introduction to identity-as-a-service and secure access to saas
TRANSCRIPT
World®’16
IntroductiontoIdentity-as-a-ServiceandSecureAccesstoSaaSPaulPeterson- AdvisorProductManagement- CATechnologies
SCX06S
SECURITY
2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.
Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.
ForInformationalPurposesOnlyTermsofthisPresentation
3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Abstract
Theriseincloudandmobileappsisimpactingorganizationsofallsizes,changinghowemployeesworkandhowITdepartmentsareexpectedtosupportthebusiness.Today,businessuserscanleveragerichcapabilitiesinthecloudtoenablebettercollaboration,speedandproductivitythaneverbefore.Theaccessibility,easeofuseandadvancesincloudandmobileappsintroducedimmensepressureonITtodelivermodernapplicationsfaster,whilecreatinganexceptionaluserexperience.IfITfailstoaccommodatetheneedsofusersfastenough,theysimplyusetheappstheyneed,oftenwithouttheknowledgeoftheITdepartment.Inthissession,you’lllearnhowtoleverageidentity-as-a-servicetobalancesecurity,agilityanduserexperiencewhilestayingaheadofshadowIT.
PaulPetersonCATechnologiesAdvisor,ProductManagement
4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Agenda
THENEWDIGITALWORKPLACE
CHALLENGES
NEXTGENERATIONIDENTITY-AS-A-SERVICE
DEMO
1
2
3
4
5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
ExplosionofSaaS Speed ShadowIT
Newgenerationpowerusers
LOBappownership
Applicationchurn
Today’sDigitalWorkplace
6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
EmbracingtheDigitalWorkplace
1. LeverageshadowITasanopportunitytoempowerLOB
2. Gaincontrolandvisibilityoveryourcloudenvironment
3. Deliveraconsumergradeworkforceexperience
4. Acceleratedigitaltransformationandcloudadoption
5. Bridgebetweennewandlegacyenvironments
6. Automateidentitylifecycleandaccessmanagementprocesses
HowtoEvolveQuicklyandAvoidGettingDisrupted
7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Challenges
Manyapplicationseverywhere
Manyidentitieseverywhere
Multipleaccessmethods
Constantchange ManycredentialsNovisibilityorcontrol
8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
FindingtheRightBalance
Security Agility UserExperience
9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
IntroducingCAIdentityServiceNextGenerationIdentity-as-a-ServicefortheModernHybridEnterprise
Acceleratedigitaltransformationwhiledeliveringasecureconsumergradeworkforceexperience
UserProvisioning SingleSign-On IdentityLifecycleManagement
10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
SaaS-FirstandHybridDeploymentModelsLeverageExistingOn-PremisesIAMInvestments
SingleSign-on
Authentication(SaaS-firstmodel)
CAIdentityService
Userprovisioninganddeprovisioning
SingleSign-on
Rogueandorphanaccountdetectionandremediation
CASingleSign-On
On-premisesapps
SaaS AppsActivedirectory
Peoplesource(optional)
SingleSign-on
11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
UserProvisioningDeepandBi-DirectionalProvisioningIntegrations
AutomatetheprovisioninganddeprovisioningofuseraccountsinyourSaaS appswithbusinessfriendly rules
Godeepertomanagetheentitlements(groups,roles,permissions)ofyourusers
Getvisibility intoexistingaccountsandentitlements
Detectandremediateorphanandrogueaccounts
Leveragepredefinedintegrationsthatunderstandthespecificrequirements ofthetargetapplication
12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
SingleSign-OnUnifiedLaunchpadLeveragesOn-premisesInvestments
Richout-of-the-boxintegrations and acustomSAML connectorenable SSOtohundredsofapplicationsinminutes
Authenticateusersusingastrongpasswordsupplementedbytwo-factorauthentication
Reducehelpdeskoverheadwithself-servicepasswordmanagementand forgottenpasswordrecovery
GiveyouruserstheeaseandconvenienceofsecureSingleSign-OntoSaaS andon-premisesappswiththeUnified Launchpadand CASSOintegration
13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
IdentityLifecycleManagementRule-BasedProvisioningandAccessManagement
Automatedrule-basedprovisioninganddeprovisioning ofaccountswithentitlements
Abilitytodesignate anapplicationastheauthoritativepeoplesource
Self-service andadministrativeprofilemanagement
Administrativeauthorizationmodelenablesdelegationofappownership
14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
KeyBenefits
Reducecloudattacksurfacewithdynamicprovisioningandbidirectionalintegrationsminimizingtheriskofover-privilegedandorphanaccounts
ImproveworkforceproductivitywithadynamicapplicationLaunchpadandseamlesssinglesign-onacrosshybridenvironments
Improvebusinessagilityandtimetovaluewithfastandsecurerolloutofcloudapplicationsandrapidintegrationwithon-premisesinvestments3
Security
Agility
UserExperience
15 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
KeyBenefits
Bidirectionalintegrations simplifyaccountdiscoveryandreconciliation,andenableorphanaccountdetectionandremediation
Asuperioruserexperiencemakesdelegationofappownershiptobusinessuserspossible,empoweringappownerstoonboardandsecureaccesstoappsinminutes
DynamicintegrationwithCASSOenablesagilityandrapidtimetovalueinenablingaconsumergradeworkforceexperience
3
Security
Agility
UserExperience
16 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Administrator• Accountreconciliation• SAMLApplications• CASSOintegration
EndUser• Launchpad• MultifactorAuthentication
AppOwner• Applicationonboarding• Rules
Demo
17 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
RecommendedSessions
SESSION# TITLE DATE/TIME
SCX07S EnablingaHybridEnterpriseApplicationLaunchPad 11/16/2016at04:30PM
SCT42TTechTalk:A"GameofThrones"introductiontoidentity-as-a-service
11/17/2016at11:30AM
SCT08T TechTalk:FederatetoanSAML-EnabledAppinMinutes 11/17/2016at12:45PM
SCT43TTechTalk:Makelifeeasyforyouruserswithahybridapplicationlaunchpad
11/17/2016at3:45PM
18 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Don’tMissOurINTERACTIVESecurityDemoExperience!
SNEAKPEEK!
18 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
19 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Questions?
20 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
WeWanttoHearFromYou!
§ ITCentralisaleadingtechnologyreviewsite.CAhasthemtohelpgenerateproductreviewsforourSecurityproducts.
§ ITCSstaffmaybeatthissessionnow!(lookfortheirshirts).Ifyouwouldliketoofferaproductreview,pleaseaskthemaftertheclass,orgobytheirbooth.
Note:– Onlytakes5-7mins– Youhavetotalcontroloverthereview– Itcanbeanonymous,ifrequired
21 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Thankyou.
Stayconnectedatcommunities.ca.com
22 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Security
FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw