Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
-
Upload
onelogin -
Category
Technology
-
view
507 -
download
1
Transcript of Zero-compromise IDaaS: Achieve Both Security and Workforce Productivity
Increasing IT complexity
Thousands of employees, partners, customers, and multiple devices...
Working with many, many apps, both in the cloud and on-premise.
Slow Fast
No
Inte
gri
ty
Fu
ll In
teg
rity
Lock down
Out of business Shadow IT
New Model for Enterprise Identity Management
Speed and integrity. No compromise.
Bimodal IT = Marathon Runners + Sprinters
DataCenter
MFADirectories
VPN
LegacyIdP
WiFi
On-premapps
MobileApps
CloudApps
IoT
Devices
Desktops
Social Identity
Cloud On-premise Mobile
All locationsAll devicesAll users
New class of identity management solution
Application Management
Endpoint Control
EnterpriseInfrastructure
SecurityIntegrationFramework
UserManagement
Mobile
DataCenter
CloudApps
IoT
Mobile
Desktop
MFA
SIEM
Partners
Customers
Employees
Directories
VPN
LegacyIdP
WiFi
On-premapps
CASB
Social Identity
Cloud Directory
HCM
Integrated Bimodal approach
Extend existing infrastructure
Control your endpoints
Connect your apps
Integrate yourcontrols
Embrace your users
Application Management
Endpoint Control
EnterpriseInfrastructureSecurity
IntegrationFramework
UserManagement
Mobile
Data Center
Cloud Apps
IoT
Mobile
Desktop
Partners
Customers
Employees
Directories
VPN
Wi-Fi
On-prem apps
Social Identity
Cloud Directory
HCM
Legacy IdP
SIEM
CASB
MFA
LDAP · SAML · RADIUS
FIREWALL
Appliance
4000+PRE-INTEGRATED
WEB APPS
Legacy
Custom
SAMLWS-*
OAuth
Custom AppsLegacy Apps
SAML
WAM
RADIUS LDAP
WAM
LDAP
SAML
PUBLIC CLOUDPRIVATE CLOUD
Secure Hybrid Enterprise
Mode 1
Mode 2
Agile application security framework
Super flexible authentication
OneLogin ready
Secure access controls
URL filtering
Role-based
Extensible rules library
Centralized policy, triggers, logging
Best-of-class ease of administration
Best-of-class web agents
Proven with strong customer base:
Web Access Management for on-prem apps
Do This Today:
1. Rewire existing applications
2. Replace legacy SiteMinders
3. Replace legacy ClearTrust
Mode 1
OneLoginVirtual LDAP
LDAPEndpoint
Network Attached StorageNetApp, EMC
Web Servers
WiFiWPA2 Enterprise, Cisco,
Meraki
VPNCisco, Juniper, Palo Alto
Virtual LDAP -- LDAP-as-a-Service
Do This Today:1. For apps that connect to
your directory over LDAP, use this instead
2. Reduce your exposure on-
premises
3. Simplify your development
Mode 1
Next, focus on Mobile Identity & Integrity
IT AdminCan finally manage the
actual risk of mobile access
Sandy, Contractor
working at a cafe
Multifactor Auth (MFA)
Required
Rob, Sales meetings
from the field
Auto logged-in
Brent, In-person Sales
meetings at the HQ
No access to Billing
MFA Required
Elle, Designer working
at the HQ
Auto logged-in
Device
Trusted
Device
Trusted
Mode 2
OneLogin will protect your Macs, your PCs
+ +
OneLogin credentials unlock machine
Password is hashed locally
When disconnected, last good hash
Whenever connected to internet, policies apply
Perfect for employees not connected to an AD domain
SIEM Streaming
TODAY TOMORROWPowerful events API and pre-built Splunk integration Stream all events real-time to the SIEM of your choice.
Query and filter on metadata
Cursor-based pagination
Super fast, super easy
All OneLogin events sent to SIEM system in real-time
JSON is pushed to HTTPS endpoint
API for additional events
event bus
Mode 1+2
Cloud On-premise Mobile
All locationsAll devicesAll users
New class of identity management solution
Application Management
Endpoint Control
EnterpriseInfrastructure
SecurityIntegrationFramework
UserManagement
Mobile
DataCenter
CloudApps
IoT
Mobile
Desktop
MFA
SIEM
Partners
Customers
Employees
Directories
VPN
LegacyIdP
WiFi
On-premapps
CASB
Social Identity
Cloud Directory
HCM
Integrated Bimodal approach
1. Estimate number of apps your company uses. Then stop by someone’s machine and look at their tabs.
2. Ask millennial employees what makes work hard (from a systems and apps perspective). Ask for their ideal workflow. Whatever they say, someone is working that way at your company right now. And it’s your problem.
3. Ask yourself where you want to be in 5 years. Is your core competency racking, stacking, and managing machines? If not, more of your core infrastructure will move to the cloud, and you need technology that can manage that gracefully.
Monday Actions