Doing More with Less Bringing Shared Identity Services into Reality

Transcription

1 Doing More with Less Bringing Shared Identity Services into Reality Wade Ellery Director of Sales Luc Rulon Account Executive

2 Diagnosis for Healthcare.gov: Unrealistic Technology Expectations MIT Technology Review by David Talbot on December 2, 2013 The website for the Affordable Care Act was doomed by an inordinately complex setup that tried to link disparate databases in real time. That meant the site would have to interface in real-time with databases maintained by the Internal Revenue Service and other agencies. Says John Halamka, chief information officer of Beth Israel Deaconess Medical Center in Boston. You don t want to query 10 downstream systems and be reliant on their performance, because you are only going to be as good as the slowest one.

3 World Why Do of We Access Need is Identity Expanding as a Shared Service? Identity is the New Perimeter App sourcing and hosting SaaS apps Apps in public clouds Partner apps Apps in private clouds On-premise enterprise apps Enterprise computers Enterprise-issued devices Public computers BYOD Employees Contractors Customers Partners Members App access channels User populations Source: March 22, 2012, Forrester report Navigate The Future Of Identity And Access Management

4 If Identity is the New Perimeter, How Do We Manage It Effectively? Identity is stored across many backend systems Identity is siloed by application or system Identity is stored in incompatible formats and structures Existing Identity Infrastructure

5 Legacy Applications Dependent on Existing Infrastructure Legacy Applications Existing Identity Infrastructure

6 Supporting Multiple Repositories is Costly: Traditional IDM Attempted to Mitigate Legacy Applications IDM Existing Identity Infrastructure

7 New Applications Increase complexity, support, and risk by N 2 SaaS/Cloud/BYOD/ Partner Apps Legacy Applications IDM Existing Identity Infrastructure

8 Federated Identity Service The Identity Hub SaaS/Cloud/BYOD/ Partner Apps Legacy Applications IDM Federated Identity Service Existing Identity Infrastructure

9 Federated Identity Service Able to Sunset Identity Stores SaaS/Cloud/BYOD/ Partner Apps Legacy Applications Sail Point Federated Identity Service Existing Identity Infrastructure

10 Benefits of Implementing a Shared Service based on a Federated Identity Hub Bottom-Line Revenue New business initiatives are rolled out faster with less resourses and cost Mergers, acquisitions, and divestitures are faster and more efficient Business Continuity Existing applications and processes are not disrupted Users gain access to more resources without increasing effort Leverage and Reuse of Resources Existing identity infrastructure is consolidated and optimized Identity data is repurposed and value extended Increased Security, Audit, and Compliance Enterprise-wide view into Who Has Access to What and Why Visibility into shadow IT and cloud applications Fewer identity stores to manage and audit

11 Sounds Good! How Do I Start? Q: At what point in a project lifecycle do you engage your IT Security or Identity & Access Management teams?

12 Where is Your Company on the Shared Identity Services Continuum? Business Group Leaders The Case More modern architecture. Able to meet business requirements faster and at lower costs. Steering Committee Shared Services Group What s in it for me? My project gets deployed in weeks vs. months or years. My costs for integrating into our enterprise are dramatically reduced. The Vision Flexible infrastructure allows us to meet needs of new projects quickly and costeffectively. IT is no longer the bottleneck it is an enabler to business.

13 Highest Encompasses Sounds Use Like as an Multiple Strategic Operations Disciplines Initiative

14 Gartner Hype Cycle

15 Gartner Hype Cycle Federated Identity Management Virtual Directories

16 Current model VDS model Federated Identity Service at Intel Steve Price Identity Service Manager Intel IT

17 Key Breakthrough Federated Identity Service A game-changer in meeting business needs - Now deliver in days what used to take months - Identity team a business enabler instead of a bottleneck Radiant Surpassed ROI Estimate Now deliver in 3 days what used to take 4 months Tailored, use-case-specific function, while reusing existing systems w/o requiring changes to infrastructure. Old world of delivering 3 applications per year turned into 10 apps in 2 months, with more coming Enables us to: DO MORE WITH LESS! 17 Copyright 2012, Intel Corporation. All rights reserved.

18 Use Case: M&A Branded Portal Requirement: Provide SSO from Office 365 SharePoint Company A application to branded portal application from desktop credentials for all constituents. Solution: Provide Windows authentication by combining SiteMinder and Radiant Logic FID to pass credentials to branded portal Long-Term Benefits: No application rework is required when ADs collapse into one Company A - SharePoint Office 365 User logs into SharePoint and click link to Branded Portal internal hosted application SiteMinder Web SSO w/ Windows Integrated Authentication Radiant Logic FID Consolidates views of 4 active directories, performs attribute conversion Branded Portal - Internal Hosted application User single sign-on using their machine login credentials FID solution provides credentials and correct employeeid Company B NA Company A US1 Company A UK BIZ Company A NET

19 Mergers & Acquisitions Bank A Population Bank A View Bank A Bank A Bank B Bank B Population Bank B View Bank A Bank B Bank B

20 Questions? Wade Ellery Directory of Sales (415) Luc Rulon Account Executive (415)