Bright talk mapping the right aut solution for you 2014 final (1)
1 like796 views
This document discusses mapping an ideal authentication solution to an organization's IT environment. It summarizes that data breaches are increasing as data moves more widely, requiring authentication approaches to change. Market dynamics are driving convergence of cloud identity and access management with authentication and a shift from hardware-based products to software-as-a-service. The document promotes SafeNet's authentication service, which provides a fully automated, cloud-based strong authentication solution requiring no infrastructure and reducing costs through automation and flexibility. It outlines features like multi-factor authentication options, automated provisioning and reporting, and integration with applications and user directories.
Bright talk mapping the right aut solution for you 2014 final (1)
- 1. Insert Your Name Insert Your Title Insert Date Mapping the Ideal Authentication Solution to your IT Environment May, 2014 Jason Hart CISSP CISM VP Cloud Solutions
- 2. Todays issues • Data breaches are rampant • Data is moving everywhere • The approach to protecting data must change 2
- 3. 4 years ago… Active Directory CISCO Router User Laptop 3
- 4. Active Directory CISCO Router User Laptop Now… Endpoints ApplicationsIdentities Complex Identity Management & Authentication Environments 4
- 5. Active Directory CISCO Router User Laptop Now… Endpoints ApplicationsIdentities Complex Identity Management & Authentication Environments 5
- 6. Market Dynamics Convergence of Cloud IAM and Auth Evolving Endpoint Shift from Product to Service Evolving Endpoint Shift from browser to application centric models Multiple identities Multiple devices Inconsistent credential management across mobile and PC 6
- 7. Market Dynamics Convergence of Cloud IAM and Auth Evolving Endpoint Shift from Product to Service Shift from Product to Service Not only about the security functionality. It is about how it is provisioned, managed, and brought to market On-demand, agile, automated, self-service Creating new business models and routes to market 7
- 8. Market Dynamics Convergence of Cloud IAM and Auth Evolving Endpoint Shift from Product to Service Convergence of Cloud IAM and Authentication Complexity has caused need for simplification. Markets are merging- it is inevitable 8
- 9. Strong Authentication On the Rise 9 In two years, 25% anticipate that 90-100% of the workforce will be using multi-factor authentication. Source: Multi-Factor Authentication: Current Usage and Trends, SafeNet Survey, April 2014
- 10. Driven by Security Concerns 10 Verizon 2013 Data Breach Investigations Report
- 11. But ………. 11 Ease of Use Need to Protect Multiple Applications Source: Multi-Factor Authentication: Current Usage and Trends, SafeNet Survey, April 2014
- 12. SafeNet Authentication Service Fully automated strong Authentication-as-a-Service from the cloud: • Automated provisioning, reporting, self service • Automated security policy engine and templates • Total flexibility to customize everything: tokens, processes, policies Simple service delivery and reduced overheads: • Up and running in minutes • No infrastructure or maintenance costs • No up front investment Protects all resources: SaaS, apps, networks Protects everyone with multiple token options: Software, SMS, Hardware and Grid tokens 12
- 13. Main “as-a-Service” Benefits Fully Automated. Strong authentication made easy through a fully automated management system. Use Cases. Broad use case coverage areas for vast authentication needs Low Total Cost of Operation. Substantially reduces costs compared to traditional strong authentication environments. Peace of Mind. Availability, protection, overall peace of mind in a trusted cloud environment. Quick Cloud Migration. Reduced deployment time and increased flexibility. 13 Cost Reduction. Simplicity. Flexibility.
- 14. 14 Online Storage Application Hosting Disaster Recovery SAML Tokens & Users Administrator Agent RADIUS API Private Networks Corporate Network Corporate Network Corporate Network Corporate Network LDAP / Active Directory LDAP / Active Directory LDAP / Active Directory LDAP / Active Directory Cloud Services Cloud Applications SAML SAML Protect Everything and Everyone, Anywhere
- 15. OTP Authenticators OOB (SMS) Authenticators Software Authenticators GrIDsure Authentication 15 SafeNet Authentication Service authenticators: • Don’t expire • Seed keys can be owned by the subscriber • Can be easily re-assigned to new users • Easy deployment saves cost and time • A token can be included in the service charge Protect Everyone
- 16. 16 Extend Identities to the Cloud User authenticates using enterprise identity Cloud ApplicationsSaaS Apps Salesforce.com Goggle Apps
- 17. Support Multiple Identities & Tokens 17 Multiple tokens per user and or Multiple user names per Token
- 18. 18 Cost Reduction. Simplicity. Flexibility Cost Related Advantages Up to 60% savings in Total Cost of Operation 99.999% service availability Effective budget utilization & flexibility with OPEX pricing Up to 90% reduction in administrative overhead costs
- 19. Easy Migration Continue to use your existing tokens • Protect your investment • Eliminate user disruption • Replace on expiry Import existing tokens into SafeNet Authentication Service (uses your existing infrastructure to authenticate) • Get a single view of all users and authentication activity • Use comprehensive reporting across all tokens Automate the deployment of replacement tokens prior to expiry of your existing tokens • Zero effort and zero-touch migration for all users without administrator intervention • Secure and easy self-enrollment 19
- 20. Strong Authentication Made Easy 20 Automation Reporting Security Customization and Branding Multiple Business Unit Entities, Groups & Containers Operator Role and Scope Corporate Integration APIs
- 21. Reduce management time 21 User Synchronization Automate everything Lower the costs of strong authentication SAML Service Registration Alerts Reporting Security Policy Application Token Provisioning Self Enrollment Automated Features
- 22. User Directory Sources Supporting any user store • SQL, LDAP, AD ,ODBC, Lotus, Novell, anything (via custom field mapping) • Zero schema change • Read only • Non intrusive • Full customisation • Multiple domains • No hardware required • Secure • In Addition users can be bulk imported eg via .csv files and / or created locally 22 User Synchronization
- 23. LDAP Changes Automatic updates of LDAP changes 23 Users User Changes Directory Server LDAP Agent GroupsAccess Device or Application LDAP Rules Self Enrollment Authentication User Synchronization
- 24. Token Policies and Your Security Ability to set token Policies • Pre-configured to best practice for optimal security • Reconfigurable to match your policy • Multiple options can be re-defined • PIN length and complexity • OTP length and complexity • Try attempts • Forced PIN change • Portal shows details of EVERY individual token Initialization of tokens • Software/SMS tokens initialised at point of deployment • Hardware tokens can also be initialised Security Policy Application
- 25. Provisioning Rules Rules Engines for auto-provisioning & authorization • Powerful and flexible auto-provisioning • Token allocation, suspension and de-allocation and more • Auto registration for SAML services Central administration of rules that are automatically applied to users based on their group membership • All token management can be done via group membership in LDAP • Changes in LDAP initiate the provisioning process without any admin intervention Access/authorization is controlled by the real-time application of another rules engine and authentication is allowed or denied based on criteria such as • Access point • LDAP attributes (group membership or time of day) 25 Token Provisioning
- 26. Simple Enrollment Process 26 OR • Automated self-enrollment for all tokens • Customizable messages • Fully automated with auto-provisioning • Alerts highlight incomplete enrolments Self Enrollment User Self-Enrollment User Self-Enrollment User Self-Enrollment
- 27. Pro-Active Management Pro-active alerts • System, deployment and user events • Capacity or SMS credits are running low • Users who have not enrolled • Provisioning • Internal or external delivery • SMS or email based 27 Alerts
- 28. Reports Delivery Reports can be scheduled • Time-of-Day / Day-of-Week • Cyclic repeat for regular reports Email based delivery or via portal access • Email to both internal or external recipients Fully automated delivery • Output in html, csv, tab, xml • Delivery via FTP, SFTP, SCP 28 Reporting
- 29. Summary 29
- 30. Who We Are Trusted to protect the world’s most sensitive data for the world’s most trusted brands. GLOBAL FOOTPRINT +25,000 Customers in 100 countries EMPLOYEES +1,500 In 25 countries UK Government
- 31. SafeNet: A Leader in the Gartner Magic Quadrant for User Authentication 2014 31
- 32. Authentication TECHNOLOGYMANUFACTURING & SERVICES GOVERNMENTFINANCIAL SERVICES UK Government RETAIL, TRAVEL & TRANSPORT
- 33. Thank you for listening today Questions?