Pick an Identity and Access Management Standard, Any

Similar documents

The Top 5 Federated Single Sign-On Scenarios

Introduction to Identity and Access Management for the engineers. Radovan Semančík April 2014

managing SSO with shared credentials

SAML SSO Configuration

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.

Domain 12: Guidance for Identity & Access Management V2.1

NCSU SSO. Case Study

SINGLE & SAME SIGN-ON ASPECTS

PRACTICAL IDENTITY AND ACCESS MANAGEMENT FOR CLOUD - A PRIMER ON THREE COMMON ADOPTION PATTERNS FOR CLOUD SECURITY

IDDY. Case Study: Rearden Commerce Delivers SaaS Via Federation WINNER

WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM)

Cloud Standards. Arlindo Dias IT Architect IBM Global Technology Services CLOSER 2102

EXECUTIVE VIEW. EmpowerID KuppingerCole Report. By Peter Cummings October By Peter Cummings

Flexible Identity Federation

OPENIAM ACCESS MANAGER. Web Access Management made Easy

The Primer: Nuts and Bolts of Federated Identity Management

Intelligent Security Design, Development and Acquisition

Azure Active Directory

Extend and Enhance AD FS

UNI. UNIfied identity management. Krzysztof Benedyczak ICM, Warsaw University

Identity Management for the Cloud

Provisioning and Deprovisioning 1 Provisioning/De-provisiong replacement 1

Identity and Access Management Policy

Research. Identity and Access Management Defined

The Unique Alternative to the Big Four. Identity and Access Management

Securing WebFOCUS A Primer. Bob Hoffman Information Builders

The Four "A's" of Information Security

Google Identity Services for work

Easy as 1-2-3: The Steps to XE. Mark Hoye Services Portfolio Consultant

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Quest One Identity Solution. Simplifying Identity and Access Management

CA Federation Manager

Federated Identity for Cloud Computing and Cross-organization Collaboration

Identity Access Management: Beyond Convenience

Security Services. Benefits. The CA Advantage. Overview

Bringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner

Identity & Access Management

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management

People-Focused Access Management. Software Consulting Support Services

The Primer: Nuts and Bolts of Federated Identity Management

SAML 101. Executive Overview WHITE PAPER

Extending Identity and Access Management

Identity Governance Evolution

Open Source Identity Integration with OpenSSO

Single-Sign-On between On-Premises and the Cloud: Leveraging Windows Azure Active Directory to authenticate custom solutions and Apps

BYE BYE PASSWORDS. The Future of Online Identity. Hans Zandbelt Sr. Technical Architect. CTO Office - Ping Identity

Ping Identity, Euro Cloud award entry

The Challenges of Web single sign-on

Enhancing Web Application Security

Masdar Institute Single Sign-On: Standards-based Identity Federation. John Mikhael ICT Department

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Case Study: SSO for All: SSOCircle Makes Single Sign-On Available to Everyone

Identity Relationship and Access Management for the Extended Enterprise

Customer Identity and Access Management (CIAM) Buyer s Guide

Nationwide and Regional Health Information Networks and Federated Identity for Authentication and HIPAA Compliance

IDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

Secure Your Enterprise with Usher Mobile Identity

The Aim of IAM: Mycroft s XSpectra Delivers Identity & Access Management to Midmarket & SMBs

Speeding Office 365 Implementation Using Identity-as-a-Service

Identity. Provide. ...to Office 365 & Beyond

How To Get A Single Sign On (Sso)

Single Sign On. SSO & ID Management for Web and Mobile Applications

SaaS at Pfizer. Challenges, Solutions, Recommendations. Worldwide Business Technology

Can We Reconstruct How Identity is Managed on the Internet?

Connecting Users with Identity as a Service

OpenSSO Monitoring Euro User Groups Winter 2010

Safewhere*Identify 3.4. Release Notes

Interoperable Provisioning in a Distributed World

pingidentity.com IDENTITY SECURITY TRENDS IN THE MOBILE ERA

Enterprise Management Solutions Protection Profiles

An Identity Management Survey. on Cloud Computing

Cloud Computing. Chapter 5 Identity as a Service (IDaaS)

The Role of Federation in Identity Management

Identity & Access Management in the Cloud: Fewer passwords, more productivity

ELM Manages Identities of 4 Million Government Program Users with. Identity Server

SAML-Based SSO Solution

CA Technologies Strategy and Vision for Cloud Identity and Access Management

SECUREAUTH IDP AND OFFICE 365

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES

The Future of Cloud Identity Security. Michael Schwartz Founder / CEO Gluu

Strategic Identity Management for Industrial Control Systems

A Shibboleth View of Federated Identity. Steven Carmody Brown Univ./Internet2 March 6, 2007 Giornata AA - GARR

Provisioning and deprovisioning in an identity federation

Interoperate in Cloud with Federation

A HIGH-LEVEL GUIDE TO EFFECTIVE IDENTITY MANAGEMENT IN THE CLOUD

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

Standard Operating Procedure (SOP): Information Security Standard Requirements for Software as a Service

Logout in Single Sign-on Systems

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

SAML 101 WHITE PAPER

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

Cloud-based Identity and Access Control for Diagnostic Imaging Systems

WHITEPAPER. Modern Identity. Addressing Risk, Complexity & User Experience

Increase the Security of Your Box Account With Single Sign-On

Integrating Single Sign-on Across the Cloud By David Strom

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

Accelerate Without Fear: Extend Your Enterprise with Identity Federation. Kirk Brown CTO, Identity Management Sun Microsystems

Transcription:

Pick an Identity and Access Management Standard, Any Standard Andras Cser Principal Analyst Forrester Research, Inc.

O l F d ti I C bl f Only Federation Is Capable of Meeting the Identity and Access Management Challenge.

Agenda Benefits of Federation Challenges of Federation Marketplace Trends Recommendations

Agenda Benefits of Federation Challenges of Federation Marketplace Trends Recommendations

The Benefits

Governance and Accountability Lower cost of security Lower cost of compliance Centralized and easier auditing of access Reduced need to audit partners Access recertification and deprovisioning is still difficult

Extended Business Services M&A activity is much easier and faster More authority for business units Delegated administration for business users End users need not to wait for remote password resets since passwords are administered locally SaaS adoption

Efficiency and Effectiveness Identity Administration is less costly it s done locally Consolidation of user repositories Standardized protocols (SAML, OpenID, etc.) reduce development effort and cost Replacing Web SSO Easier provisioning

Agenda Benefits of Federation Challenges of Federation Marketplace Trends Recommendations

Challenges of Federation Other IT priorities often take precedence Too many standards Lack of adoption at the potential partner Legal frameworks Circle of trust is bilateral, not multilateral

Challenges of Federation (cont d) Fear of hacking of the crown jewels No federation protocol translation No trusted IdPs Consumer Enterprise Business model is still lacking!

Agenda Benefits of Federation Challenges of Federation Marketplace Trends Recommendations

Security drives investment in IAM What is your firm's primary motivation for using identity and access management (IAM) within your enterprise? Improving delivery Don't know of services to 3% partners, customers, and/or employees 17% Cost reduction and worker productivity 9% Regulatory compliance 15% Security leads, but compliance has the budget! Governance 7% Security 49% Sample Size = 795 North American and European enterprise IT security decision-makers, whose firms are using IAM Source: Enterprise And SMB Security Survey, North America And Europe, Q3 2009

Single Sign-On and provisioning top list of IAM initiatives What are your firm's plans to adopt the following identity and access management (IAM) technologies? Planning to implement in the next 12 months Expanding/upgrading implementation Implemented, not expanding Enterprise/employee single sign on (E SSO) 14% 15% 16% Web single sign on /Web access management 12% 13% 16% Provisioning (automated user account administration) 12% 11% 13% Privileged user management 11% 8% 16% Multifactor authentication 11% 8% 16% Identity infrastructure consolidation 11% 8% 10% Role design 10% 8% 11% Consumer identity and access management 8% 6% 10% Federation 8% 5% 7% Hosted/outsourced IAM 5% 1% 4% Sample Size = 1009 North American and European enterprise IT security decision-makers\ Source: Enterprise And SMB Security Survey, North America And Europe, Q3 2009

of Secur rity Level Technology Federation Best practices Federation Security and Support of Standards SAML 2.0 SAML 1.x ID-WSF Liberty ID-FF 1.1/1.2 CardSpace WS-Federation OpenID Level of Commercial Support/Maturity

Enterprise major market trends ADFS 2.0 is late, little, but is here Consolidation of Web SSO and Federation Provisioning and de-provisioning is the next key step in federation Identity Proofing Access Recertification

Consumer major market trends The cost model is not robust OpenID is costly and not secure enough Functionality of OAuth will be eclipsed by SAML and attribute injection CardSpace is device dependent and is limited Facebook Connect solves the identity verification problem

Agenda Benefits of Federation Challenges of Federation Marketplace Trends Recommendations

Recommendations Coordinate with partners Create a template for a legal and technical framework Define data ownership and debugging responsibilities Pick a protocol: Facebook Connect or SAML Define, monitor and report cost/benefits to executive management KISS principle

Blur the lines Hosting/users External users Internal Users Externally hosted Priority Priority applications Internally hosted Priority Priority applications

Thank you Andras Cser +1 617/613-6365 acser@forrester.com