Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity & Access Management for a cloud-first, mobile-first world

Published byIris Susan Doyle Modified over 6 years ago

Similar presentations

Presentation on theme: "Identity & Access Management for a cloud-first, mobile-first world"— Presentation transcript:

1

2 Identity & Access Management for a cloud-first, mobile-first world
CE226t #WPC16 Identity & Access Management for a cloud-first, mobile-first world Adam Baron Sr Product Manager

3 EMS Momentum 33,000+ 40% > 2x Customers of O365 IB
Growth vs competitors 1000+ 3000+ 7500+

4 Mobile-first, cloud-first reality
63% 80% 0.6% IT Budget growth Gartner predicts global IT spend will grow only 0.6% in 2016. Data breaches 63% of confirmed data breaches involve weak, default, or stolen passwords. Shadow IT More than 80 percent of employees admit to using non-approved software as a service (SaaS) applications in their jobs.

5 Identity as the core of enterprise mobility
Build 2012 2/20/2018 Identity as the core of enterprise mobility Simple connection SaaS Azure Public cloud Cloud On-premises Other directories Windows Server Active Directory Self-service Single sign-on Microsoft Azure Active Directory

6 Azure Active Directory
Microsoft Confidential NDA Only 2/20/2018 Azure Active Directory 86% of Fortune 500 companies use Microsoft Cloud (Azure, O365, CRM Online, and PowerBI) Azure AD Directories >9 M More than 600 M user accounts on Azure AD Microsoft’s “Identity Management as a Service (IDaaS)” for organizations. Millions of independent identity systems controlled by enterprise and government “tenants.” Information is owned and used by the controlling organization—not by Microsoft. Born-as-a-cloud directory for Office 365. Extended to manage across many clouds. Evolved to manage an organization’s relationships with its customers/citizens and partners (B2C and B2B). 1 trillion Azure AD authentications since the release of the service >42k third-party applications used with Azure AD each month >1.3 billion authentications every day on Azure AD Every Office 365 and Microsoft Azure customer uses Azure Active Directory © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Identity and access management in the cloud
Azure Active Directory. Identity at the core of your business Enable business without borders Manage access at scale Cloud-powered protection 1000s of apps, 1 identity Provide one persona to the workforce for SSO to 1000s of cloud and on-premises apps Stay productive with universal access to every app and collaboration capability Manage identities and access at scale in the cloud and on-premises Ensure user and admin accountability with better security and governance

8 1000s of apps, 1 identity Connect your on-premises identities to the cloud for a seamless authentication experience Single sign-on to thousands of pre-integrated and custom SaaS apps. Bring your own apps: templates for SSO to any SaaS app Provide one persona to the modern workforce for SSO to 1000s of cloud and on-premises applications Secure remote access to on-premises apps SSO from mobile apps Support for lift-and-shift of traditional apps to the cloud

9 Windows Server Management Marketing
2/20/2018 1000s of apps, 1 identity Microsoft Azure OTHER DIRECTORIES 2500+ pre-integrated popular SaaS apps and self-service integration via templates Connect and sync on-premises directories with Azure Easily publish on-premises web apps via Application Proxy + custom apps Web apps (Azure Active Directory Application Proxy) Integrated custom apps SaaS apps © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Enable business without borders
Ease of use for end users Enable cross-organization collaboration Stay productive everywhere with easy access to every application and powerful collaboration capabilities across location, application, and device borders Any time, any place productivity with Windows 10 Better connect with your consumers

11 Making the lives of users (and IT) easier
Windows Server Management Marketing 2/20/2018 ENABLE BUSINESS WITHOUT BORDERS Making the lives of users (and IT) easier Company-branded, personalized application Access Panel: + iOS and Android Mobile Apps Integrated Office 365 app launching Manage your account, apps, and groups Self-service password reset Application access requests © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Collaborate with partners: B2B collaboration
2/20/2018 5:42 PM ENABLE BUSINESS WITHOUT BORDERS Collaborate with partners: B2B collaboration Share without complex configuration or duplicate users Partners use their own credentials to access your org Users lose access when leaving the partner org No external directories No per partner federation You manage access You control partner access in your directory: app assignment group membership custom attributes Partners of all sizes Bulk invite 1000s at a time Partners with Azure Active Directory sign in to accept invite Other partners simply sign up to accept invite “We needed to quickly and cost effectively stand up new IT infrastructure, including extranet applications for thousands of business partners. Azure Active Directory B2B collaboration provides a simple and secure way for partners, large and small, to use their own credentials to access Kodak Alaris systems.” 3000+ partners © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Connecting with consumers: Azure Active Directory B2C
ENABLE BUSINESS WITHOUT BORDERS Connecting with consumers: Azure Active Directory B2C Consumer identity and access management in the cloud Cross-platform Identity management for consumers Superior economics Identity experience engine “By using Azure Active Directory B2C we were able to build a fully customized login page without having to build custom code. Additionally, with a Microsoft solution in place, we alleviated all our concerns about security, data breaches, and scalability." - Rafael de los Santos, Head of Digital, Real Madrid

14 Manage access at scale Advanced user lifecycle management Low IT overhead Manage identities at scale in the cloud and on-premises Monitor your identity bridge

15 Windows Server Management Marketing
2/20/2018 MANAGE ACCESS AT SCALE Managing identities Comprehensive identity and access management console Centralized access administration for pre-integrated SaaS apps and other cloud-based apps SaaS apps Dynamic groups, device registration, secure business processes with advanced access management capabilities IT professional © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Cloud-powered protection
Conditional access to resources Safeguard user authentication Ensure accountability with better security and governance Respond to advanced threats before they start with risk-based policies and monitoring Mitigate administrative risks Governance of on-premises and cloud identities

17 Identity-driven security
2/20/2018 5:42 PM CLOUD-POWERED PROTECTION Identity-driven security Actions User Conditions User, Group, App sensitivity Allow access or Device state Enforce MFA per user/per app Location MFA Risk Block access NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT IDENTITY PROTECTION © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Azure Active Directory Identity Protection
Windows Server Management Marketing 2/20/2018 CLOUD-POWERED PROTECTION Azure Active Directory Identity Protection Identity Protection at its best Infected devices Leaked credentials Gain insights from a consolidated view of machine learning based threat detection Configuration vulnerabilities Brute force attacks Suspicious sign-in activities Remediation recommendations Risk-based policies MFA Challenge Risky Logins Block attacks Change bad credentials Machine-Learning Engine Risk severity calculation Risk-based conditional access automatically protects against suspicious logins and compromised credentials © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Azure Active Directory Identity Protection
Windows Server Management Marketing 2/20/2018 CLOUD-POWERED PROTECTION Azure Active Directory Identity Protection Use the power of Identity Protection in PowerBI, SIEM and other monitoring tools Infected devices Leaked credentials Configuration vulnerabilities Brute force attacks Suspicious sign-in activities Security/Monitoring/Reporitng SOLUTIONS Risk scores Identity Protection API PowerBI SIEM Monitor Tools Reporting API Apply Microsoft learnings to your existing security tools Microsoft Machine - learning Engine © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Privileged Identity Management
Windows Server Management Marketing 2/20/2018 CLOUD-POWERED PROTECTION Privileged Identity Management How time-limited activation of privileged roles works SECURITY ADMIN Users need to activate their privileges to perform a task ALERT MFA is enforced during the activation process Configure Privileged Identity Management Alerts inform administrators about out-of-band changes Identity verification Read only ADMIN PROFILES Monitor Users will retain their privileges for a pre- configured amount of time Billing Admin Global Admin Audit USER MFA Service Admin Access reports Security admins can discover all privileged identities, view audit reports and review everyone who has is eligible to activate via access reviews PRIVILEGED IDENTITY MANAGEMENT © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Benefits: Privileged Identity Management
2/20/2018 5:42 PM CLOUD-POWERED PROTECTION Benefits: Privileged Identity Management Removes unneeded permanent admin role assignments Limits the time a user has admin privileges Ensures MFA validation prior to admin role activation Reduces exposure to attacks targeting admins Separates role administration from other tasks Adds roles for read-only views of reports and history Asks users to review and justify continued need for admin role Simplifies delegation Enables least privilege role assignments Alerts on users who haven’t used their role assignments Simplifies reporting on admin activity Increases visibility and finer-grained control © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Enterprise Mobility +Security
IDENTITY - DRIVEN SECURITY Enterprise Mobility +Security Extend enterprise-grade security to your cloud and SaaS apps Microsoft Cloud App Security Microsoft Intune Azure Active Directory Premium Manage identity with hybrid integration to protect application access from identity attacks Azure Information Protection Protect your data, everywhere Protect your users, devices, and apps Detect threats early with visibility and threat analytics Microsoft Advanced Threat Analytics

23 Enterprise Mobility + Security
EMS Overview 2/20/2018 Enterprise Mobility + Security Identity and access management Managed mobile productivity Information protection Identity-driven security Azure Active Directory Premium P2 Identity and access management with advanced protection for users and privileged identities (includes all capabilities in P1) Azure Information Protection Premium P2 Intelligent classification and encryption for files shared inside and outside your organization (includes all capabilities in P1) Microsoft Cloud App Security Enterprise-grade visibility, control, and protection for your cloud applications EMS E5 Azure Active Directory Premium P1 Secure single sign-on to cloud and on-premises apps MFA, conditional access, and advanced security reporting Microsoft Intune Mobile device and app management to protect corporate apps and data on any device Azure Information Protection Premium P1 Encryption for all files and storage locations Cloud-based file tracking Microsoft Advanced Threat Analytics Protection from advanced targeted attacks leveraging user and entity behavioral analytics EMS E3 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Surface and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Empower your employees by creating a secure productive enterprise
Microsoft Envision 2016 2/20/2018 5:42 PM Empower your employees by creating a secure productive enterprise Trust Collaboration Intelligence Mobility Protect your organization, data and people Create a productive workplace to embrace diverse workstyles Provide insights to drive better business decisions faster Enable your people to get things done anywhere © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Secure Productive Enterprise
Microsoft Envision 2016 2/20/2018 5:42 PM Secure Productive Enterprise Delivered through enterprise cloud services Office 365 Enterprise Mobility + Security Windows 10 Enterprise © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 Complete your evaluations… for a chance to win a prize!
Complete your session and conference evaluations here: aka.ms/wpcevals or though the mobile app Thank you partner. We value your feedback. Microsoft will donate $1 $5 for completing a session evaluation for completing the overall conference evaluation to the non-profit organization Right to Play, a Microsoft YouthSpark Partner

27

28 Next Steps Try Microsoft Identity Manager www.microsoft.com/mim
Read the Active Directory Team Blog blogs.technet.com/b/ad Review TechNet – Microsoft Identity Manager 2016 technet.microsoft.com Watch Channel 9 videos – Microsoft Identity Manager 2016 channel9.msdn.com Learn more about Enterprise Mobility Suite and Azure Active Directory Premium

Download ppt "Identity & Access Management for a cloud-first, mobile-first world"

Similar presentations

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows Infra @MaccaMSOz.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.

FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD

Azure Active Directory Uday Hegde 2016 Redmond Summit | Identity Without Boundaries May 26, 2016 Group Program Manager, Azure AD
Active Directory Modernization Technical competitive comparison

Active Directory Modernization Technical competitive comparison
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Deployment Planning Services

Deployment Planning Services
Hybrid Management and Security

Hybrid Management and Security
A lap around Azure Active Directory Business to Consumer (B2C)

A lap around Azure Active Directory Business to Consumer (B2C)
Deployment Planning Services

Deployment Planning Services
A Hitchhiker's Guide to Azure Active Directory

A Hitchhiker's Guide to Azure Active Directory
Microsoft Ignite 2016 5/17/ :48 AM BRK3330

Microsoft Ignite /17/ :48 AM BRK3330
Identity & Access Management for a cloud-first, mobile-first world

Identity & Access Management for a cloud-first, mobile-first world
Deployment Planning Services

Deployment Planning Services
Security as A Service Components

Security as A Service Components
Hybrid Management and Security

Hybrid Management and Security
Microsoft Operations Management Suite Insight and Analytics

Microsoft Operations Management Suite Insight and Analytics
Identity Driven Security

Identity Driven Security
Microsoft Azure: The only consistent Hybrid Cloud

Microsoft Azure: The only consistent Hybrid Cloud

Similar presentations

Ads by Google