I virtualize my mission-critical servers while maintaining or improving security?
SOLUTION BRIEF Securing Virtual Environments how can I virtualize my mission-critical servers while maintaining or improving security? agility made possible CA ControlMinder for Virtual Environments provides
More informationCA point of view: Content-Aware Identity & Access Management
TECHNOLOGY BRIEF CA Point of View: Content-Aware Identity and Access Management March 2011 CA point of view: Content-Aware Identity & Access Management table of contents EXECUTIVE SUMMARY SECTION 1 Challenge
More informationjourney to a hybrid cloud
journey to a hybrid cloud Virtualization and Automation VI015SN journey to a hybrid cloud Jim Sweeney, CTO GTSI about the speaker Jim Sweeney GTSI, Chief Technology Officer 35 years of engineering experience
More informationHow can Identity and Access Management help me to improve compliance and drive business performance?
SOLUTION BRIEF: IDENTITY AND ACCESS MANAGEMENT (IAM) How can Identity and Access Management help me to improve compliance and drive business performance? CA Identity and Access Management automates the
More informationcan you effectively plan for the migration and management of systems and applications on Vblock Platforms?
SOLUTION BRIEF CA Capacity Management and Reporting Suite for Vblock Platforms can you effectively plan for the migration and management of systems and applications on Vblock Platforms? agility made possible
More informationHow Technology Supports Project, Program and Portfolio Management
WHITE PAPER: HOW TECHNOLOGY SUPPORTS PROJECT, PROGRAM AND PORTFOLIO MANAGEMENT SERIES 4 OF 4 How Technology Supports Project, Program and Portfolio Management SEPTEMBER 2007 Enrico Boverino CA CLARITY
More informationAchieve Your Business and IT Goals with Help from CA Services
Achieve Your Business and IT Goals with Help from CA Services How Does CA Services Approach an Engagement? Whether its planning, implementing or running our industry leading software, CA Services can help
More informationClosing the Biggest Security Hole in Web Application Delivery
WHITE PAPER DECEMBER 2014 Closing the Biggest Security Hole in Web Application Delivery Addressing Session Hijacking with CA Single Sign-On Enhanced Session Assurance with DeviceDNA Martin Yam CA Security
More informationThe Advantages of Converged Infrastructure Management
SOLUTION BRIEF Converged Infrastructure Management from CA Technologies how can I deliver innovative customer services across increasingly complex, converged infrastructure with less management effort
More informationWhen millions need access: Identity management in an increasingly connected world
IBM Software Thought Leadership White Paper January 2011 When millions need access: Identity management in an increasingly connected world Best practice solutions that scale to meet today s huge numbers
More informationIBM Tivoli Federated Identity Manager
IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations
More informationhow can I comprehensively control sensitive content within Microsoft SharePoint?
SOLUTION BRIEF Information Lifecycle Control for Sharepoint how can I comprehensively control sensitive content within Microsoft SharePoint? agility made possible CA Information Lifecycle Control for SharePoint
More informationA to Z Information Services stands out from the competition with CA Recovery Management solutions
Customer success story October 2013 A to Z Information Services stands out from the competition with CA Recovery Management solutions Client Profile Industry: IT Company: A to Z Information Services Employees:
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationAsentinel Telecom Expense Management (TEM)
PRODUCT BRIEF: ASENTINEL TELECOM EXPENSE MANAGEMENT (TEM) Asentinel Telecom Expense Management (TEM) Asentinel 6.0 is a comprehensive global telecom expense management software solution encompassing the
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationBuilding a Roadmap to Robust Identity and Access Management
Building a Roadmap to Robust Identity and Access Management Elevating IAM from Responsive to Proactive From cases involving private retailers to government agencies, instances of organizations failing
More informationSOLUTION BRIEF BIG DATA MANAGEMENT. How Can You Streamline Big Data Management?
SOLUTION BRIEF BIG DATA MANAGEMENT How Can You Streamline Big Data Management? Today, organizations are capitalizing on the promises of big data analytics to innovate and solve problems faster. Big Data
More informationhow can I improve performance of my customer service level agreements while reducing cost?
SOLUTION BRIEF CA Business Service Insight for Service Level Management how can I improve performance of my customer service level agreements while reducing cost? agility made possible By automating service
More informationBroadcloud improves competitive advantage with efficient, flexible and scalable disaster recovery services
CUSTOMER SUCCESS STORY Broadcloud improves competitive advantage with efficient, flexible and scalable disaster recovery services CLIENT PROFILE Industry: IT services Company: Broadcloud Staff: 40-plus BUSINESS
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 4 4 Copyright... 5
This document is licensed to iwelcome KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger April 2015 iwelcome Identity & Access Management as a Service iwelcome delivers Identity and Access Management
More informationSafeguarding the cloud with IBM Dynamic Cloud Security
Safeguarding the cloud with IBM Dynamic Cloud Security Maintain visibility and control with proven security solutions for public, private and hybrid clouds Highlights Extend enterprise-class security from
More informationIdentity & Access Management in the Cloud: Fewer passwords, more productivity
WHITE PAPER Strategic Marketing Services Identity & Access Management in the Cloud: Fewer passwords, more productivity Cloud services are a natural for small and midsize businesses, with their ability
More informationCan My Identity Management Solution Quickly Adapt to Changing Business Requirements and Processes?
SOLUTION BRIEF CONFIG XPRESS UTILITY IN CA IDENTITY MANAGER Can My Identity Management Solution Quickly Adapt to Changing Business Requirements and Processes? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR
More informationCA Business Service Insight
DATA SHEET CA Business Service Insight With CA Business Service Insight, you can know what services are being used within your business, improve service performance while helping to reduce operating costs,
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationCitrix OpenCloud Access. Accelerate cloud computing adoption and simplify identity management. www.citrix.com
Citrix OpenCloud Access White Paper Citrix OpenCloud Access Accelerate cloud computing adoption and simplify identity management www.citrix.com Executive summary Cloud-hosted application delivery models
More informationcan you simplify your infrastructure?
SOLUTION BRIEF CA Virtual Desktop Automation for Vblock Platforms can you simplify your infrastructure? agility made possible You Can. With services that increase the speed of virtual provisioning on Vblock
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationIdentity Centric Security: Control Identity Sprawl to Remove a Growing Risk
Identity Centric Security: Control Identity Sprawl to Remove a Growing Risk John Hawley VP, Security CA Technologies September 2015 Today s Theme: Preparing for the Adversary How to Prepare Your Organization
More informationCA Clarity PPM. Overview. Benefits. agility made possible
PRODUCT SHEET CA Clarity PPM agility made possible CA Clarity Project & Portfolio Management (CA Clarity PPM) helps you innovate with agility, transform your portfolio with confidence, and sustain the
More informationRadix Technologies China establishes compelling cloud services using CA AppLogic
CUSTOMER SUCCESS STORY Radix Technologies China establishes compelling cloud services using CA AppLogic CUSTOMER PROFILE Industry: IT services Company: Radix Technologies China Employees: 25 BUSINESS Radix
More informationCA Technologies Empowers Employees with Better Access to Applications via OneAccess Mobile App
CUSTOMER SUCCESS STORY SEPTEMBER 2014 CA Technologies Empowers Employees with Better Access to Applications via OneAccess Mobile App CLIENT PROFILE Industry: IT Company: CA Technologies Employees: 13,000
More informationGenesis Energy delivers IT projects faster with standardised processes and CA Clarity PPM.
CUSTOMER TECHNICAL BRIEF: CREATING A CENTRALISED MATURITY MODEL FOR PROJECT AND RESOURCE MANAGEMENT Genesis Energy delivers IT projects faster with standardised processes and CA Clarity PPM. Table of Contents
More informationIdentity and Access Management for the Cloud
Identity and Access Management for the Cloud What you need to know about managing access to your clouds Organizations need to control who has access to which systems and technology within the enterprise.
More informationPeople-Focused Access Management. Software Consulting Support Services
People-Focused Access Management Software Consulting Support Services A beautiful experience. Anytime, anywhere. Access: One is an industry-leading Access Management platform that provides you with versatile
More informationMoving Single Sign-on (SSO) Beyond Convenience
Moving Single Sign-on (SSO) Beyond Convenience Written by Todd Peterson, IAM evangelist, Dell Software Introduction For years, single sign-on (SSO) has been the poster child for identity and access management
More informationThe Future of Workload Automation in the Application Economy
The Future of Workload Automation in the Application Economy Success Requires Agility in the Application Economy The link between data center operations and business agility has never been stronger. If
More information