MANAGING IDENTITIES IN THE MICROSOFT CLOUD

Wim Buysse

Click icon to add picture

ENABLEYOURUSERS

USER

PROTECTYOURDATA

IT

WHY AZURE ACTIVE DIRECTORY?

AM

YE OLDEN DAYS

I

Email

FILESERVERDATABAS

E

AM

YE OLDEN DAYS

I

DIRECTORY SERVICES

AM

YE OLDEN DAYS

I

DIRECTORY SERVICES

TODAY’S MESH (MESS?)

EC2

ON-PREMISES PRIVATE CLOUDMANAGED DEVICES

SELFSERVICE

SINGLESIGN-ON

•••••••••••Username

ADRESSING THE MESH (MESS?)SINGLESYNCH

CLOUD

SaaSAzure

Office 365Publiccloud

ACTIVE DIRECTORY

ON-PREMISES AZURE ACTIVE DIRECTORY

TIP: CLOUD APP DISCOVERY

EMPOWER YOURUSERS

CENTRALLY MANAGED IDENTITY & ACCESS

MONITOR & PROTECT CLOUD APP ACCESS

YOUR DIRECTORY IN THE CLOUD

WHAT IS IAM ALL ABOUT?

AADCONNECT password hash sync

AADCONNECT

AD FS

AZURE ACTIVE DIRECTORY

AZURE ACTIVE DIRECTORY

YOUR DIRECTORY IN THE CLOUD

AZURE ACTIVE DIRECTORY

CLOUDIDENTITY

SYNCHEDIDENTITY

FEDERATEDIDENTITY

DIRSYNC SHORTCOMINGS ADDRESSEDAADCONNECT REPLACES DIRSYNC

SYNCHRONIZE MULTIPLE FORESTS TO SINGLE TENANT

EXTENDING AZURE AD SCHEMA

IMPROVED RULES EDITOR

APPLICATION INTEGRATION

SaaS APPS

OWN APPS

CENTRALLY MANAGED IDENTITIES & ACCESS

SaaS APPS

AZURE ACTIVE DIRECTORY

CENTRALLY MANAGED IDENTITIES & ACCESS

SaaS APPSAZURE

ACTIVE DIRECTORY

USER ATTRIBUTE

DEVICE

LOCATION

ALLOWBLOCK

MFA

MONITOR & PROTECT CLOUD APP ACCESS

ULTIMATE SECURITY VS.

ULTIMATE USABILITY

EMPOWER YOUR USERS

APPLICATION PORTAL

EMPOWER YOUR USERSPASSWORD SELF-SERVICE

(Writeback)

TAKE IT FURTHER: B2B COLLABORATION

I NEED MY PARTNERS TO ACCESS MY ENTERPRISE APPLICATIONS USING THEIR OWN CREDENTIALS

› PARTNER MANAGED IDENTITIES

› SHARING INVITATION MODEL› CONTROL APPLICATION

ACCESS

TAKE IT FURTHER: B2CI HAVE AN ONLINE APPLICATION AND I NEED INDIVIDUAL CUSTOMERS TO SIGN-UP AND ENROLL FOR IT

› SELF SERVICE REGISTRATION› SUPPORT SOCIAL ACCOUNTS› MFA (OPTIONAL)

KEY TAKEAWAYS

EC2

ON-PREMISES PRIVATE CLOUDMANAGED DEVICES

SIMPLICITYIS THE

ULTIMATE SOPHISTICATION