Scribd Logo
Upload

Welcome to Scribd!

  • Modernizing Authentication in and For The Cloud

    Uploaded by

    Key
    6 views17 pages

    Original Title

    Modernizing Authentication In and For the Cloud

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views17 pages

    Modernizing Authentication in and For The Cloud

    Uploaded by

    Key

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 17

    Modernizing Authentication In and

    For the Cloud


    Tony Karam
    Product Marketing,
    RSA Identity & Access Assurance
    twitter: @RSAsecurity
    – Cloud Adoption
    – Security and the Cloud
    Agenda – New IAM Challenges
    – Providing Convenience and Security
    – Taking the First Steps
    Cloud adoption: why and why not?
    Cloud is a journey not a destination

    PaaS
    Hybrid SaaS

    Public

    Private
    IaaS
    Cloud security: a shared responsibility
    Cloud security recommendations
    Security controls for SaaS

    Primary controls
    Recommended
    Optional
    Identity is the most consequential attack
    vector

    81%
    of web-based
    attacks use stolen
    credentials*

    * Verizon Data Breach Investigations Report 2017


    Cloud creates new challenges
    P

    E
    Avoid islands of identity
    SaaS/PaaS
    CLOUD
    CORPORATE
    Mobile Apps NETWORK
    Web
    PCs DATACENTER
    Partner Portal VPN Privileged Access
    (PAM)

    WAM

    ONE
    MFA
    Platform
    IT Control & Visibility
    Common User Experience
    Avoid multi-cloud islands of identity
    PUBLIC CLOUD 1 PUBLIC CLOUD 2
    PRIVATE CLOUD

    We use only one in production

    6% One in production and one as


    backup in standby
    17%
    We use two different cloud
    service providers at the same
    ONE 50% time for the same workload
    9% We use two different cloud
    MFA service providers at the same
    time each handling different
    Platform workloads
    18% We use three or more cloud
    service providers at the same
    time
    Source: Osterman Research Inc.
    Stop the Tug-of-War
    Easy Access Regain Control
    To cloud, web and mobile applications Of a disrupted perimeter with consistent and
    from any device centrally enforced policy

    End Users CIO/CISO


    Convenience and security
    Multi-Factor
    Authentication

    Single Sign-On
    One size authentication doesn’t fit all
    Modern Authentication Methods

    Network admins
    Road warriors
    C-level execs Push Fingerprint Voice

    Routers, gateways, etc.


    VPN (IPSEC, SSL)
    On-premises apps

    Tokens Context SMS


    OTP & PKI
    tokens

    Eyeprint Mobile OTP Email


    Dynamic context eases user friction
    Time

    Application Device

    MACHINE
    LEARNING

    Location Access Patterns


    Simple tips to keep in mind
     Move at your own pace
     Bridge your islands of identity
     Make users happy
    Do you know RSA SecurID® Access?
    Gold Standard Next-Generation
    for Strong Authentication of Multi-factor Authentication

    • Trusted by 25,000+ Enterprises • Mobile MFA: Push, OTP, biometrics & more
    • More than 50 million active users • Dynamic risk-based Identity Assurance
    • 500+ certified applications • Any application: on-prem or in the cloud
    • SC Magazine ‘Best Multifactor • SaaS delivery, subscription pricing
    Authentication Solution’: 2017, 2016, 2015
    Thank You

    Take the Test Drive: rsa.com/testdrive

    Learn more: rsa.com/authentication

    You might also like