Más contenido relacionado La actualidad más candente (20) Similar a CIS14: Global Trends in BYOID (20) Más de CloudIDSummit (20) CIS14: Global Trends in BYOID2. 2
©
2014
CA.
ALL
RIGHTS
RESERVED.
abstract
§ While
Bring
Your
Own
IdenLty
(BYOID)
can
deliver
tangible
benefits
to
end
users
and
relying
parLes,
these
benefits
are
accompanied
with
potenLal
risks
and
liability
concerns.
§ CA
Technologies
and
The
Ponemon
InsLtute
recently
conducted
a
worldwide
survey
of
over
3,000
IT
users
and
business
users
to
understand
the
value,
benefits
and
concerns
that
organizaLons
have
around
using
BYOID.
§ This
session
will
review
the
key
findings
from
the
Ponemon
Survey,
deliver
insight
into
the
current
state
of
BYOID
and
provide
guidance
on
how
enterprises
can
overcome
these
barriers
to
gain
the
maximum
value
from
BYOID
without
unnecessarily
increasing
risk
or
fraud.
3. 3
©
2014
CA.
ALL
RIGHTS
RESERVED.
§ 17+
years
of
product
management/product
markeLng
experience
– SecurityDynamics
– RSA
Security
– Netegrity
– OpenPages
– CA
Technologies
§ Tracking/stalking
me:
– Merri4.maxim@ca.com
– www.twi4er.com/merri4maxim
About
me
4. 4
©
2014
CA.
ALL
RIGHTS
RESERVED.
The
Promise
of
BYOID
Reduce
complexity,
improve
user
experience
5. 5
©
2014
CA.
ALL
RIGHTS
RESERVED.
The
Challenge
of
BYOID
“I
am
Losing
Control”
6. 6
©
2014
CA.
ALL
RIGHTS
RESERVED.
Survey
Summary
§ In
early
2014,
CA
worked
with
The
Ponemon
InsLtute
to
develop
a
market
survey
to
gauge
interest
and
adopLon
of
BYOID
across
8
geographic
regions
– USA/Canada
– Australia
– Brazil
– France
– Germany
– India
– UK
– Italy
7. 7
©
2014
CA.
ALL
RIGHTS
RESERVED.
Different
personas
explored
in
this
survey
IT
User
• I
need
to
manage
customer
data
• I
need
to
keep
sensiLve
data
secure
• I
need
to
meet
compliance
and
policy
mandates
Business
User
• I
want
to
simplify
the
customer
experience
• I
want
to
know
more
about
my
customers
to
help
improve
retenLon
and
drive
incremental
revenue
8. 8
©
2014
CA.
ALL
RIGHTS
RESERVED.
Sample
Sizes
IT
User
Business
User
Total
%
of
total
sample
USA/Canada
570
428
998
32%
Australia
99
110
209
7%
Brazil
158
185
343
11%
France
127
148
275
9%
Germany
182
180
362
13%
India
141
152
293
8%
Italy
143
131
274
8%
UK
169
192
361
12%
TOTAL
1,589
1,526
3,115
Other
demographic
Info
• 100%
of
respondents
were
from
companies
with
>1,000
employees
• 75%
of
respondents
were
from
companies
with
$500M+
in
annual
revenue
• Target
Ltles
for
IT
users
were
CIO/CISO;
target
Ltles
for
business
users
were
VP/line
of
business
manager
• Even
distribuLon
across
all
common
verLcal
markets
9. 9
©
2014
CA.
ALL
RIGHTS
RESERVED.
General
Findings
§ Need
to
simplify
user
experience
is
driving
interest
in
BYOID
§ Mobile
and
web
customers
are
driving
need
for
BYOID
§ Security
enhancements
sLll
needed
to
drive
more
BYOID
adopLon
§ Business
users
&
IT
users
have
different
opinions
on
value
of
BYOID
11. 11
©
2014
CA.
ALL
RIGHTS
RESERVED.
Interest
in
BYOID
is
highest
for
online
&
mobile
users
§ SupporLng
survey
data
– Q5.
“How
would
you
rate
your
organiza1on’s
level
of
interest
in
accep1ng
digital
iden11es
for
any
of
the
following
user
popula1ons?
§ Employees,
Contractors,
Re1rees,
Job
prospects,
Mobile
users,
Website
users
– 82%
of
all
business
users
across
all
regions
responded
“Very
High”
or
“High”
for
mobile
users
– 79%
of
all
business
users
across
all
regions
responded
“Very
High”
or
“High”
for
website
users
– None
of
the
other
idenLty
types
were
even
close
§ Key
takeaway:
– Customers
want
and
expect
a
simple
user
experience
=>
BYOID
can
assist
12. 12
©
2014
CA.
ALL
RIGHTS
RESERVED.
IT
Users
and
Business
Users
are
looking
at
BYOID
for
different
reasons
§ Q3:
“What
are
the
main
reasons
for
BYOID
adop1on
in
your
organiza1on
today?
Please
select
all
that
apply.”
– 95%
of
business
users
selected
“To
capture
a4ributes
about
users
from
external
sources”
v.
only
26%
of
IT
users
who
selected
same
AND
– 48%
of
IT
users
also
selected
“To
outsource
password
reset
acLviLes
to
idenLty
providers
”
v.
only
9%
of
business
users
who
selected
same
§ Key
takeaway:
– Business
sees
value
in
BYOID
for
gathering
customer
data
whereas
IT
sees
BYOID
as
more
of
a
cost
savings
iniLaLve
13. 13
©
2014
CA.
ALL
RIGHTS
RESERVED.
Business
users
and
IT
users
see
different
BYOID
benefits
Top
3
BYOID
Benefits
for
IT
Users
Top
3
BYOID
Benefits
for
Business
Users
IdenLty
ValidaLon-‐74%
Reduced
fricLon
in
user
experience-‐78%
Contractor
on-‐boarding-‐57%
Simplified
engagement
for
end
users-‐
75%
Fraud
/
risk
evaluaLon
&
reducLon-‐55%
IdenLty
ValidaLon-‐63%
Q18.
“Which
BYOID
benefits
are
of
most
interest
to
your
organiza1on?
Select
all
that
apply
• Targeted
marke1ng
• Fraud/risk
evalua1on
• Iden1ty
valida1on
• Contractor
on-‐boarding,
• Reduced
fric1on
in
user
experience,
• Simplified
engagement
for
end
users
• Increased
revenue
• Security
enhancements
• Access
to
fresh
iden1ty
informa1on
14. 14
©
2014
CA.
ALL
RIGHTS
RESERVED.
Ranking
IdPs
that
you
would
accept
at
your
employer
Top
Ranked
IdP
for
IT
User
Lowest
Ranked
IdP
for
IT
User
Top
Ranked
IdP
for
Business
User
Lowest
Ranked
IdP
for
Business
User
USA/Canada
PayPal
Yahoo
PayPal
Yahoo
Australia
PayPal
Yahoo
Amazon
Facebook
Brazil
PayPal
Yahoo
Yahoo
LinkedIn
France
PayPal
Yahoo/Facebook
Amazon
Google
Germany
PayPal
Yahoo
Microsoq
Google
India
PayPal
Yahoo
PayPal
Facebook
Italy
PayPal
Facebook
Amazon
Facebook
UK
PayPal
Yahoo
Microsoq
Google
Q8:
“Please
rank
the
following
iden1ty
providers
in
order
of
interest
to
your
organiza1on.
1
=
of
most
interested
and
7
=
of
least
interest.
If
possible,
please
avoid
1es.”
15. 15
©
2014
CA.
ALL
RIGHTS
RESERVED.
Ranking
IdPs
that
you
would
prefer
to
use
as
an
individual
Top
Ranked
IdP
for
IT
User
Lowest
Ranked
IdP
for
IT
User
Top
Ranked
IdP
for
Business
User
Lowest
Ranked
IdP
for
Business
User
USA/Canada
Google
Yahoo
Google
Yahoo
Australia
Google
Yahoo
Amazon
PayPal
Brazil
Google
Yahoo
Google
LinkedIn
France
Google
Yahoo
Amazon
LinkedIn
Germany
Google
Yahoo
Facebook
LinkedIn
India
Google
Yahoo
Facebook
LinkedIn
Italy
Google
Yahoo
Google
Yahoo
UK
Google
Microsoq
Yahoo
LinkedIn
Q9.
“Please
rank
the
following
iden1ty
providers
in
order
of
interest
to
you
as
an
individual
accessing
other
organiza1ons
or
service
providers.
1
=
of
most
interested
and
7
=
of
least
interest.
If
possible,
please
avoid
1es.”
16. 16
©
2014
CA.
ALL
RIGHTS
RESERVED.
Preferred
IdPs
as
organizaLon
v.
as
individual
(aggregated
across
all
geographies)
Highest
Priority
Lowest
Priority
QuesKon
8-‐as
employer
IT
User
PayPal
Yahoo
Business
User
Amazon
Facebook
QuesKon
9-‐as
individual
IT
User
Google
Yahoo
Business
User
Facebook
LinkedIn
Intriguing
contrast
between
what
business
user
wants
to
use
as
IdP
for
their
employer
v.
what
they
want
to
use
personally
17. 17
©
2014
CA.
ALL
RIGHTS
RESERVED.
Features
that
could
accelerate
BYOID
adopLon
Top
3
Preferred
Features
for
IT
Users
Top
3
Preferred
Features
for
Business
Users
IdenLty
validaLon
processes-‐73%
IdenLty
validaLon
processes-‐71%
MulL-‐factor
authenLcaLon-‐66%
Simplified
user
registraLon-‐71%
IdenLty
provider
implemenLng
fraud
risk
engines-‐57%
IdenLty
provider
implemenLng
fraud
risk
engines-‐37%
Q14.
““Which
of
the
following
features
would
most
likely
increase
BYOID
adop1on
within
your
organiza1on?
Please
select
all
that
apply.”
• Mul1-‐factor
auth
• Iden1ty
valida1on
processes
•
Iden1ty
provider
implemen1ng
fraud
risk
engines
• Simplified
user
registra1on
• SMS
processes
for
user
valida1on
• Password
recovery
func1onality
• Risk
based
evalua1on
of
password
recovery
processes
18. 18
©
2014
CA.
ALL
RIGHTS
RESERVED.
Supplemental
data
that
would
increase
value
of
IdPs
Top
3
Preferred
Data
for
IT
Users
Top
3
Preferred
Data
for
Business
Users
Validated
phone
number-‐46%
Current
shipping
address-‐86%
None
of
the
above-‐34%
Validated
phone
number-‐86%
Payment
informaLon-‐
29%
Payment
informaLon-‐
73%
Q17.
What
addi1onal
informa1on
or
services
would
increase
the
value
of
the
BYOID
iden1ty
provider?
Please
select
all
that
apply.
• Current
shipping
address
• Validated
phone
number
• Payment
informa1on
• Access
to
payment
systems
• None
of
the
above
19. 19
©
2014
CA.
ALL
RIGHTS
RESERVED.
Factors
that
would
enhance
BYOID
efforts
Top
3
Preferred
Factors
for
IT
Users
Top
3
Preferred
Factors
for
Business
Users
Mobile
device
factors-‐52%
Mobile
device
factors-‐66%
4
digit
PIN-‐44%
Passive
factors
such
as
geolocaLon-‐59%
Risk-‐based
evaluaLon-‐39%
4
digit
PIN-‐25%
Q15
“What
factors
would
you
add
to
a
digital
idenLty
to
increase
control
or
scruLny
by
your
organizaLon?
Select
all
that
apply.”
• 4-‐digit
PIN
• Passive
factors
such
as
geo-‐loca1on
• One-‐1me
tokens
• Smart
cards
• Mobile
device
factors
• Risk-‐based
evalua1on
20. 20
©
2014
CA.
ALL
RIGHTS
RESERVED.
Conclusion:
A
New
Value-‐Based
View
of
IdenLty
is
Emerging:
Risk-‐based
has
dominated
for
the
last
decade
but
that
is
changing
Evolving
towards
a
more
value/customer-‐centric
view
of
idenKty
Key
is
finding
appropriate
balance
between
both
Value-‐based
Risk-‐based
IT/IT
Security
Line
of
Business
21. 21
©
2014
CA.
ALL
RIGHTS
RESERVED.
BYOID
is
a
Joint
Responsibility
IT
User
+
Business
User
Must
Collaborate
22. 22
©
2014
CA.
ALL
RIGHTS
RESERVED.
Next
Steps
and
Q&A
§ Survey
available
next
Monday
– Email
me
for
copy
OR
– Follow
me
on
Twi4er
(@merri4maxim)-‐I’ll
tweet
bit.ly
link
for
results
§ ParLcipate
in
Tweetchat
on
this
topic
– July
29
at
1pm
Eastern
– Follow
hashtag
#TechViews
to
parLcipate
§ External
webinar
on
August
7
with
Larry
Ponemon
to
discuss
survey
results
23. Senior
Principal,
Product
MarkeLng
Merri4.maxim@ca.com
@merri4maxim
slideshare.net/CAinc
linkedin.com/company/ca-‐technologies
ca.com
MerriY
Maxim
24. 24
©
2014
CA.
ALL
RIGHTS
RESERVED.
Copyright
©
2014
CA.
All
rights
reserved.
All
trademarks,
trade
names,
service
marks
and
logos
referenced
herein
belong
to
their
respecLve
companies.
No
unauthorized
use,
copying
or
distribuLon
permi4ed.
THIS
PRESENTATION
IS
FOR
YOUR
INFORMATIONAL
PURPOSES
ONLY.
CA
assumes
no
responsibility
for
the
accuracy
or
completeness
of
the
informaLon.
TO
THE
EXTENT
PERMITTED
BY
APPLICABLE
LAW,
CA
PROVIDES
THIS
DOCUMENT
“AS
IS”
WITHOUT
WARRANTY
OF
ANY
KIND,
INCLUDING,
WITHOUT
LIMITATION,
ANY
IMPLIED
WARRANTIES
OF
MERCHANTABILITY,
FITNESS
FOR
A
PARTICULAR
PURPOSE,
OR
NONINFRINGEMENT.
In
no
event
will
CA
be
liable
for
any
loss
or
damage,
direct
or
indirect,
in
connecLon
with
this
presentaLon,
including,
without
limitaLon,
lost
profits,
lost
investment,
business
interrupLon,
goodwill,
or
lost
data,
even
if
CA
is
expressly
advised
of
the
possibility
of
such
damages.