The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation.

Slides:



Advertisements
Similar presentations
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Advertisements

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Hybrid Computing is the New Net Norm Heath Aubin Solution Architect Microsoft Corporation AAP201.
Microsoft Identity Solutions
Virtual techdays INDIA │ august 2010 Managing Active Directory Using Microsoft Forefront Identity Manager: Amol R Bhandarkar │ Tech Specialist –
Understanding Active Directory
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Identity and Access Management
Brjann Brekkan Technical Product Manager Microsoft Corp. Session Code: SIA307.
Active Directory Integration with Microsoft Office 365
Empowering Small Businesses: Microsoft Office 365 P-Suite Danny Burlage MVP Office 365 Wortell.
Building Integrated Microsoft Office 365, SharePoint Online, and Office Solutions Using BCS and LOB Data Donovan Follette Sr. Technical.
Understanding Active Directory
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Microsoft Identity and Access Solutions Market Trends and Futures
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Identity and Access Management Business Ready Security Solutions.
Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Overview of Access and Information Protection
ARC312. Security Policy Governance Audit Reporting Analysis Data Quality Directory Logon Mobility Provisioning Development Access Control Authentication.
Dynamic Access Control Overview Matthias Wollnik Program Manager, File Server Microsoft Corporation.
Leveraging Oracle Data for Web- Based Reporting Northern California Oracle Users Group May 2001.
Designing Active Directory for Security
Single Sign-On with Microsoft Azure
Windows 2000 Active Directory Service COSC 513 Yongquan Cai 03/10/2001.
Harris Schneiderman Account Manager Kloud Solutions.
U.S. Department of Agriculture eGovernment Program August 14, 2003 eAuthentication Agency Application Pre-Design Meeting eGovernment Program.
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
UCLA Enterprise Directory Identity Management Infrastructure UC Enrollment Service Technical Conference October 16, 2007 Ying Ma
Tech Ed North America /24/2017 1:59 AM SESSION CODE: SIA327
Identity Solution in Baltic Theory and Practice Viktors Kozlovs Infrastructure Consultant Microsoft Latvia.
PCIT313. Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Alessandro Cardoso Microsoft MVP | Readify National Manager |
Making Entitlements in AD Understandable to the Business Rob de Jong Senior Program Manager Microsoft Corporation SIA314.
FDN03. Source: IDC, Media Tablet Multi-Client Study, February Note: IDC only surveyed iPad owners for this study.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Access resources in a federation partner organization.
Module 9 User Profiles and Social Networking. Module Overview Configuring User Profiles Implementing SharePoint 2010 Social Networking Features.
Federico Guerrini IDA TSP, EMEA Incubation Team From Identity Synchronization to Identity Management.
James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1.
Joe Schulman Program Manager Microsoft Corporation Session Code: SIA308 Fred Delombaerde Lead Program Manager Microsoft Corporation.
1 Active Directory Service in Windows 2000 Li Yang SID: November 2000.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Craig Pringle & Derek Moir
Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.
Security Insights: Identity Theft & Management. The Identity Theft Problem What is Identity Theft? Dumpster diving Low tech Phishing/Pharming Targets.
Introducing Novell ® Identity Manager 4 Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)
Almero Steyn Business Manager: IdAM GijimaAst Session Code: SIA 306 Almero Steyn Business Manager: IdAM GijimaAst Session Code: SIA 306.
Chris Louloudakis Solution Specialist Identity & Access Management Microsoft Corporation SVR302.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Hybrid Identity Deep dive Ross Adams 2016 Redmond Summit | Identity Without Boundaries May 25 th 2016 Azure AD
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Identity and Access Management
Secure Connected Infrastructure
Transforming business
Enterprise-level Identity Protection
Deployment Planning Services
SaaS Application Deep Dive
Identity Infrastructure Fundamentals and Key Capabilities
Microsoft Virtual Academy
OU BATTLECARD: Oracle Identity Management Training
Presentation transcript:

The Four Pillars of Identity: A Solution for Online Success Tom Shinder Principle Writer and Knowledge Engineer, SCD iX Solutions Group Microsoft Corporation AAP302

IT CONSTRAINTS BUDGET REDUCTIONS PROLIFERATION OF DEVICES EXPLOSIVE DATA GROWTH 20% 66% run grow 14% transform Companies are under pressure to do more with less

ALLOW CUSTOMERS & PARTNERS ROLE & DEVICE DRIVEN PRIVILEGES AVAILABILITY ENABLING DEVICES Companies must facilitate productivity without impacting security

PROLIFERATION OF GROUPS & USERS MERGERS & ACQUISITIONS RAPID ON-BOARDING OF SERVICES ADAPTING TO CLOUD Management must adapt rapidly to changing business needs

REPORT & AUDIT CENTRALIZE & STANDARDIZE PROTECT WHILE EXTENDING RAPID RESPONSE Companies need an integrated security strategy 

Incorporating Identity into your environment can transform your business PLAN FOR THE FUTURE TAKE CONTROL EMPOWER USERS

Identity Spans Environment USERS & DEVICESINFRASTRUCTUREAPPS & SERVICES IDENTITY

USERS & DEVICESINFRASTRUCTUREAPPS & SERVICES IDENTITY PUBLICPRIVATE TRADITIONAL IT HYBRID CLOUD

AUDITINGAUTHORIZATIONAUTHENTICATIONADMINISTRATION o Track who does what, when, where and how o Focused Alerting o In-Depth Collated Reporting o Governance o Single View Mgmt. o Application of Business Rules o Automated Requests, Approvals, and Access Assignment o User Sign-on Experience o Trusted Source o Standard and Secure Protocols o Level of Assurance o How and where are authorizations handled o Can a user access the resource and what can they do when they access it?

ADMINISTRATION AUDIT AUTHORIZATION AUTHENTICATION Provision & De-provision Identity Updates Change Control Synchronization Identity Proliferation Interface Selection Administration Provides Group Management

Flexible Sign-on Methods Assurance Methods Security Protocols Supported Sources AUTHENTICATION AUDIT AUTHORIZATION ADMINISTRATION Authentication Provides

Enforcement Strategy Access Policies Entitlement Type AUTHORIZATION ADMINISTRATIONAUTHENTICATION AUDIT Authorization Provides

Collection of data Governance methods Alerting Reporting AUDIT ADMINISTRATIONAUTHENTICATION AUTHORIZATION Audit Provides

BasicStandardizedRationalizedDynamic Administration Provisioning Manual Creation Automated Creation in one or more ID stores Automated Creation in all ID Stores DeprovisioningNo Deprovisioning, Adhoc Manual Deprovisioning in All ID Stores Automated Deprovisioning in one or more ID Stores Notifications to Others Automated deprovisioning in all ID Stores Group Management Manual by Help DeskOwner Managed w/o Approvals Dynamic/Attribute Based Owner Managed with Approvals Identity Updates Manual by Help DeskSelf-Service w/o verificationSelf-Service with Approvals Password Reset Performed by Help Desk Self-Service Password Reset Synchronization None Synchronization among some ID Stores Synchronization amongst all ID Stores Identity ProliferationNo Enterprise ID Store Enterprise ID Store + Application Specific Stores Single Enterprise ID Store User Interface Help DeskInternal User PortalInternal/External User Portal Change ControlNone Call Help Desk / Manual Workflow Call Help Desk / Some Electronic Workflow Self-Service Request with Electronic Workflow Authentication Sign-On Method Multiple Passwords, Multiple Logons One Password, Multiple Logons One Password, One Logon to Company Resources One Password, One Logon to all Resources SourceNo central sourceCentral + Application CentricCentral, Multiple External ID'sCentral + Federation ProtocolsMultiple Week Protocols Multiple Strong Protocols, No Transition Multiple Protocols with TransitionSingle Protocol AssuranceNo Assurance, Shared ID'sPassword-BasedSoft CertificatesMultifactor Authorization Entitlement TypeApplication Centric AD Integrated (Group based) + Some Application Centric Role or Attribute BasedCentralized Policy Based Access Policies NoneWrittenCentrally Enforced Enforcement Strategy Manual Agent, API, Proxy based Audit ReportingNone Manual Collation and Report Generation of Log Data Automated Report Generation on Some Systems Automated Attestation Report Creation AlertingNo Alerting Reactive/Event Driven Alerting Proactive Alerting + Event Based Alerting Governance No Governance No DLP, Manual Enforcement of Governance Centralized DLP in Use Collection of Data Disjoint, Manual Collection of Log Data Disjoint, Automated Collection of Logs Automated Collection of Log Data

Assess Build a Plan Innovate

TECHNOLOGIES Workshops are designed to introduce Identity and help customers understand how an identity solution could help their enterprise. Customer Benefits Include: Introduction to core tenants of Identity Discussion around recommended practices Detailed explanation of Microsoft identity solutions Business Value modeling One Day Workshop Education Hybrid DESIRED END STATES Identity Solutions Deployment Planning Assess Business Assess InfrastructureDefine Roadmap 2 Week Assessment and Roadmap Public PrivateTraditional IT Partners

Assessment designed to help the you understand your current state within identity and to provide a roadmap towards maturity based upon business needs and goals. Customer Benefits Include: Detailed assessment report and recommended path forward Logical roadmap based on assessment, experience and recommended practices 1-3 Day Workshops Education Identity Solutions Deployment Planning Assess Business Assess InfrastructureDefine Roadmap 2 Week Assessment and Roadmap One Day Workshop TECHNOLOGIES Hybrid DESIRED END STATES Public PrivateTraditional IT Partners

TECHNOLOGIES Identity Solutions Deployment Planning 1-3 Day Workshops Education One Day Workshop Microsoft Services Identity Offerings Include: Enterprise Identity Management using Forefront Identity Manager 2010 Enterprise Identity Federation using Active Directory Federation Services Access Enablement Gateway and Identity Service Solution Application Identity Assessment for Windows Azure Hybrid DESIRED END STATES Public PrivateTraditional IT Partners Assess Business Assess InfrastructureDefine Roadmap 2 Week Assessment and Roadmap

Application Owners Application Users AEGIS Solution

AAP201 Hybrid Computing is the New Net Norm SIA202 Microsoft Trustworthy Computing Cloud Security, Privacy and Reliability in a Nutshell SIA204 Cloudy Weather: How Secure is the Cloud? SIA207 Windows Server 2012 Dynamic Access Control Overview SIA312 What's New in Active Directory in Windows Server 2012 SIA313 Self-Service Password Reset for Active Directory with Microsoft Forefront Identity Manager 2010 R2 SIA316 Windows Server 2012 Dynamic Access Control Best Practices and Case Study Deployments in Microsoft IT SIA318 Managing and Extending Active Directory Federation Services SIA321 What's New in Windows Identity Foundation in Microsoft.NET Framework 4.5 SIA341 Windows Server 2012 Dynamic Access Control Deep Dive for Active Directory and Central Authorization Policies SIA21-HOL Using Dynamic Access Control to Automatically and Centrally Secure Data in Windows Server 2012 SIA01-TLC Microsoft Identity and Access SIA02-TLC Windows Server 2012 Active Directory Dynamic Access Control

Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

Evaluations Submit your evals online

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.