Publicidad
Check these out next
Identity is key - Robin Gorris
12 de May de 2014•0 recomendaciones•467 vistas
0 recomendaciones
Sé el primero en que te guste
ver más
vistas
Total de vistas
0
En Slideshare
0
De embebidos
0
Número de embebidos
0
Denunciar
Tecnología
In the Nexus of Forces, Identity is key. Identity & Access Management (I&AM) has helped organizations attain better security while improving business agility and retaining user comfort. I&AM is an enabler for doing more with less. Today, I&AM programs are being affected by cloud, social, mobile and big data. Organizations now want to extend the Zero Day Provisioning, Single-Sign On and other features they have come to enjoy in a user friendly fashion without compromising on security. This session aims at answering the question: how do you leverage the power of the Forces of Nexus in your Identity and Access Management efforts? Have I&AM solutions evolved to the point where they are ready for this paradigm shift?
InspireXSeguir
InspireXPublicidad
Publicidad
Publicidad
Recomendados
Evolveum: All you need to know about identity & access managementEvolveum
SIF IDM Profile IntroductionRichard Tong
3 Building Blocks For Managing Cloud Applications WebinarTodd Clayton
Active Directory Self-Service Suite OverviewEmpowerID
Navigating The Clouds With An Enterprise IT Strategyredmiller1
Identity and Access ManagementPrashanth BS
Identity is key - Robin Gorris
- In the nexus of forces identity is key InspireX 2014
- This is me Robin Gorris IS4U Veldkant 33a – 2550 Kontich robin.gorris@is4u.be http://www.is4u.be
- Disclaimer
- Opportunities
- Digital Identity Automate the lifecycle of user accounts in the enterprise Benefits: Zero day provisioning Single sign on User self service … Typical population: employees Leave Change Join
- Evolving IDM requirements SaaS Partners Customers Apps
- Questions Do we want to bother prospects/customers with another username/password combination to remember? Do we want to manage the identity lifecycle of partner employees?
- Questions Do our employees need to remember yet another password for every cloud service they use? Do we need to keep on adding more infrastructure for all of these identities?
- Nexus of forces as enablers
- Social 0 200 400 600 800 1000 1200 1400 #accounts (millions)
- Social Do we want to bother prospects/customers with another username/password combination to remember? 66% abandon the transaction when requested for username and other information 39% shop with an existing supplier rather than create a new account elsewhere sources: 2013 Mobile Consumer Insights Jumio Inc & Ukash research, Sept 2013
- Social login Reuse social identities for your service
- Social login Benefits User friendly Use of open standards Low-cost
- Why login?
- How do we login?
- Authentication Do we want to hand out another difficult to remember but very secure password to our customers, partners and employees? Can we provide the whole of our population with hardware tokens? Should we rollout our own PKI?
- Authentication as a service Variety of offerings Mydigipass.com (Vasco) Federal Authentication Service (Fedict) Windows Azure Active Directory Commodotized by social networks Google authenticator Facebook two-step verification
- Mobile Login Factors OTP by SMS or voice message App generating OTP Fingerprint reader Face recognition geoIP GPS localization
- Passwords aren’t dead (yet) source: The Quest to Replace Passwords A Framework for Comparative Evaluation of Web Authentication Schemes
- Comparative study Passwords compared to Tokens, mobile, biometric, etc. Criteria Security Usability Deployability source: The Quest to Replace Passwords A Framework for Comparative Evaluation of Web Authentication Schemes
- Study conclusions Security: most schemes are better Usability: mixed results Deployability: every scheme does worse source: The Quest to Replace Passwords A Framework for Comparative Evaluation of Web Authentication Schemes
- Apps Can we do IDM for apps? Use the same standards OAuth OpenID connect
- Cloud Do we want to have our employees remember yet another password for every cloud service they use? Why limit the SSO experience to the office? Do we need to keep on adding more infrastructure for all of these identities?
- Cloud Login to cloud with company credentials It’s a service to get shadow IT back to the ICT department
- Cloud advice Demand standards based interfaces from your cloud service provider SAML WS-Federation OAuth OpenID connect SCIM
- Big data Security industry exploits big data, e.g. Anti-malware clouds Honeypots Big data provides identity context Risk based authorization
- Big data Security industry also provides tooling for exploiting big data Intrusion Detection & Prevention Systems Security Information & Event Monitoring
- Conclusions The nexus of forces is driving new Identity Management requirements provide single sign-on to external cloud services provide a seamless user experience to customers enable collaboration with partner organizations
- Conclusions Nexus of forces as enablers Reusable Identity Repositories Identity Proofing Opportunities Standards Based Identity Driver Identity Context & Tools
- Your partner IT security consultancy since 2007 35 FTE Certified professionals Architects, Analysts, Consultants, Auditors, Engineers
- Technology experts
- Customers Telenet BNP Paribas Fortis EPT Luxemburg AGFA Eurocontrol European Commission TomTom AXA Randstad Electrabel Belgacom AZ Nikolaas OLVZ Aalst Ministry of Finance WGK West-Vlaanderen Ministry of Foreign Affairs AGIV FOD Mobility Ministry of Flemish Community Ministry of Internal Affairs VDAB VUB Colruyt PSA/HNN AZ Sint Lucas Brugge Fedict Veolia AZ Monica UZA Bank De Groof FN VLM Credoc Unicredit Luxemburg Daikin LCM ING ZOL Facilicom Besins BPost Zetes SDL Tridion KPN Getronics Fedict De Lijn City of Bruges Atlas Copco Philips EDF Luminus Bekaert Aquafin Leaseplan GO Mediahuis MediaID De Persgroep
- Contact us Robin Gorris IS4U Veldkant 33a – 2550 Kontich robin.gorris@is4u.be http://www.is4u.be
Publicidad