Securing Access to SaaS Apps with WSO2 Identity Server
Download as PPTX, PDF1 like391 views
The document discusses securing access to SaaS applications using WSO2 Identity Server, highlighting its free and open-source nature, extensive IAM features, and support for open standards. It outlines the business benefits of SaaS, the challenges associated with IAM integration, and best practices for security measures like multi-factor authentication and single sign-on. Additionally, it addresses the importance of adapting to modern security needs while considering both security and user convenience.
Securing Access to SaaS Apps with WSO2 Identity Server
- 1. Securing Access to SaaS Apps with WSO2 Identity Server June 25, 2017 Ishara Karunarathna Farasath Ahamed 1
- 2. 2017 Summer School Webinar Series 2
- 3. About WSO2 ▪ All WSO2 products 100% free and open source ▪ Licensed under Apache 2.0 ▪ Based on WSO2 Carbon platform ▪ Componentized, modular architecture ▪ Founded in 2005 3
- 5. ▪ Currently in its 5th generation ▪ Latest release - WSO2 Identity Server 5.3.0 ▪ Addresses critical IAM needs both in customer IAM and workforce IAM spaces ▪ Extensive support for open standards - no vendor locking ▪ Large scale deployments over millions of users ▪ Rich eco system with 40+ connectors (https://store.wso2.com/store/assets/isconnector/list) ▪ Support for multi-tenancy ▪ Extensible product architecture to address complex IAM needs About WSO2 Identity Server 5
- 6. Securing Access to SaaS Apps with WSO2 Identity Server 6
- 7. Agenda ▪ SaaS apps, Why? ▪ Business benefits with SaaS apps ▪ IAM challenges with SaaS integration ▪ IAM Solution Patterns for SaaS Apps ▪ Q&A 7
- 8. “Software-as-a-Service (SaaS) is expected to increase 20.1%, reaching $46.3B in 2017” SaaS Apps, Why? 8 - Gartner -
- 9. ▪ Efficiency, velocity, and agility ▪ Cost-effective ▪ Better collaboration Business benefits with SaaS apps 9
- 11. "Security is the No. 1 reason preventing firms from moving to SaaS," What prevents you from moving to SaaS 11
- 12. ▪ Identity and Access Management ▪ Application and data Management ▪ Logging and monitoring SaaS Security Concerns 12
- 13. ▪ Identity LifeCycle Management ▪ User Authentication ▪ User Authorization ▪ Single Sign-On ▪ Analytics IAM Challenges with SaaS Apps 13
- 14. ▪ Error-Prone user provisioning and deprovisioning ▪ Overhead of User administration ▪ Self service and Identity verification ▪ Different administration models for different applications Identity LifeCycle Management 14
- 15. ▪ User password fatigue ▪ Strong multifactor authentication ▪ Elevated authentication support ▪ Adaptive authentication ▪ BYOID User Authentication 15
- 16. ▪ Centralized Authorization ▪ Role based access control ▪ Granular permissions ▪ Access delegation User Authorization 16
- 17. ▪ SIngle authentication session for multiple application logins ▪ Identity Federation ▪ Protocol bridging ▪ Seamless application integration Single Sign-On 17
- 18. ▪ Fraud detection ▪ Understanding user behavior ▪ Predicting future needs Analytics 18
- 19. ▪ Use existing infrastructure wherever and whenever possible ▪ Avoid proprietary mechanisms go, for Open Standards ▪ Minimise sensitive user data in the cloud ▪ Right balance between Security vs Convenience ▪ Requires a cultural changes to move to new platform SaaS IAM Best Practices 19
- 20. IAM Solution Patterns for SaaS Apps 20
- 23. Just In Time Provisioning 23
- 25. Single Sign On using multiple protocols 25
- 26. Single Sign On using multiple protocols 26
- 29. Engage Authorization policies in Authentication 29
- 33. Q&A 33
- 34. What next? 34
- 35. OPEN TECHNOLOGY FOR YOUR AGILE DIGITAL BUSINESS THANK YOU 35