Presentation is loading. Please wait.

Presentation is loading. Please wait.

Andras Cser, Principal Analyst Eve Maler, Principal Analyst

Published byRichard Pope Modified over 6 years ago

Similar presentations

Presentation on theme: "Andras Cser, Principal Analyst Eve Maler, Principal Analyst"— Presentation transcript:

1 Webinar The Forrester Wave™: Enterprise Cloud Identity And Access Management, Q3 2012
Andras Cser, Principal Analyst Eve Maler, Principal Analyst September 20, Please call in at 12:55 p.m. Eastern time

2 App sourcing and hosting
Cloud apps and the extended enterprise drive the need for cloud IAM App sourcing and hosting SaaS apps Apps in public clouds Partner apps Apps in private clouds On-premises enterprise apps Enterprise computers Employees Contractors Enterprise-issued devices Partners Public computers Members Personal devices Customers App access channels User populations

3 Agenda How and why cloud IAM came to be
Selection criteria and evaluated vendors What did the Forrester Wave™ show? How should you use these results?

4 History of IAM Ad-hoc in-house systems
Custom web SSO, authz, provisioning . . . Extended help desk systems and password sync Workflow, attestation — and self-service password reset! On-premises point solutions Web SSO, feed-based provisioning, RBAC . . . Access governance Formal processes Cloud IAM Access mgmt, then ID mgmt

5 Problems with traditional IAM
Expensive Static snapshot Poor match with the extended enterprise Policy management costs that scale badly Overpayment for unneeded services Lack of insight into what others are doing — or not doing

6 Source: Amazon.com (http://www.amazon.com/)

7 Identity intelligence
Exchange of information becomes critical Fraud management Data protection Identity and access management Understand normalcy and anomalies in access using patterns Understand normal data usage patterns Identity intelligence Certify access to data assets

8

9 Source: Flickr (http://www.flickr.com/)

10 Where IAM is headed Identity — not just access — management in the cloud Utility pricing Shared best practices Federation hubs Shared identity whitelists and blacklists Risk pooling Contextual risk-based attestation ERM/DRM — only where needed

11

12 Types of cloud IAM offerings
Source: July 19, 2012, “The Forrester Wave™: Enterprise Cloud Identity And Access Management, Q3 2012” Forrester report

13 Results of the Forrester Wave™

14 We selected prominent vendors to help address its questions
Source: July 19, 2012, “The Forrester Wave™: Enterprise Cloud Identity And Access Management, Q3 2012” Forrester report

15 Vendors included . . . Source: July 19, 2012, “The Forrester Wave™: Enterprise Cloud Identity And Access Management, Q3 2012” Forrester report

16 Detailed scorecards are on Forrester.com
Source: July 19, 2012, “The Forrester Wave™: Enterprise Cloud Identity And Access Management, Q3 2012” Forrester report

17 The Forrester Wave™: Enterprise Cloud IAM, Q3 2012
Source: August 16, 2012, “The Forrester Wave: Cloud Strategies Of Online Collaboration Software Vendors, Q3 2012” Forrester report

18 Leader: Covisint The granddaddy of cloud IAM services
Comfortable and mature in the federation broker role for automotive, healthcare, energy, and travel Has nascent support for employee SSO into SaaS Strong identity management and attestation

19 Leader: Okta Focuses on outbound SSO to SaaS, including proxying inbound SAML connections Has pre-integrated connections to many SaaS providers Smooth 2FA and IWA integration Tested version has a metadirectory with weak deprovisioning ability (*see recent Workday news)

20 Leader: Symplified Provides great access control into SaaS
Identity Router component is deployable several ways: cloud, virtual appliance, real appliance. No just-in-time or bulk provisioning Partners with Symantec for VIP 2FA

21 Strong performer: Lighthouse Security Group
Puts an attractive, task-oriented UX on top of a hosted IBM Tivoli suite Strong on dashboards, auditing, and reporting By design, does not support pulling user info from an on-premises user store dynamically Clients expected to show up with their own Tivoli licenses

22 Strong performer: Simeio Solutions
Puts classic on-premises IAM solutions into the cloud, with the greatest affinity for — and vulnerability — to Oracle Interceptor appliance on site manages identity synchronization UX is a little schizophrenic: several places and paradigms. Does access control, but only for SAML-enabled apps

23 Strong performer: Verizon
Mature role as a security service provider Federation and SSO components have a NetIQ/Novell heritage First private-sector IdP to win US federal government certification for “Level of Assurance 3” Closer to an MSP than a cloud IAM provider for policy administration: you have to submit a ticket

24 You should take away from this Forrester Wave™ . . .
Access management performed in the cloud is more mature than identity management. Today’s solutions overlap only in part, with much more convergence to come. IAM services benefit just as much from cloud elasticity as other services do.

25 You should use this Forrester Wave™ to:
Outline where your IAM elasticity (or lack thereof) is problematic. Identify opportunities for cloud IAM to complement or replace current functions. Develop a custom list of criteria that a vendor must fulfill. 25

26 Andras Cser Eve Maler

Download ppt "Andras Cser, Principal Analyst Eve Maler, Principal Analyst"

Similar presentations

Govern the Flow of Data: Moving from Chaos to Control

Govern the Flow of Data: Moving from Chaos to Control
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Network Systems Sales LLC

Network Systems Sales LLC
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.
Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.

Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.
Kantara: From IRM to Context. The World of Access Keeps Expanding App sourcing and hosting User populations App access channels SasS apps Apps in public.

Kantara: From IRM to Context. The World of Access Keeps Expanding App sourcing and hosting User populations App access channels SasS apps Apps in public.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Centrix Software Application discovery and management 8 November 2012 Richard Pegden Director of Product Marketing.

Centrix Software Application discovery and management 8 November 2012 Richard Pegden Director of Product Marketing.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.

Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
© 2009 IBM Corporation Delivering Quality Service with IBM Service Management April 13 th, 2009.

© 2009 IBM Corporation Delivering Quality Service with IBM Service Management April 13 th, 2009.
Energy Ecosystem Overview David Miller Chief Security Officer.

Energy Ecosystem Overview David Miller Chief Security Officer.
© Copyright 2011 Hewlett-Packard Development Company, L.P. 1 Sundara Nagarajan (“SN”) CLOUD SYSTEMS AUTOMATION.

© Copyright 2011 Hewlett-Packard Development Company, L.P. 1 Sundara Nagarajan (“SN”) CLOUD SYSTEMS AUTOMATION.
Integrated Financial Applications using Intuit’s PaaS Solution George Chiramattel, Intuit.

Integrated Financial Applications using Intuit’s PaaS Solution George Chiramattel, Intuit.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Similar presentations

Ads by Google