multi-factor authentication for cloud applications · premises, but apps and data are moving to the...
TRANSCRIPT
![Page 1: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/1.jpg)
![Page 2: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/2.jpg)
PRESENTED BY:
![Page 3: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/3.jpg)
Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)
One of the main problems that customers face withthe adoption of SaaS and cloud-based apps is howto deliver the same level of security as they do foron-premises apps.The rapid growth of SaaS apps has resulted made ita challenge to manage, share, and secure identitybetween these cloud-based apps. Another importantthing is the necessity to achieve PCI compliance,where multi-factor authentication (MFA) is a must.
Outline: • Market Overview• Mobility and Cloud Adoption Challenges• Identity Management Challenges• Multifactor Authentication Overview
• MFA with F5• F5 Adaptive Auth (MFA)• DEMO• Q and A
![Page 4: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/4.jpg)
63%
37%
Non-mobile Mobile
X 100M
Worldwide workforce by end of 20151 ~1.3 Billion mobile workers by end of 2015
![Page 5: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/5.jpg)
72.3%of the total U.S. workforce will be mobile in 2 years
(2020)3
715average number of
cloud apps per enterprise4
15.4% cloud services
supporting multi-factor
authentication5
![Page 6: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/6.jpg)
25%
75%
>1,000 Cloud-based Apps
<1,000 Cloud-based Apps
1,083 the number of cloud services used by an
average organization5
1,586number of business partners
an average organization connects with via the cloud5
25+% of organizations have 1,000 or more cloud-based applications2
![Page 7: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/7.jpg)
Rising (monetary) costs of data breaches
Increase in data breach cost, ‘14 to ‘15123%
$154 Average cost per lost or stolen record1
Average total cost of a data breach1$3.8M
Rising (business) costs of data breaches
• Damage to brand reputation
• Compromises sensitive enterprise, employee and customer data
• Can result in significant downtime and lost revenue
• Breaches regulatory and/or government compliance required to conduct business
![Page 8: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/8.jpg)
• Silos of identity• Identity may still be on
premises, but apps and data are moving to the cloud
• Users experiencing “password fatigue” (too many passwords to remember)
• Weaker passwords make it easy for credentials to be hacked
Data Center
Applications Applications
Internet
Identity and Access Management
Physical Virtual
Salesforce Office 365 Concur Google docs
Devices
![Page 9: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/9.jpg)
What can I do to alleviate “password fatigue” for my
employees and users?
How can I ensure my users’ credentials aren’t
compromised?
What can I do to ensure my users are using strong
passwords and credentials?
Who can help me employ dynamic, adaptive access
control?
Who can help me integrate and deploy multi-factor, layered, differentiated
authentication?
How can I ensure only authorized users access my
apps and data?
![Page 10: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/10.jpg)
Fast rising number of security threats
and attacks
Need to manage access based on identity and context
Rapidly expanding, changing mobile
workforce
Explosion in number of users, use cases,
in-use devices
Increased virtualization
![Page 11: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/11.jpg)
User ID
Location
End point
Device health
Device type
Malware
Sensitive Data
Human
User ID
Location
End point
Device health
Device type
Malware
Sensitive Data
Human High-Value App
Low-Value AppBad Country
Allow
Challenge
OTP
Client Cert.
Deny
Allow
Challenge
OTP
Client Cert.
Deny
Good Country
![Page 12: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/12.jpg)
Controlling Access Through Identity
© F5 Networks 12
Network / Connection
User Identity and Device Information
Application Health and Risk+ +
![Page 13: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/13.jpg)
Device type and integrity
Browser Location Intelligence and visibility
Operatingsystem
OS
![Page 14: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/14.jpg)
MULTI-FACTOR AUTHENTICATION
![Page 15: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/15.jpg)
Multi-Factor Authentication
second authfactor
•MFA
MFA was the appropriate control
![Page 16: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/16.jpg)
Dramatically reduce infrastructure costs; increase productivity
Provide seamless access to all web resources
Integrated with common SaaS applications
AAAserver
Corporate managed device
Latest AV softwareExpensereport app
Finance
Salesforce.com
User = Finance
Office365.com
![Page 17: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/17.jpg)
F5 Identity Federation, SSO, and MFA• Federates user identity across apps located anywhere—
networked, cloud, SaaS, etc.
• Integrates with existing MFA and IAM solutions to deliver seamless SSO and adaptive MFA
• MFA capabilities with F5 Adaptive Auth or as one-time password (OTP) via email and certificate check
• Delivers integrated IdF with remote/mobile access, native VDI, and enterprise mobility
![Page 18: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/18.jpg)
•Change in one place
single method
application compatibility MFA solution
![Page 19: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/19.jpg)
Mobile User
Remote User
Contractor
Salesforce
Office 365
Concur
Multifactor AuthProvider
Multifactor AuthProvider
![Page 20: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/20.jpg)
![Page 21: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/21.jpg)
![Page 22: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/22.jpg)
MFA
How portal will look to a user whose company is deploying AM for identity federation, SSO, and MFA authentication
![Page 23: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/23.jpg)
F5 ADAPTIVE AUTH(MFA)
![Page 24: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/24.jpg)
• Phase 1: Modern MFA For Access Control
• Phase 2: Advanced Adaptive Auth (device fingerprinting, geo-velocity checks, auth failure tracking)
• Phase 3: Analytics Based Adaptive Auth With Extended Protocols (risk engine)
A platform & service for advanced adaptive auth, access control, and visibility with modern multi-factor authentication with F5 Access Manager (formerly APM)
![Page 25: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/25.jpg)
![Page 26: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/26.jpg)
![Page 27: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/27.jpg)
![Page 28: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/28.jpg)
![Page 29: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/29.jpg)
![Page 30: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/30.jpg)
DEMO
![Page 31: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/31.jpg)
Salesforce
Amazon
Google Mail
Google Drive
DUO
Google Auth
Jose
Partner User
User
Password
![Page 32: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/32.jpg)
![Page 33: Multi-factor Authentication for Cloud Applications · premises, but apps and data are moving to the cloud • Users experiencing “password fatigue” (too many passwords to remember)](https://reader036.vdocuments.net/reader036/viewer/2022071016/5fceae18d9bbd82379469bae/html5/thumbnails/33.jpg)