enterprise architect webinar series - identity management

EA WebinarSalesforce Identity Managementin your Enterprise Architecture

Tuesday February 21st

Mark Woodward Andrew Coveney

mark.woodward@salesforce.com acoveney@salesforce.com

EA WebinarSalesforce Identity Management in your Enterprise Architecture

Salesforce Identity ManagementWhat we’re going to cover

What do we mean by identity management?

What are the key capabilities of Salesforce identity management?

A deeper look at employee access

How can we simplify customer access

Examples from the field

Next steps

Questions

Forward-Looking Statements

Statement under the Private Securities Litigation Reform Act of 1995:

This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services.

The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site.

Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.

Identity ManagementLet’s agree on the basics

Why is Identity Important?

Seamless employee and customer experiences

An increasingly interconnected world

Cybersecurity as a #1 business priority

Regulation and reputation

The Identity Challenge

How to deliver the right access to the right people at the right time?

How to secure our internal assets whilst collaborating and sharing with external customers and partners?

How to make the process as frictionless as possible?

How to integrate seamlessly with multiple applications and technology platforms across different deployment patterns?

How to govern, manage, maintain and audit the full identity lifecycle?

What Is Identity?

What Is An Identity Provider?

What Is A Service Provider?

What Is SAML?

What Is oAuth?

Identity Approach

Foundational Components

Single Sign-On

Access Request

Workflow &Approvals

CloudDirectory

Mobile Identity

Brandable Services

External Identities

Directory Integration

Traditional Modern

Employees Contractors Partners Customers

SalesforceIdentity Management

Key features

What Is Salesforce Identity?

Give the right people the right access to the right resources at the right time

You control who can:

• Access your orgs

• Use apps running on Salesforce, on-premise, other clouds, and on mobile

Workflow &Approvals

Brandable Services

Single Sign-On

Access Request

Mobile Identity

External Identities

Directory Integration

CloudDirectory

Salesforce Identity

Provides convenience of single sign-on for employees and customers

Enable 360 degree view of the customer

Sign in using social credentials

Multi-protocols identity hub

Identity Bridge for user sync and SSO using Active Directory

User Provisioning

Identity for the Connected World

Salesforce IdentityHow our products work together

Multi-Tenant Infrastructure

Identity

Force.com Platform (App Cloud)

Contact User

EXTERNAL USERS

INTERNAL USERS

Employee AccessSecure and personalised

Simplifying Access (Inbound)Personalised Additional Security (2FA)

Review of key capabilities

Secure Employee Access

Personalised

MyDomain is a custom defined domain for the org

• Always includes the suffix my.salesforce.com

• Preserve deep links through any future splits and migrations

• Required for features such as IdP and SP initiated SSO with Salesforce as SP.

Create your own domain

Salesforce.com Confidential

Additional Security – Two Factor AuthenticationProtect your account even if your password is compromised

Simplified Access – Single Sign-OnEnable authenticated users to click through to Salesforce

Simplified Administration – Salesforce Connect

When a user is created in AD, that same user account can be created automatically in Salesforce.

Users sign in to Salesforce using their AD username and password.

Synchronise users from Active Directory

On Windows or Linux

On premise

Linux/Windows

Provisioning

AD authentication

External IdentitySimplified with social profiles

Workflow &Approvals

Brandable Services

Single Sign-On

Access Request

Mobile Identity

External Identities

Directory Integration

CloudDirectory

Salesforce Identity

Provides convenience of single sign-on for employees and customers

Enable 360 degree view of the customer

Sign in using social credentials

Multi-protocols identity hub

Identity Bridge for user sync and SSO using Active Directory

User Provisioning

Identity for the Connected World

Identity Management Approach

Consumer Professional

Person Account Business Account

Business Contact

User Record

Communities

eCommerceBrand web

sitesOther web properties

Account Contact

Orders Assets

Mobile apps

KB

Cases

Se

lf-s

erv

ice

AP

I

Attributes & Consents

Internal Systems

External Systems

Social Authentication

SMSMarketing Cloud

Results

1

2

3

4

5

6

7

8

9

10

11

12

External User Lifecycle

Form

Social

API

External User Lifecycle

Form

Social

API

Registration

External User Lifecycle

Form

Social

API

Accounts and Contacts

Registration

External User Lifecycle

Form

Social

API

Accounts and Contacts

Mobile Apps

Communities

Custom Apps

Existing Web Properties

Registration SingleSign-On

External User Lifecycle

Form

Social

API

Accounts and Contacts

Mobile Apps

Communities

Custom Apps

Existing Web Properties

Registration SingleSign-On

3rd PartyIdentity Proofing

ProgressiveProfiling

“Identity Hub” Deployment Pattern

Form

Social

API

Mobile Apps

Communities

Custom Apps

Existing Web Properties

MyProfile

AppLauncher

ConsentManagement

OtherApps

Customer ExamplesSuccess from the field

“Salesforce Identity was easy to implement, reduced friction in the customer registration process, and allowed us to meet vital business goals.”Ananth Krishnan, Director of Enterprise Architecture and InnovationLand O’Lakes, Inc.

Land O’Lakes, Inc. simplifies registration and login experience to 4500+ customers across three diversified agribusinesses spanning farm to fork

Third largest U.S. member-owned cooperative operating in 60+ countries

Provisioned external users with an outdated, homegrown system that required manual processes, generated customer service issues, and lacked branding

Implemented a self-service workflow and branding in the external registration process

Reduced both user provisioning time and service incidents by 33%

Analyst Report

Salesforce Identity is a robust and scalable CIAM solution that provides much flexibility

for their customers.

For organizations that are already using Salesforce CRM or PaaS, adding Identity may

be a natural choice.

Next StepsHow do I get started?

Deep Dive SessionsHear from our product teams and customers at Dreamforce

Increase User Adoption and Strengthen Security with Single Sign-On

How Salesforce Deploys Identity at Scale

Identity Basics

• https://trailhead.salesforce.com/modules/identity_basics

User Authentication

• https://trailhead.salesforce.com/modules/identity_login

Identity for Customers

• https://trailhead.salesforce.com/modules/identity_external

Hands OnStep-by-step guides on Trailhead

Contact Your Account TeamTo discuss how identity can help you

Include Salesforce as a component of your enterprise security approach

Product information and licensing. Also refer to:https://www.salesforce.com/eu/platform/identity/

Technical deep dive

Thank Y u