About this template€¦ · Seamless user experience to quickly find and use apps and Secure access...
14
#PartyCloud Reloaded dove le persone incontrano le idee — La gestione delle identità in un ambiente multicloud Maurizio Dossi IAM Associate Partner, IBM Italia Fabrizio Patriarca Security Architect, IBM Italia
Transcript of About this template€¦ · Seamless user experience to quickly find and use apps and Secure access...
#PartyCloud Reloaded
dove le persone incontrano le idee
—
La gestione delle identità in un ambiente multicloudMaurizio DossiIAM Associate Partner, IBM Italia
Fabrizio PatriarcaSecurity Architect, IBM Italia
IBM Cloud Identity client imperativesPrimary personas
• Needs innovative new tools to get work done
• Utilize easy-to-use cloud services quickly
• Requires a seamless experience across apps
• Wants to save money and reduce complexity
• Requires automation and consolidation
• Must strengthen authentication
• Need to move fast to gain competitive edge
• Deliver applications to employees – quickly
• Help protect brand’s reputation
EMPLOYEES IT ADMINISTRATORBUSINESS LEADERS
• Needs well documented easy to understand APIs and SDKs
• Expects APIs to leverage standards and common patterns
• Requires quick turn around on integrations
DEVELOPER
IBM Cloud Identity Platform and Enablement Services
Salesforce
Concur
WebExG Suite
O365
Zoho
…
……
…
IBM IAM
SaaS On-PremHybrid Cloud Managed
Flexible delivery models
IaaSPrivate Cloud
Employees Consumers
Workday
CONNECT VERIFY GOVERN
SSO and Access Management
for Cloud and On-Prem Apps
Multi-factor Authentication
for Cloud and On-Prem Apps
Identity Governance
for Cloud and On-Prem Apps
▪ Bridge on-premise access
management investments to
the cloud
▪ End-user launch pad for cloud
and on-prem apps
▪ MaaS360 integration: allow
passwordless access to apps
on managed devices
▪ Delegate app administration to
LOB
▪ Add multifactor authentication
(email/sms OTP) across any
application, including in-
house/legacy apps
▪ Developer focused API’s for
identity and authentication
▪ Enforce access policies to
require MFA based on how the
app is accessed (mobile,
desktop, new device)
▪ Identity provisioning and
lifecycle management
▪ Access request management
▪ Access recertification
▪ User self-care: on-boarding,
profile management,
password reset, recertification
campaigns, branded
interfaces
▪ LOB manager interface to
review employee access rights
IBM CLOUD IDENTITY
IBM Cloud Identity ConnectSeamless user experience to quickly find and use apps and
Secure access to approved apps
• Seamless user experience with SSO
• "My Applications" Launchpad
Lists authorized applications
Click to connect
No need to remember multiple passwords
Federated SSO across cloud applications
• Quickly find and access applications
from any device with
Unified app catalog
• Apps shown based on Application Owner authorization
User or Group-based policy
Delegate administration to line of business
• Empowers managers to enable teams quickly, without
interrupting IT for simple tasks
App ownership delegation
Business managers can easily add / remove
users as appropriate
• Accelerate business agility and innovation
Rapid deployment of cloud applications
IBM Cloud Identity Verify
SOMETHING THAT YOU KNOW• Username and password
SOMETHING THAT YOU HAVE• Control of an email account (email one-time password)
• Possession of a mobile phone (SMS one-time password)
• TOTP
• IBM Verify Authentication- User presence e Fingerprint.,
First Factor Second Factor (2FA)
Two step
verification
code: 238 571
The password is a secret that only the real user knows.
Email One-time Password SMS One-time Password
The email account or phone is something that only the real user has.
DEMO LIVE
For most enterprises, there are challenges along the way to a successful transition to cloud IAM
IBM Security / © 2019 IBM Corporation 9
• Finding the right Cloud IAM
Strategy for your goals and user
needs vs.
• Working within the realities of
existing technology
infrastructure and processes,
which are often limited by high
technical debt
1 Planning 2 Transformation 3 New Operations
Identity Data
Management
Access Management
IAMPolicy
Management
IdentityAnalytics
AccessGovernanceManagement
IdentityManagement ?
For most enterprises, there are challenges along the way to a successful transition to cloud IAM
IBM Security / © 2019 IBM Corporation 10
• Pressures to lower infrastructure
costs quickly, including the ongoing
maintenance and licensing costs of
on-premise solutions, and
demonstrating success early vs.
• Pushing change onto various user
types
• Customizations of on-premise
implementations are often
complex and difficult to move away
from
1 Planning 2 Transformation 3 New Operations
IdentityData
Management
AccessManagement
IAMPolicy
Management
IdentityAnalytics
AccessGovernanceManagement
IdentityManagement
AccessManagement
On-PremiseApps
SaaSand
Web Apps
Hybrid IAM
On premise IAM Program
For most enterprises, there are challenges along the way to a successful transition to cloud IAM
IBM Security / © 2019 IBM Corporation 11
• Continuously driving
improvements while
• Retaining and redeploying
valuable IAM talent to a new
cloud IAM environment
1 Planning 2 Transformation 3 New Operations
Identity Data Management
Access Management
IAM Policy Management
Identity Analytics
Access Governance
Management
Identity Management
Operate
Anyone can try IBM Cloud Identity for freeSearch for Cloud Identity in IBM Marketplace
https://www.ibm.com/it-it/marketplace/cloud-identity
Thank you
13
Maurizio DossiIAM Associate Partner, IBM Italia
Fabrizio PatriarcaSecurity Architect, IBM Italia
ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2019. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
FOLLOW US ON:
THANK YOU
ibm.com/security/community
15
