For security professionals, it’s critical to ensure employees can access the right applications — and no more. But since a typical enterprise has thousands of employees using hundreds of apps, manually setting up access is time-consuming, error-prone, and increases the risk of security and compliance violations.
In this presentation, you’ll see how Identity-as-a-Service (IDaaS) lets you manage access to your applications; automatically handle tedious employee on-boarding and off-boarding; and improve end-user productivity via Single Sign-on.
3. Increasing IT complexity
Thousands of employees, partners,
customers, and multiple devices...
Working with many, many apps,
both in the cloud and on-premise.
5. Bimodal IT = Marathon Runners + Sprinters
Data
Center
MFA
Directories
VPN
Legacy
IdP
WiFi
On-prem
apps
Mobile
Apps
Cloud
Apps
IoT
Devices
Desktops
Social
Identity
6. Cloud On-premise Mobile
All locationsAll devicesAll users
New class of identity management solution
Application
Management
Endpoint
Control
Enterprise
Infrastructure
Security
Integration
Framework
User
Management
Mobile
Data
Center
Cloud
Apps
IoT
Mobile
Desktop
MFA
SIEM
Partners
Customers
Employees
Directories
VPN
Legacy
IdP
WiFi
On-prem
apps
CASB
Social
Identity
Cloud
Directory
HCM
Integrated Bimodal approach
7. Extend existing
infrastructure
Control your
endpoints
Connect
your apps
Integrate your
controls
Embrace your users
Application
Management
Endpoint
Control
Enterprise
InfrastructureSecurity
Integration
Framework
User
Management
Mobile
Data Center
Cloud Apps
IoT
Mobile
Desktop
Partners
Customers
Employees
Directories
VPN
Wi-Fi
On-prem apps
Social
Identity
Cloud
Directory
HCM
Legacy IdP
SIEM
CASB
MFA
10. Agile application security framework
Super flexible authentication
OneLogin ready
Secure access controls
URL filtering
Role-based
Extensible rules library
Centralized policy, triggers, logging
Best-of-class ease of administration
Best-of-class web agents
Proven with strong customer base:
Web Access Management for on-prem apps
Do This Today:
1. Rewire existing applications
2. Replace legacy SiteMinders
3. Replace legacy ClearTrust
Mode 1
11. OneLogin
Virtual LDAP
LDAP
Endpoint
Network Attached Storage
NetApp, EMC
Web Servers
WiFi
WPA2 Enterprise, Cisco,
Meraki
VPN
Cisco, Juniper, Palo Alto
Virtual LDAP -- LDAP-as-a-Service
Do This Today:
1. For apps that connect to
your directory over LDAP,
use this instead
2. Reduce your exposure on-
premises
3. Simplify your development
Mode 1
13. Next, focus on Mobile Identity & Integrity
IT Admin
Can finally manage the
actual risk of mobile access
Sandy, Contractor
working at a cafe
Multifactor Auth (MFA)
Required
Rob, Sales meetings
from the field
Auto logged-in
Brent, In-person Sales
meetings at the HQ
No access to Billing
MFA Required
Elle, Designer working
at the HQ
Auto logged-in
Device
Trusted
Device
Trusted
Mode 2
14. OneLogin will protect your Macs, your PCs
+ +
OneLogin credentials unlock machine
Password is hashed locally
When disconnected, last good hash
Whenever connected to internet, policies apply
Perfect for employees not connected to an AD domain
21. SIEM Streaming
TODAY TOMORROW
Powerful events API and pre-built Splunk integration Stream all events real-time to the SIEM of your choice.
Query and filter on metadata
Cursor-based pagination
Super fast, super easy
All OneLogin events sent to SIEM system in real-time
JSON is pushed to HTTPS endpoint
API for additional events
event bus
Mode 1+2
22. Cloud On-premise Mobile
All locationsAll devicesAll users
New class of identity management solution
Application
Management
Endpoint
Control
Enterprise
Infrastructure
Security
Integration
Framework
User
Management
Mobile
Data
Center
Cloud
Apps
IoT
Mobile
Desktop
MFA
SIEM
Partners
Customers
Employees
Directories
VPN
Legacy
IdP
WiFi
On-prem
apps
CASB
Social
Identity
Cloud
Directory
HCM
Integrated Bimodal approach
23. 1. Estimate number of apps your company uses. Then stop by
someone’s machine and look at their tabs.
2. Ask millennial employees what makes work hard (from a systems and
apps perspective). Ask for their ideal workflow. Whatever they say,
someone is working that way at your company right now. And it’s your
problem.
3. Ask yourself where you want to be in 5 years. Is your core
competency racking, stacking, and managing machines? If not, more
of your core infrastructure will move to the cloud, and you need
technology that can manage that gracefully.
Monday Actions