CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications and Cloud Service Providers

Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved. Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.

Identity Bridges and IDaaS: Connecting Users, Internal Applications

and Cloud Service Providers Bob Johnson, Director of IT

Proprietary and Confidential. Do Not Distribute. © 2013 Accuvant, Inc. All Rights Reserved.

Agenda

Introduction

The Challenge

The Solution

The Results


ACCUVANT The Authoritative Source for Information Security


Accuvant Is…

The Authoritative Source for Information Security Accuvant Provides: •  Comprehensive Set of Services and Solutions •  For Enterprise-Class Organizations •  To Plan, Build and Operate •  Information Security Systems and Programs



The Authoritative Source



COMPANY GROWTH


Employee Growth

0

100

200

300

400

500

2009 2010 2011 2012

Num

ber o

f Em

ploy

ees

Accuvant has grown from 170 employees in 2009 to more than 500 today


Dispersed User Base

2002: •  Denver, CO •  Minneapolis, MN

2003: •  Dallas, TX •  Phoenix, AZ •  Sacramento, CA •  Los Angeles, CA

2004: •  Salt Lake City, UT •  Cleveland, OH •  Chicago, IL

2005: •  Columbus, OH •  Orange County, CA •  San Diego, CA •  Las Vegas, NV

2006: •  Santa Barbara, CA •  Houston, TX 2007: •  San Francisco, CA •  Seattle, WA •  Cincinnati, OH

2008: •  Portland, OR •  Miami, FL

2009: •  Atlanta, GA •  Kansas City, KS •  Knoxville, TN •  Milwaukee, WI

2010: •  Austin, TX •  Raleigh, NC •  Detroit, MI •  New York, NY •  Baltimore, MD •  Richmond, VA •  Honolulu, HI •  San Antonio, TX •  Montgomery, AL

2011: •  Toronto, Canada •  St. Louis, MO •  Boston, MA •  Indianapolis, IN



THE CHALLENGE


The Dissolving Perimeter



The Dissolving Perimeter



Managing New Cloud Instances


Cloud D

Cloud F

Cloud J

Cloud C

Cloud G

Cloud H Cloud I

Cloud B

CloudE

Cloud A


Frustrating User Experience


Too Many Systems to Track

Too Many Passwords to Remember

No Integration from Cloud Systems to Internal Systems

Login 40%

Hardware 21%

Questions 27%

Access 12%

Too Many Support Issues


THE SOLUTION


New Paradigm


Requirements

•  Single Sign On for both Cloud and On-Premise Applications

•  Identity Provisioning across Cloud and On-Premise Applications

•  No development resources


Proof of Concept

•  45 minute setup

•  SaaS Sandbox

•  Flawless performance


Architecture


Implementation •  Install on-premises federation server and run as a

windows service

•  Procure certificates for IDP signing

•  Install integration kits of on-premises applications

•  Install connectors for SaaS applications


Issues •  URL redirection required an unplanned redirect

site (single sign on url is not a domain name cname won’t work with url, must have domain name)

•  Each SaaS is a little different in how they label or describe fields

•  Dealing with SaaS support groups was challenging, some wanted us to pay for their professional services.


Issues

•  High availability services required the introduction of load balancers

•  Multiple instances of the same SaaS could not use integration kits (manual configuration)


RESULTS


Accuvant Cloud Desktop


Results of Implementation

Drop in User Access Issues

Easy Access to Business Applications

Adoption Increased

Dramatically



Bob Johnson 1125 17th Street, Suite 1700, Denver, CO 80202

800.574.0896 [email protected]

www.accuvant.com

CIS13: Identity Bridges and IDaaS: Connecting Users, Internal Applications and Cloud Service Providers

Technology