Identity & Access Management in the Cloud: Fewer passwords, more productivity



Similar documents
Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

STRONGER AUTHENTICATION for CA SiteMinder

Executive s Guide to Cloud Access Security Brokers

Top 8 Identity and Access Management Challenges with Your SaaS Applications. Okta White paper

ADDING STRONGER AUTHENTICATION for VPN Access Control

Speeding Office 365 Implementation Using Identity-as-a-Service

Top Eight Identity & Access Management Challenges with SaaS Applications. Okta White Paper

Google Identity Services for work

Microsoft Enterprise Mobility and Client Futures

Microsoft Enterprise Mobility Suite

Microsoft Enterprise Mobility Suite

VoiceTrust Whitepaper. Employee Password Reset for the Enterprise IT Helpdesk

NCSU SSO. Case Study

The Cloud App Visibility Blindspot

Guide to Evaluating Multi-Factor Authentication Solutions

Azure Active Directory

Top 8 Identity and Access Management Challenges with Your SaaS Applications. Okta Inc. 301 Brannan Street San Francisco, CA 94107

The Top 5 Federated Single Sign-On Scenarios

The Aim of IAM: Mycroft s XSpectra Delivers Identity & Access Management to Midmarket & SMBs

Building Secure Multi-Factor Authentication

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?

managing SSO with shared credentials

An Overview of Samsung KNOX Active Directory and Group Policy Features

Security Architecture Whitepaper

Enterprise Mobility Suite Overview. Joe Kuster Catapult Systems

Adding Stronger Authentication to your Portal and Cloud Apps

Identity and Access Management for the Hybrid Enterprise

Alexander De Houwer Technology Advisor Devices Win 10 Vincent Dal Technology Advisor Business Productivity

Move your business into the Cloud with one single, easy step.

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

SECUREAUTH IDP AND OFFICE 365

Centrify Cloud Connector Deployment Guide

Addressing the BYOD Challenge with Okta Mobility Management. Okta Inc. 301 Brannan Street San Francisco, CA

SAML SSO Configuration

ALM - Key benefits. t: +31(0) f: +31(0) Oude Oeverstraat JZ Arnhem The Netherlands. ALM Key benefits 01/01/2014 1

What s New in Centrify Privilege Service Centrify Identity Platform 15.4

Securing SharePoint Server with Windows Azure Multi- Factor Authentication

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible

Cisco Mobile Collaboration Management Service

FileCloud Security FAQ

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

Understanding Enterprise Cloud Governance

Cisco Software-as-a-Service (SaaS) Access Control

A HIGH-LEVEL GUIDE TO EFFECTIVE IDENTITY MANAGEMENT IN THE CLOUD

Windows Phone 8.1 in the Enterprise

Identity & Access Management

Active Directory Integration twitter.com/onelogin ONELOGIN WHITEPAPER

WINDOWS SERVER SMALL BUSINESS SOLUTIONS. Name: Marko Drev

Internet threats: steps to security for your small business

Agenda. Enterprise challenges. Hybrid identity. Mobile device management. Data protection. Offering details

IDENTITY & ACCESS MANAGEMENT

Microsoft Azure Multi-Factor authentication. (Concept Overview Part 1)

Simplify SSL Certificate Management Across the Enterprise

Grow Your Business with Confidence

Media Shuttle s Defense-in- Depth Security Strategy

CLOUD ACCESS SECURITY BROKERS

RSA Identity Management & Governance (Aveksa)

The Essential Security Checklist. for Enterprise Endpoint Backup

The problem with privileged users: What you don t know can hurt you

expanding web single sign-on to cloud and mobile environments agility made possible

Cloud Services Catalog with Epsilon

Cayosoft Administrator. Modern Administration. Cayosoft.com. Unify, Simplify and Secure Microsoft Administration. Features at a Glance

Assuring Application Security: Deploying Code that Keeps Data Safe

Take Control of Identities & Data Loss. Vipul Kumra

Moving Beyond User Names & Passwords

CA Technologies Empowers Employees with Better Access to Applications via OneAccess Mobile App

Microsoft Windows Intune: Cloud-based solution

Active Directory Integration WHITEPAPER

Dell SonicWALL Secure Virtual Assist: Clientless remote support over SSL VPN

Endpoint Virtualization for Healthcare Providers

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

Securing your Mobile Workforce with Okta and Espion

People-centric IT: Bedeutung für das Identity und Access Management. Uwe Lüthy Solution Sales Specialist Core Infrastructure Microsoft Schweiz Gmbh

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

E l i m i n a t i n g Au t hentication Silos and Passw or d F a t i g u e w i t h Federated Identity a n d Ac c e s s

Enterprise Mobility Services

White Paper. Simplify SSL Certificate Management Across the Enterprise

Enterprise Mobility Suite (EMS) Sean Lewis Principal Partner Technology Strategist

Five Best Practices for Secure Enterprise Content Mobility

Made for MSPs by an MSP

IT Resource Management vs. User Empowerment

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Bill Fiddes Learning and Development Specialist Rob Latino Program Manager in Office 365 Support

Business-Driven, Compliant Identity Management

How to Overcome Challenges in Deploying Cloud Apps to Get the Most from your IAM Investment

Seven Things To Consider When Evaluating Privileged Account Security Solutions

WHITE PAPER AUGUST 2014

Contextual Authentication: A Multi-factor Approach

Transcription:

WHITE PAPER Strategic Marketing Services Identity & Access Management in the Cloud: Fewer passwords, more productivity Cloud services are a natural for small and midsize businesses, with their ability to reduce costs, lower IT head count and improve business agility. But as they move more and more applications to the cloud, SMBs are coming face to face with some serious challenges the cloud presents with respect to identity management. Providing employees with secure, anytime, anywhere access to applications that may be hosted on company premises or in the cloud can be a difficult proposition. Premises-based identity management solutions may not extend to external service providers. But it s too cumbersome, time-consuming and error-prone to manually configure access to every application a user may need. In the end, SMBs may find it difficult to achieve the strict levels of control they need, especially if they have to meet regulatory compliance requirements. What SMBs need is an identity and access management (IAM) solution that spans both their internal IT infrastructure and external, cloud-based services, giving them one tool with which to manage both environments. Such a tool would deliver enhanced productivity for employees, who will be able to access the applications they need no matter where they are or what devices they re using. At the same time, the tool should provide the kind of security that IT and the business require. In short, it should empower users while protecting the business.

2 IDENTITY & ACCESS MANAGEMENT IN THE CLOUD RISE OF THE CLOUD SMBs will need such a solution soon (if they haven t deployed one already), because interest in the cloud is going nowhere but up. More than two-thirds (69 percent) of the respondents to the 2014 IDG Enterprise Cloud Computing Survey said they have at least one application in the cloud, up from just over half two years ago. Another 18 percent plan to use cloud applications or infrastructure within 12 months, and 13 percent plan to within one to three years. Add those numbers up, and you ll find that fully 100 percent of the survey respondents have plans to utilize the cloud. What s more, the survey found that the responses were similar across companies of all sizes, meaning that SMBs are using cloud services just as much as larger enterprises are. TOP CLOUD CHALLENGES When asked about their top challenges with respect to implementing cloud solutions, respondents to the IDG survey made it clear that security was front and center and many of the responses speak to the need for effective IAM. When the respondents were asked more specifically about the top challenges of security in the cloud, three of the top responses had to do with IAM: Uncertain ability to enforce security policy: 56 percent Questionable privileged access control at provider site: 42 percent Uncertainty that the provider meets regulatory requirements: 41 percent In practice, these challenges present myriad difficulties for IT and employees alike. Difficulty ensuring proper authorizations For IT it becomes difficult to be sure all employees have the appropriate level of access to data and applications meaning no more or less than they should. Most companies have well-established IAM tools, policies and procedures in place to ensure that employees can access only those resources for which they have the appropriate authorization. But those tools often don t extend to data and applications that reside in the cloud, which raises security and potentially regulatory issues. Security including access authorization, data integrity and data protection was the top cloud concern for IT executives, cited by 56 percent of those at SMBs specifically. What s more, those IT execs said line-of-business executives share their concerns, with 52 percent saying security is their top concern with respect to the cloud. Asked what issues needed to be addressed before they could fully embrace the cloud, the IDG survey respondents again put security at the top of the list. More than half (56 percent) said providers need to ensure security so they can meet compliance requirements. More than two-thirds (69%) of the respondents said they have at least one application in the cloud, up from just over half two years ago. SMBs are using cloud services just as much as larger enterprises are. 2014 IDG Enterprise Cloud Computing Survey

3 IDENTITY & ACCESS MANAGEMENT IN THE CLOUD Without visibility into cloud-based offerings, IT can t produce the kind of comprehensive reports it routinely produces on in-house applications, networks and other resources. AZURE ACTIVE DIRECTORY: A COMPREHENSIVE IAM SOLUTION The antidote for all these ailments is an IAM solution that can span both the customer on-premises and cloud-based resources: Microsoft Azure Active Directory (Azure AD) Premium. SMBs are likely already familiar with Active Directory (AD) and how it provides directory services and single sign-on for their internal resources. Azure AD Premium does the same for cloudbased applications and resources and even more, by combining directory services, identity governance and application access management tools. Azure AD Premium provides directory services for all Microsoft cloud-based solutions, including Office 365, the Intune mobile device management solution and Azure cloud services. It is also designed to work with on-premises Active Directory and other directories, enabling SMBs to leverage their existing on-premises infrastructure for managing cloud resources. Arduous onboarding process Similarly, without IAM tools that extend to the cloud, the process of onboarding new employees and removing access for employees as they leave the organization is largely a manual one. That makes it far more cumbersome, time-consuming and error-prone than using an IAM tool. Password reset woes Password resets are another issue. Most companies long ago automated the process of letting employees reset their own passwords, removing a significant burden from IT help desks. Without an IAM solution that extends to the cloud, IT may well be back in the password reset business, losing valuable time in the process. Insufficient reporting What s more, without visibility into cloud-based offerings, IT can t produce the kind of comprehensive reports it routinely produces on in-house applications, networks and other resources. Such reporting is essential to identify issues such as imminent security threats to the organization, as well as performance and usage trends. In some cases, the lack of such reporting may make it difficult for the organization to deal with audits and meet regulatory requirements. Lost productivity Perhaps worst of all, these IAM issues may prevent employees from being able to get consistent, reliable access to all the applications and data they need to do their jobs. That can lead to employee frustration and loss of productivity. Single sign-on for thousands of apps Azure AD Premium provides numerous benefits to SMBs, beginning with single sign-on to thousands of applications, including on-premises business applications as well as cloud-based and even consumer apps. Just as AD has long been offering single sign-on for on-premises apps, it can now extend it to the cloud. Support for self-service capabilities SMBs will also benefit from several self-service capabilities, including password reset. This capability can significantly reduce IT support costs while increasing end user productivity. When users forget or want to change a password for a cloud or on-premises application, they can reset it on their own, with no help from IT. All the user groups an organization has already created in its on-premises AD environment can be extended to cloud offerings, making it easy for IT to authorize groups of users for various cloud applications. IT can also delegate group ownership to one or more authorized group members, enabling them to handle join and leave requests as well as requests to join other groups, again freeing IT resources. Similarly, IT can delegate certain users to act as administrators for users within their group or business unit. These administrators can then manage the users, applications and permissions associated with their unit, handling requests for applications and the like. This enables even larger SMBs to easily manage the organization in a distributed fashion, ensuring that those with direct responsibility for various employees are the ones managing their rights and permissions.

4 IDENTITY & ACCESS MANAGEMENT IN THE CLOUD Multifactor authentication To provide an extra level of identity assurance, Azure AD Premium supports multifactor authentication. In addition to a username and password, organizations can also require use of an extra means of authentication when users log in. Azure AD Premium supports various options, including push notifications and one-time passwords, phone calls and text messages each including a code that users must enter to be approved for log-in. Multifactor authentication reduces the risk of unauthorized user access, such as through phishing attacks, and may be required for regulatory compliance. It works for both on-premises and cloud applications and across both in a hybrid configuration. Users can also download the Azure Multi-Factor Authentication Server to provide added security when authenticating remote users, for web applications and for users connecting remotely. Conditional access controls In addition to multifactor authentication, Azure AD Premium supports conditional access controls. These controls enable an SMB to implement access policies that vary according to factors including the device in use, its level of trust, the location of the device, the time of day and what data or application the user is accessing. Controls can also apply to users, including their group membership, and to the strength of authentication required. With such controls, SMBs can differentiate between salespeople accessing the corporate network at headquarters, using their company-owned laptop, and HR execs trying to get at sensitive personnel data via the Wi-Fi network in a coffee shop. Advanced security reports and alerts Another important part of a good security plan is to be continuously vigilant and aware of any suspicious activity. Reporting and alerting are important components of that process. Azure AD Premium provides advanced security reports and alerts, enabling SMBs to create reports about issues such as suspicious log-in attempts, anomalous usage patterns, leaked credentials and sign-ins from potentially infected devices. Users can also create audit reports showing the activity of their most privileged users and administrators to ensure that they are not abusing their authority. AZURE ACTIVE DIRECTORY IN PRACTICE Azure AD Premium enables SMBs to institute several common business scenarios that make employees more productive without compromising security. These scenarios can span both on-premises and cloud applications and data. Enable a mobile workforce Organizations of all sizes are becoming more mobile as workers want even expect to be able to use the device of their choosing to access corporate resources from wherever they may be. The challenge for IT is to enable this mobile workforce in a way that s user-friendly for employees while being secure, compliant and auditable. With support for onpremises as well as cloud resources and for multifactor authentication and conditional access control, Azure AD Premium enables SMBs to control the use of data, applications and services. In short, it ensures that only trusted people and devices can access corporate resources. Provide access to partners and vendors SMBs often need to allow their partners, suppliers and perhaps even customers to access resources on the company network while using their own credentials. In the past, this often meant setting up federated relationships that enabled two organizations IAM solutions to trust each other. Although such federated configurations are effective, they can be complex to set up and maintain. With features due to be available in the fall of 2015, Azure AD Premium will provide an easier way, through a cloud- DIRECTORY OBJECTS

5 IDENTITY & ACCESS MANAGEMENT IN THE CLOUD based solution that enables IT to quickly grant access to thirdparty users without requiring a full-fledged federated setup. Ensure governance, risk management and compliance Cloud-based applications are no different from on-premises apps in terms of the need to ensure that only authorized users can access them. But when individual departments subscribe to cloud-based applications without informing IT, they can inadvertently expose the organization to unintended risk and compliance issues by removing the usual access controls. Azure AD Premium ensures that cloud applications are subject to the same access controls as existing on on-premises applications, because they are linked to the same centralized directory and use the same policies. As employees leave or join the organization, their accounts are automatically created or updated in Azure AD Premium, enabling IT to ensure that only authorized, current users have access to applications. Reporting capabilities that alert administrators to anomalous log-in attempts likewise help keep the organization secure. SEIZE THE CLOUD OPPORTUNITY WITH AZURE ACTIVE DIRECTORY There s no question that cloud offerings present SMBs with ample opportunity to lower their costs while increasing efficiency and agility. But these organizations will reap these benefits only if they can overcome some of the challenges cloud technology presents. Chief among the challenges is maintaining proper security for cloud-based applications and data. An important consideration is having an effective IAM strategy that spans both on-premises and cloud-based resources. Azure Active Directory Premium offers a solution enabling SMBs to easily extend the AD platform with which they are already familiar to also handle cloud solutions. Not using AD? Azure AD Premium also works with myriad other directory offerings. With Azure AD Premium, SMBs can reduce their risk while improving the productivity of their IT group and ensuring compliance with internal and external policies and regulations. To learn more about what Azure AD Premium can do for you, visit www.microsoft.com/azureactivedirectory.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information