Connecting Users with Identity as a Service

Similar documents
Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Pick Your Identity Bridge

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

Enable Your Applications for CAC and PIV Smart Cards

Identity. Provide. ...to Office 365 & Beyond

CA Single Sign-On Migration Guide

Extend and Enhance AD FS

pingidentity.com IDENTITY SECURITY TRENDS IN THE MOBILE ERA

Flexible Identity Federation

Customer Identity and Access Management (CIAM) Buyer s Guide

The Primer: Nuts and Bolts of Federated Identity Management

PingFederate. SSO Integration Overview

How to Extend Identity Security to Your APIs

How to Get to Single Sign-On

PingFederate. Integration Overview

WHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)

Three Ways to Integrate Active Directory with Your SaaS Applications OKTA WHITE PAPER. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

STRONGER AUTHENTICATION for CA SiteMinder

How to Overcome Challenges in Deploying Cloud Apps to Get the Most from your IAM Investment

expanding web single sign-on to cloud and mobile environments agility made possible

EXECUTIVE VIEW. Centrify Identity Service. KuppingerCole Report. by Martin Kuppinger January 2015

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report

A Standards-based Mobile Application IdM Architecture

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

How To Manage A Plethora Of Identities In A Cloud System (Saas)

Identity and Access Management for the Hybrid Enterprise

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

white paper 5 Steps to Secure Internet SSO Overview

UNIVERSITY OF COLORADO Procurement Service Center INTENT TO SOLE SOURCE PROCUREMENT CU-JL SS. Single Sign-On (SSO) Solution

Simple Cloud Identity Management (SCIM)

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

Identity in the Cloud

SAML 101. Executive Overview WHITE PAPER

OpenID Connect 1.0 for Enterprise

managing SSO with shared credentials

Cloud User and Access Management

Six Best Practices for Cloud-Based IAM

IDC MarketScape: Worldwide Federated Identity Management and Single Sign-On 2014 Vendor Assessment

Azure Active Directory

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

The Top 5 Federated Single Sign-On Scenarios

WIPRO IDENTITY CLOUD UNLEASHING THE NEXT GENERATION OF IDENTITY AND ACCESS MANAGEMENT (IAM)

Adding Stronger Authentication to your Portal and Cloud Apps

Speeding Office 365 Implementation Using Identity-as-a-Service

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Interoperate in Cloud with Federation

TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE

Keynote: Gartner Magic Quadrants and MarketScopes. Ant Allan Felix Gaehtgens Gregg Kreizman Earl Perkins Brian Iverson

SAML SSO Configuration

Simplify and Secure Cloud Access to Critical Business Data

MY1LOGIN SOLUTION BRIEF: PROVISIONING. Automated Provisioning of Users Access to Apps

People-Focused Access Management. Software Consulting Support Services

The Top 3 Identity Management Considerations When Implementing Google Apps for the Enterprise

White paper Contents

Top 8 Identity and Access Management Challenges with Your SaaS Applications. Okta White paper

The Role of Federation in Identity Management

NCSU SSO. Case Study

An Overview of Samsung KNOX Active Directory and Group Policy Features

USING FEDERATED AUTHENTICATION WITH M-FILES

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Active Directory Integration WHITEPAPER

Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Vyom SSO-Edge: Single Sign-On for BMC Remedy

Securing WebFOCUS A Primer. Bob Hoffman Information Builders

The Who, What, When, Where and Why of IAM Bob Bentley

TrustedX - PKI Authentication. Whitepaper

Office365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street San Francisco, CA

Federated Identity and Single Sign-On using CA API Gateway

The increasing popularity of mobile devices is rapidly changing how and where we

Extending Identity and Access Management

Automating User Management and Single Sign-on for Salesforce.com OKTA WHITE PAPER. Okta Inc nd Street Suite 350 San Francisco CA, 94107

Flexible Identity Federation

CA SiteMinder SSO Agents for ERP Systems

SECUREAUTH IDP AND OFFICE 365

White paper December Addressing single sign-on inside, outside, and between organizations

IBM Tivoli Federated Identity Manager

The Primer: Nuts and Bolts of Federated Identity Management

RFP BOR-1511 Federated Identity Services - Response to Questions / Answers

Security Services. Benefits. The CA Advantage. Overview

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

Cloud SSO and Federated Identity Management Solutions and Services

Single Sign On. SSO & ID Management for Web and Mobile Applications

Executive Buyer s Guide to Identity and Access Management Solutions

<Insert Picture Here> Oracle Identity And Access Management

Junos Pulse Secure Access Service Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and Agility

Cloud Computing. Chapter 5 Identity as a Service (IDaaS)

Secure Access Control for Mobile, Cloud, and Web Apps

Transcription:

Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service When investigating identity and access management (IAM) solutions for workforce, partners and customers, there are many options available. Existing on-premises IAM solutions typically work well for providing single sign-on (SSO) to employees, but open up a set of challenges when organizations want to provide access to their customers and partners. Organizations with traditional IAM are therefore faced with complexity and a choice add customers and partners to existing user directories, such as Microsoft Active Directory (AD), and take on the licensing and user administration costs, or look to alternatives. Unfortunately, with the first option s complexity, partners and customers must settle for less and IT with forced cost and compromises for implementation not ideal. Fortunately, there is an alternative to the complexity, cost and comprises. Identity as a Service (IDaaS) is growing as a common deployment model for organizations. An IDaaS solution provides a cloud-based option to give all of your users the same easy access to all of the applications they need. By the end of 2017, 20% of IAM purchases will use the IDaaS delivery model, up from less than 10% in 2014. Gregg Kreizman, Gartner 2 1

Solution Benefits Single sign-on to all your applications for all of your users Centralized control for IT with convenience for end users Integration with your existing security investments Introducing PingOne, Identity as a Service PingOne, an Identity as a Service (IDaaS) solution, delivers a centralized solution to provide single sign-on to all of the applications your employees, customers and partners need, while keeping it under your control. Deliver the Applications Users Need Multiple usernames and passwords simply no longer work as a primary security practice. Still, end users need access to a variety of applications including SaaS, custom and packaged applications. With PingOne, you can give centralized access to all of the applications end users need. PingOne provides a number of ways to access your SaaS, web, custom and legacy applications. It also offers a customizable user portal that is available via a web browser, as well as via mobile applications for Apple and Android. Users access all of their applications via the PingOne web-portal or mobile app. This user interface can be customized to match your branding for your users, customer and partners. Already have a portal? Not a problem. PingOne can integrate with your existing portal to provide SSO access to all of your applications. Users will only be shown the applications they have been granted access to via their role or group membership. 2

PingOne has been consistently named a leader by independent research firms Gartner, Forrester, IDC and KuppingerCole. Give Access to Applications Through an Application Catalog PingOne offers flexibility on how to provide applications to your end users. It includes an application catalog with thousands of pre-configured applications and allows you to define new applications yourself. Basic or Federated Single Sign-On Connections are made to applications using basic or federated SSO. With basic SSO, a webbrowser extension is used to securely relay passwords to web applications. The user is prompted to sign on to their application as they normally would the first time. PingOne will then use those credentials to sign on to those applications in the future. The credentials are encrypted locally on the end-user s device and stored in PingOne. PingOne never has access to those credentials. With federated SSO, sign-on to SaaS applications is done via Security Assertion Markup Language (SAML), an open standard used to exchange authentication and authorization data between an identity provider (PingOne) and a service provider (your SaaS application). With SAML, a single connection is made to your SaaS application and PingOne. Ping Identity solutions work with: Web Servers: Apache, Microsoft IIS Application Servers: Oracle WebLogic, IBM Websphere Web Access Management: CA SiteMinder, Oracle Access Manager, RSA Access Manager Commercial Applications: PeopleSoft, ADP, SharePoint Virtualization Technologies: Citrix XenApp, Amazon Web Services Custom Applications: Java,.NET, PHP, Perl, Python For more information, visit our Applications Integration page. 3

Managing Users If you are like most organizations, you need to provide applications to your workforce, customers and partners. With PingOne, you get unmatched flexibility to work with your existing identity stores, while providing options for the future. Bridging Existing Identity Stores The challenge with existing on-premises identity systems that leverage Kerberos and LDAP is that they cannot make the leap to SaaS applications. Without coding or extensive customization, external identities (partners or customers) won t be able to readily connect from their environments to on-premises resources. Unlike legacy on-premises systems, PingOne can work with your existing identity stores by providing an identity bridge to your existing investments. The identity bridge is important for both to the cloud and from the cloud application access. PingOne offers a number of identity bridge options to work with your existing stores. If you are using Microsoft Active Directory, Ping Identity offers AD Connect, a lightweight agent that connects to Active Directory and provides a single, outbound federation identity provider and provisioning connection to PingOne. From there, PingOne takes care of SSO to your applications. PingOne gives you the flexibility to work with multiple identity stores. If you have more complex needs, such as a legacy WAM or LDAP, PingOne provides an enterprise identity bridge that can be used with PingOne. Manage Your Users in PingOne In addition to working with your existing directories, PingOne includes a cloud-based directory. It is a user directory as a service in the cloud allowing your organization to move those identities to a service, and therefore streamline operations and reduce costs all at the same time. 4

One Directory for Customers, Partners and Occasional Users Your user population consists of more than just your employees. Today, you have a network of users, including demand chain partner users, supply chain partner users, customers, contractors, retirees and more. Why add the expense and hassle of managing these users in your existing onpremises directory? With the PingOne directory, you can provide access to your applications for occasional users with simplicity. The PingOne directory includes: Cloud User Management. Gain easy user management with the ability to customize the attribute schema for your needs. User Groups. Define and assign users to groups for simple management of users to applications and directory access entitlements. Directory Access Entitlements. Assign administrative rights for groups of users to manage other users in the directory. User Provisioning Via SCIM. Utilize automated on-boarding and off-boarding of users to applications using the SCIM standard. Give users access to apps when they need them and take away access when they don t. This provides a standards based approach to provisioning and eliminates proprietary APIs for provisioning. User Registration. Deliver quick and efficient access to applications for your end-users via a self-registration or anonymous registration process. This eliminates the need to create users and gets your users into your applications faster. API Support for Custom Applications. Leverage separate identity management and storage from your custom application by maintaining user data in PingOne directory through standards-based APIs. 5

Strong Authentication When your policies require strong authentication, PingOne offers an easy way to quickly add multi-factor authentication. As an optional component to PingOne, PingID provides a simple, yet elegantly secure way to provide additional factors of authentication to your applications. Deployed as an application on a users phone, end-users are prompted to respond to a challenge on their phone as a second factor. PingID can be used on individual applications, based upon IP address or a number of other factors to meet your policy needs. 6

Ping Identity has been consistently named a leader across multiple, independent industry evaluation and analyst reports: Gartner Magic Quadrant: Identity and Access Management as a Service, June, 2014 The IDC MarketScape: Federated Identity Management and Single Sign-On Market, March, 2014 The Forrester Wave : Identity And Access Management Suites, Q3 2013 KuppingerCole : Leadership Compass for Cloud User and Identity Access, Q3 2014 What You Get: PingOne as an IDaaS Solution Highlights SSO for all of your users. Give employees, customers and partners the same, secure one-click access. Integration with all of your applications. Provide one-click access to all of your SaaS, web, custom and legacy applications. Support for your existing user directories. Use an identity bridge to connect to your existing investments while providing SSO to all of your applications. Cloud user management. With the PingOne directory, easily manage users in the cloud and provide easy access to your applications with no on-premises requirements. Multi-factor authentication. With the optional PingID MFA solution, provide easy-to-use and secure strong authentication to meet your policies. Start using PingOne today Sign up today for a free trial of PingOne! Standards Support Ping Identity supports a complete portfolio of standards, including SAML, OAuth and OpenID Connect. In addition to supporting standards, Ping Identity actively participates in the standards development for critical new capabilities, like native mobile SSO (NAPPS). Customer Support Ping Identity has customers across North America, EMEA and APJ, and provides 24/7 support in multiple languages. Ping Identity is ranked among the top software companies in the world with a Net Promoter Score (NPS) of 58. 2014 Ping Identity Corporation. All rights reserved. Ping Identity, PingFederate, PingOne, PingEnable, the Ping Identity logo, and Cloud Identity Summit are registered trademarks, or servicemarks of Ping Identity Corporation. All other product and service names mentioned are the trademarks of their respective companies. About Ping Identity The Identity Security Company Ping Identity is The Identity Security Company. Ping Identity believes secure professional and personal identities underlie human progress in a connected world. Our identity and access management platform gives enterprise customers and employees one-click access to any application from any device. Over 1,200 companies, including half of the Fortune 100, rely on our award-winning products to make the digital world a better experience for hundreds of millions of people. Visit pingidentity.com for more information. 1/15.1 1, 2 Gartner Magic Quadrant for Identity and Access Management as a Service, Gregg Kreizman, 2 June 2014 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information