ZERO TRUST IDENTITY

Identity is the Center of Security– The Future is Now!– Zero Trust Identity

• Users Data, and Devices are uniquely tied together

• Users and devices are untrustworthy

SESSIONSTime Session Partners

2:30 Access Management Verifies Enterprise Mobility Management Status of Mobile Device

Ping / Vmware

3:00 Complete Security for your AWS deployment Okta / Netskope / LogRhythm / CyberArk

3:30 Adaptive Access Management for Enterprises SecureAuth / Netskope / LogRhythm

4:00 Delegation of Access Management and trust elevation for privileged access

Gemalto / Ping / BeyondTrust

4:30 Access Management checks for Cloud Access Security Broker

Ping / Netskope / Optiv

5:00 Identity Governance Attestation of Privileged Account Management

SailPoint / CyberArk / LogRhythm

Adaptive Access Management for Enterprises

ADAPTIVE ACCESS MANAGEMENT FOR ENTERPRISES

• Problem

– Access Management systems also need to be able to respond to changing threats, while working more closely with other security layers, to prevent data loss.

• Zero Trust Capabilities

– Never trust the existing user session based on Fraud and Risk data

– Continually monitor behavior across systems

– Dynamically change users’s access based on behavior activity

• IDSA Use Cases

– Access Management Utilization of Risk Data

– Access Management Cloud Access Security Broker Security Policy Enforcement

+

Access Management

Identity Governance

Identity Administration

SIEM

EMMDLP

CASBPAM

GRC

Network Security

UEBA

Service Mgmt

Fraud & RiskDAG

IDENTITY SECURITY

Adaptive Access Management for Enterprises

ARCHITECTUREINFRASTRUCTURE

On-Premise

Managed Devices

SANCTIONED CLOUD APPS

A D

C o n n e c t o r

Netskope Cloud Tenant

1. Netskope consumes AD group info for RBAC

2. SecureAuth consume AD users and groups for AAA.

3. LogRhythmconsumes Netskope log data for analytics

4. SecureAuth consumes and creates risk data

5. LogRhythmAPI call to update risk and user groups with SecureAuth

6. Managed devices have Netskope client installed for traffic steering

7. SecureAuth provides SSO for sanctioned cloud applications

Secure AuthNON-SANCTIONED CLOUD

APPS

11

12

13

14

17

15

SecureAuthRisk Data

15

16

ARCHITECTUREUSER TRAFFIC

7

On-Premise

Managed Devices

SANCTIONED CLOUD APPS

A D

C o n n e c t o r

1. User logs into SecureAuth

2. SecureAuthauthorizes access based on risk criteria

3. Netskope enforces role based access controls

4. Allowed Traffic is sent to sanctioned or unsanctioned apps

Secure AuthNON-SANCTIONED CLOUD

APPS

11

12

13

14

14

a. IP Analysis & 2FAb. Syslog feedc. SmartResponse:

Identity & Risk Update

d. User Auth & Risk Data

e. Syslog feedf. Netskope Directory

Importerg. CASB Traffic

h. Authenticationi. User Traffic

Netskope Cloud Tenant

DEMO

FOLLOW UP• SecureAuth IDP is the centralized secure access management solution for user

identities across both Enterprise and Consumer use cases.

– Leverages the broadest set of Adaptive Risk Layers in the industry

• LogRhythm partnership allows utilization of UEBA and CloudAI intelligence– Ability to act on Risk Score via Adaptive Authentication Engine

• Integrations with Netskope provide access control to client’s sanctioned applications from unmanaged devices via reverse proxy

FOLLOW UP• Netskope is the enforcement for cloud services.

– Enforce policy on sanctioned services even for unmanaged devices without an agent

• Netskope’s Cloud XD generates rich, contextual and actionable data – log data can be used to decrease threat response time, mitigate risk

and increase security posture through automation

• Open Platform / Interoperability – Flexible deployment architectures and integrations provide the the

ability to address most use case with comprehensive automations that scale for the future.

QUESTIONS

MEMBERS

THANK YOU

For more information https://www.idsalliance.org