a practical approach to secure access to on premise and off premise applications & solving the...
TRANSCRIPT
A Practical Approach To Secure Access To On Premise And Off Premise
Applications & Solving The Problem Of Cloud Security: Top 3 Ways To Secure
A Cloud Roadmap
Darren PlattCTO | Symplified
User Growth Fuels Complexity Sensitive Data Outside Firewall
SaaS Creates Management SilosEnterprise Integration
The Problem: Identity Silos
» Terminated employee is removed from Active Directory
» Admin must repeat Removal from all siloed apps
But Cloud apps aren’t integrated so a terminated employee can access company data and apps
Identity Management Challenges in the Cloud – De-provisioning Example
» Terminated employee is removed from Active Directory
» One step for admin
» Centralized policies
Terminated employee no longer has access to apps
Identity Management Challenges in the Cloud – De-provisioning Example
Fortune 500
Midmarket & SMB
Enterprise
Consumers & Individuals
Tech
nica
l Sop
hist
icat
ion
& C
apab
ilitie
s
Service Providers’ Challenge
Network Security SSO (some anyway)
--------------------Access ManagementProvisioningAuditSLA Management
The Iceberg
Above Waterline: Single Sign On for Cloud Apps
• Standards Exist, but are Complicated– SAML, OpenID, OAuth, Shibboleth, WS-Federation
• Standards are Not Broadly Adopted• Often Requires Custom Development and/or
Standards Expertise• Traditional Internal Security Tools Don’t Apply• Point to Point Federation Model Does NOT Scale
Below Waterline: The Remaining Work
• Access Management / Authorization– XACML
• Provisioning User Accounts– SPML– De-provisioining
• Audit– CloudAudit
• SLA Management & Verification
(e x a)
SaaS Adoption Adding More Apps
e
a
The Math Of One-To-Many
Linear Growth In Connections
e = enterprisea = applications
Point-To-Point Doesn’t Scale
(e x a)
SaaS AdoptionAdding More Business Units and Apps
1e x 1a = 1
2e x 2a = 4
3e x 3a = 9
4e x 4a = 16
5e x 5a = 25
Geometric Growth In Connections
e = enterprisea = applications
The Math Of Many-To-ManyPoint-To-Point Doesn’t Scale
(E)
Linear Solves both SaaS Adoption and Collaboration
The Math of One-to-BrokerPoint-To-Point Doesn’t Scale
Geometric
Extra Cost
Constant
Linear
CostPer
User
Number Of Apps
Graph Perspective ScaledPoint-To-Point Doesn’t Scale
Symplified Problem Space
SymplifiedSolution
Internal Web Apps Public Cloud Apps
SaaS SSO Portals
Mobile Portals for SSO and Access control for
iPads, iPhones, Android and others
THE USER EXPERIENCE
Simple Deployment1. Choose Deployment 2. Integrate & Unify Seams 3. Go Live!
Trust Cloudor
On PremisesVirtual Appliance
Web Apps Databases Active Directory WebServices
StrongAuthentication
Portal
Custom Portal
Mobile Portal
ApplicationsPublic & Private
Cloud
Mobile Edition
One universal login for authentication to many applications
Centralized management of user access with dynamic, policy based controls
Self-service user registration and account management, user provisioning and password reset and policies
SinglePoint Identity as a Service Platform
SinglePoint Studio (Admin UI)
SSO Portal (End user SSO portal for desktop, tablets and phones)
Identity Router (Layer 4 Proxy on Trust Cloud or Appliance)
Integration
» Trust Fabric (App Store for Identity)» Trust Connector (No Coding Integration Tool)» Web Service API’s (Platform as a Service)» SimpleLink™ (SSL VPN to access behind firewall systems)» Multiple Authentication (Kerberos, SAML, tokens)» Virtual Directory (AD, LDAP, SQL, Web Services)» KeyChain (Credential Vault & Persona Mapping)
CustomerInfrastructure
DB, LDAP, Web Services,
Authentication SourcesExisting Portals
Cloud User Stores &
Identity Vaults
Audit and Reporting
Symplified Identity Manager
Symplified Access Manager
SymplifiedSign-On
DeliveryAny Device
Any Location
Multi-tenancy | Security | Monitoring | Redundancy | Upgrades
» Authentication» SAML & HTTP & OpenID
» Authorization» Dynamic Access Control
» User Management» Account Synchronization
The Symplified Platform
SeamlessIdentity
Converging Revolutions
With Symplified
The Symplified Vision
» IT as a Service
» The Cloud
» Mobile Everywhere
» Be Like Amazon
» Save Millions on Integration
» Embrace The Cloud
» Any User
» Any Device
» Any App
» Any Location
OVER 1 MILLION USERS RELY ON SYMPLIFIEDCustomersSymplified scales from workgroups of 50 to the Fortune 500
Symplified EcosystemSymplified has the largest Cloud Identity Ecosystem
Pfizer Charming Merit SerenaSchumacher AHA Forest GLS Moody’s
Amylin Dolby InMage Script DemandTecSchlumberger IvieDWR Coty
Schumacher Portal Streamlines Revenue
Challenge (B2C/Business-to-Customer): Needed to add 3rd party apps to their external portal, leveraging existing provider log-in and authentication.
Results: Symplified technology integrated with Schumacher’s portal provides stronger authentication due to ease-of-use and because providers only have to authenticate one time. This allows for a more seamless communication channel with their provides, their main revenue source.
Our employees are very pleased that bookmarks in their browser lead them straight into applications, without any additional sign-on.
Doug MenefeeCIOSchumacher Group
AHA Cures SSO Headaches with Symplified
Challenge(B2E/Employee-to-SaaS): Needed seamless login to their Collaboration platform; supporting intranet portal, SAML and non-SAML SaaS apps.
Results: Increased user adoption of the collaboration platform, bridging private and public cloud apps. Up and running in less than two months.
We are extremely pleased with the Symplified solution as it has allowed us to deliver on all of our security and compliance objectives for the Social Intranet & Collaboration platform project. We have been very impressed by the professionalism and level of support from Symplified throughout the entire sales and implementation process.Jack MacKayVice President & Chief Information OfficerAmerican Hospital Association
Merit Medical Mobilizes with SymplifiedChallenge (Mobile):
Issued mobile devices to field sales team and wanted to secure and manage access to productivity/training applications to increase sales in the field.
Results: Centralized authentication, access control and more secure and efficient end user experience – no systems or human resource costs; one man band supporting 100s of field reps. Enabing mashups that combine data from eLeap and Google to supply better insight, rather than more data to mine.
Symplified's technology and customer service have taken us to the cloud with confidence. Lincoln Cannon
Director of Web SystemsMerit Medical