Identity Insights: Social, Local and Mobile Identity

Identity Insights: Social, Local, and Mobile Identity

Dipto Chakravarty Vice President of Product Management / NetIQ [email protected] February 3rd – 7th 2013

Jon Bultmeyer Director R & D, Identity, NetIQ [email protected]

© 2012 NetIQ Corporation. All rights reserved. 2

Mega Trends Redefining “Identity”

•  User

•  Data

•  Resource

•  Identifier

•  Security

–  Shift in privileges and premises driving complexity

–  Data shifting to Knowledge, and to Intelligence

–  “Work stations” shifting to PDAs; BYOD paradigm

–  Pervasive unique identifier for users and resources

–  Context-awareness with privacy, trust and location

•  User is in charge of creating identities through self-service freemium services •  Data shifts to intelligence as it commoditizes Big Data to self-service analytics •  Resource emphasis switched; what was iWork 9-5 and iLife 5-9 have blended •  Identifier ascended to IMEI and ubiquitous handles beyond user identity or access •  Security needs to be leveraged via RTLS to drive Privacy and Trust beyond events


Power Shift in Managing Identities

•  Shift towards organizing vs. prescribing user identities

•  Shift to serve fine-grain targeted access for users

•  Need for agility without losing governance or control

•  Shift to accommodate the blurred enterprise walls

•  Shift to segmentation of personal data into 4 sub-types …

Applying IAM Techniques to Consumer Data (Eve Maler)


7 billion users

11 billion access,

downloads

Billions of identities accessing millions of

applications from access points,

trillions of times a day

Power Shift to the Users

•  2,000,000,000 internet users

•  5,600,000,000 mobile subscribers1

•  300,000 mobile applications downloaded 11,000,000,000 times2

•  1,000,000 users took AOL 9 years, Facebook 9 months, and DrawSomething 9 days3

1 ABI Research, Nov 2011 2 IDC Research, Aug 2011 3 Business Insider, Mar 2012 4 Forrester Research, Sep 2011

Delivering the Core Identity Functions


Shift to Services, Analytics and Intelligence

Context and

Intelligence via enriched

external feeds

Platform Directories,

Security

Analytics Catalog, Access and Governance

Services Resources,Policies

Provisioning

On-premise Off-premise

Com

mod

itiza

tion

Inno

vatio

n


1. Identity Management

•  Customers want … –  Integrated solutions

–  Lower cost of ownership

–  Flexible deployment model

•  Our Innovation –  Pre-fab soft appliance

–  Small footprint solution

–  Well-defined SLAs

Off-premise hosted hybrid

solution

Utility

Outsourced service provider solution

Managed

On-premise enterprise solution

Private

Past Future Present


2. Identity Services

•  Customers want to … –  Selectively host services

–  Iteratively deploy solutions

–  Maintain financial flexibility

•  Our Innovation –  SaaS-based solution

–  Cloud-ready services

–  Capex to opex shift

Adm

inistration

Authorization

Authentication

Attribute

Audit

HR Directory

Enterprise User

Cloud based Applications


3. Identity Analytics

•  Customers want to –  Retrieve service catalogs

–  Access from mobile devices anywhere anytime

•  Our Innovation –  Mine for permissions and

usage

–  Provide context to resource, groups and roles

Identity and Security Backend Systems


4. Identity Intelligence

•  Customers want –  Context for decision-making

–  Knowledge from catalogs


4. Identity Intelligence (Contd.)

•  Our Innovation –  Visualize employee roles with context to make decisions

–  Visualize permissions (plus resources)

–  Visualize policies (with related attributes)

Identity Access Intelligence: Making IAM Relevant to the Business (Earl Perkins)

Understanding the Identity Continuum


Two Pillars of Identity Management

From the Cloud Via Social Lens

To the Cloud Via Risk Lens

PROVISIONING INTELLIGENCE

Small organizations using soln in the cloud

Mature organizations extending to the cloud

Orgs managing cred-entials from the cloud

In the Cloud Via UserID Lens

User Id social feeds -LinkedIn, Facebook

Big Index of User Id-s instead of any big data

User-activity risks from events and RTLS feed

Note: RTLS or Real-Time Location Services track the identity of users by tracking the location in real-time using inexpensive tags that receive signals.


Two Pillars Intertwined Together

PROVISIONING INTELLIGENCE

Small organizations using soln in the cloud

Mature organizations extending to the cloud

Orgs managing cred-entials from the cloud User Id social feeds -

LinkedIn, Facebook

Big Index of User Id-s instead of any big data

User-activity risks from events and RTLS feed


Identity Management in the Cloud

•  Drivers •  Drive revenue growth

•  Lower cost, or improve operating margins

•  Provide competitive parity or differentiation

•  Is it an enablement or discrete business?

•  Key Trends

•  Smaller organizations opting for turnkey provisioning solutions

•  Larger organizations, e.g, Telecoms, are leveraging “in the cloud” solutions for specific user populations


Identity Management to the Cloud

•  Drivers •  Sustain existing revenue stream and operating margin

•  Lower cost for companies with significant IT infrastructure on premises

•  Is it a business model shift or new business?

•  Key Trends

•  Mature organizations are extending their existing infrastructure to manage SaaS and partner applications.


Identity Management from the Cloud

•  Drivers •  Drive revenue in the SaaS market

•  Hedge the bet with a hybrid solution

•  Establish the business image as forward-looking

•  Is it a new business model, risk mitigation, or both?

•  Key Trends

•  Organizations leveraging IDaaS for on-premise identities and applications.

•  Hybrid solution to store user credentials on premises, while managing the system “from the cloud”. Best of both worlds.


Your Identity Continuum

Your enterprise (on-premise) user credentials and passwords

Your password-less devices and PDAs accessing SaaS applications (BYOD)

Your service provider (off-premise) MT user management console

Your security is assured closer to the enterprise than at the edge

Understanding the Identity Continuum


Your Identity in Context

SECURE SOCIAL GOVERN MOBILE

Devices via which user identity is

permeated

Feeds correlated against authentic

identity

Privilege and roles governed by

policies

Events/logs that calculate the risk against identity Powerful combination of

Social feeds, Mobile devices, Event feeds, Appl feeds, Services feeds

Materialized view of multiple sources map-reduced and contextualized to a single identity

“Contextualization of User Identity”


Identity Solution Stack

Identity Intelligence Securi

ty

Identity Manager

Roles Provisioning

Access Governance Identity Analytics

Identity and AG Analytics

Mobile Social

Directory and Security Services

External

knowledge

Directory Resources

Group Policies

1. Identity Mgmt

2. Identity Services

3. Identity Analytics

4. Identity Intelligence


Summary

•  Power shifts in Identity … leverage IDM’s ecosystem

… aggregate tertiary feeds with user context

•  Contextualize Identity … from platform to services,

… from enterprise to off-premise hosting

… by adding intelligence beyond the users

NetIQ is the leading vendor in the space in terms of install-base and time in the market, and our vision is driving thought leadership to evolve today’s product to tomorrow’s solutions.

Sneak Peak for Future Identity Apps


Thank you.

Call to action line one and call to action line two www.calltoaction.com


+1 713.548.1700 (Worldwide) 888.323.6768 (Toll-free) [email protected] NetIQ.com

Worldwide Headquarters 1233 West Loop South Suite 810 Houston, TX 77027 USA

http://community.netiq.com

This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. Copyright © 2013 NetIQ Corporation. All rights reserved. ActiveAudit, ActiveView, Aegis, AppManager, Change Administrator, Change Guardian, Compliance Suite, the cube logo design, Directory and Resource Administrator, Directory Security Administrator, Domain Migration Administrator, Exchange Administrator, File Security Administrator, Group Policy Administrator, Group Policy Guardian, Group Policy Suite, IntelliPolicy, Knowledge Scripts, NetConnect, NetIQ, the NetIQ logo, PSAudit, PSDetect, PSPasswordManager, PSSecure, Secure Configuration Manager, Security Administration Suite, Security Manager, Server Consolidator, VigilEnt, and Vivinet are trademarks or registered trademarks of NetIQ Corporation or its subsidiaries in the United States and other countries.

Identity Insights: Social, Local and Mobile Identity

Technology

Transcript of Identity Insights: Social, Local and Mobile Identity