Embed Size (px)
Citation preview
Tabish Tanzeem, CISSP | Advisor
End-to-End Identity Management: From Access to Governance
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Okta at a Glance
Founded in 2009Pioneered Identity Management in the Cloud
NASDAQ Listed April, 2017
5,000+ CustomersSMB to Fortune 500,every industry, every geography
120M+Okta UsersPeople use Okta to securely connect to the tools they need to be productive
6,150+IntegrationsIndustry’s broadest, deepest network of integrations
5X Gartner MQ LeaderOnly vendor in the industry to achieve this
© Okta and/or its affiliates. All rights reserved. Okta Confidential 3
Relentless Innovation, Exponentially More Users
Employees Contractors Partners Suppliers Customers
Infrastructure Applications Platforms DevicesAPIs
© Okta and/or its affiliates. All rights reserved. Okta Confidential 4
IT Paradigm Shifts
Integration is everything
People are the perimeter
Every company is atechnology company
© Okta and/or its affiliates. All rights reserved. Okta Confidential 5
Integration is everything
People are the perimeter
Every company is atechnology company
IDENTITYdefines the experience
IDENTITYdrives security
IDENTITYis the lynchpin
IT Paradigm Shifts
© Okta and/or its affiliates. All rights reserved. Okta Confidential 6
© Okta and/or its affiliates. All rights reserved. Okta Confidential 7
Born and Built in the Cloud
Connect Everything
Independent and Neutral
Secure
Always On
© Okta and/or its affiliates. All rights reserved. Okta Confidential 8
WorkflowOrchestration
NetworkSecurity App Delivery CASB API Mgmt IaaSAnalyticsApplications
OKTAINTEGRATION
NETWORK
© Okta and/or its affiliates. All rights reserved. Okta Confidential 9
IT Products API Products
Single Sign-On
UniversalDirectory
AdaptiveMFA
LifecycleManagement
API AccessManagement
Modernize IT for theextended enterprise
Transform the customer experience
© Okta and/or its affiliates. All rights reserved. Okta Confidential 10
Thousands of Enterprise Customers
Health Technology Finance Manufacturing, Energy
Services MediaEd, Gov,Non-Profit
Consumer Cloud
© Okta and/or its affiliates. All rights reserved. Okta Confidential 11
The industry’s most reliable and secure platform
Copyright © SailPoint Technologies, Inc. 2016. All rights reserved. 12
The Business Problem and SailPoint Solutions
13
What is being done with that Access
WHO has access to WHAT?
Is that ALL APPROPRIATE?
Can you PROVE it to the Auditors?
HOW did they get that access?
WHAT data is at that access ? Identity Governance
It’s who we areIt’s what we do
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Identity Governance
SailPoint Vision: Comprehensive Governance
File storage systems
File servers Cloud storage
Collaborationsystems
NAS
Mainframes Databases
ApplicationsCRM/HR/Financial
Applications & infrastructure
Access
Okta + SailPoint Partnership
© Okta and/or its affiliates. All rights reserved. Okta Confidential 16
• Identities stored in AD, without additional context for apps
• Enterprises need unified solution to manage identity, governance
• Identity is critical for security, need best-of-breed
Okta + SailPoint Addresses Customer Needs
© Okta and/or its affiliates. All rights reserved. Okta Confidential 17
OKTAThe leader in access
management
SAILPOINT The leader in identity
governance
+
ACCESS SECURITY COMPLIANCE
Identity Access + Governance = IDENTITY 2.0
© Okta and/or its affiliates. All rights reserved. Okta Confidential 18
Best-of-Breed Identity
Leaders in the identity market
Defined respective markets
Partnering for benefit of customer
© Okta and/or its affiliates. All rights reserved. Okta Confidential 19
IGAUser
Application
Events
Compliance
SoD
Harvesting
Reconciliation
Catalogue
Source of Truth
Accounts
Groups
Roles
Entitlements
Attributes
Account
Roles
Entitlements
Approvals
Tracking
Fulfillment
Okta
SailPoint
AccessDiscovery
Identity Administration
Access Requests& Approvals
Access Certification
AccessReporting
REQUEST
User
Roles
Entitlements
Event Driven
Workflow(s)
Remediation
© Okta and/or its affiliates. All rights reserved. Okta Confidential 20
Integration Overview
Applications
• Okta, SailPoint connect to AD to offer complete identity management
• Okta secures identity access
• SailPoint ensures identity governance
• Okta, SailPoint integrate with app infrastructure for seamless, secure access and governance • Access Management
• User Authentication• Single Sign-On• Adaptive - MFA• Password Reset
• Access Request• Access Certifications• Separation of Duties• Entitlement Provisioning• Password Management
© Okta and/or its affiliates. All rights reserved. Okta Confidential 21
Coexistence (Governed apps)
JML = Joiner, Mover, Leaver
Certifications, SoD, Remediation
Governed apps
© Okta and/or its affiliates. All rights reserved. Okta Confidential 22
Coexistence (non-governed apps)
Certifications, SoD, Remediation
Non-governed apps
JML = Joiner, Mover, Leaver
5500+
Governed apps
© Okta and/or its affiliates. All rights reserved. Okta Confidential 23
Use Case Example - Password Reset via AD Bridge
Reset PW Set PW Get PW
Set PW
Governed apps
© Okta and/or its affiliates. All rights reserved. Okta Confidential 24
Jane joins Sales
Access Policies
Provision with entitlements
Add Jane to Group
Get Group Membership
Assignment
SSO
Use Case Example – Joiner/Mover via AD Bridge
© Okta and/or its affiliates. All rights reserved. Okta Confidential 25
Customer Case Study• Major US enterprise• Regulated industry; security and compliance are board-level concerns
Challenges Combined Solution Business Value
Exponential problem: thousands of employees accessing hundreds of app
Streamline access request process
Automatic access request across all apps; automated provisioning to strategic apps
Legacy access management, difficult to maintain
Cloud-based access management; easy for end-users to use, and for IT to maintain
End-users have seamless, secure way to access apps; IT retired expensive on-prem IAM
+A CA
SE O
F
