Presentation is loading. Please wait.

Presentation is loading. Please wait.

61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise.

Published byBranden Powers Modified over 7 years ago

Similar presentations

Presentation on theme: "61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise."— Presentation transcript:

1

2 61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise & consumer technologies,” Feb. 21, 2013 ** http://www.computing.co.uk/ctg/news/2321750/more-than-80-per-cent-of-employees-use-non-approved-saas-apps-report *** Verizon 2013 data breach investigation report >70% percent of network intrusions exploited weak or stolen credentials * ** >80% of employees admit to using non-approved software-as-a-service (SaaS) applications in their jobs** Mobile & Cloud- challenging security paradigms

3 IT EmployeesCustomersBusiness Partners What's driving change? Devices DataUsers Apps

4 Access from many devices Manage and secure productivity Preserve existing investments Support iOS, Android, Windows Why Microsoft’s Enterprise Mobility Solution? It’s integrated on common identity It protects Office better It just worksIt’s comprehensive

5 The current reality…

6 Self-service Single sign on Username Identity as the control plane Simple connection Cloud SaaS Azure Office 365 Public cloud Other Directories Windows Server Active Directory On-premises Microsoft Azure Active Directory

7 What is Azure Active Directory? A comprehensive identity and access management cloud solution for your employees, partners and customers. It combines directory services, advanced identity governance, application access management and a rich standards-based platform for developers.

8

9

10 Azure Active Directory Connect and Connect Health * Microsoft Azure Active Directory Other Directories PowerShell LDAP v3 SQL (ODBC) Web Services ( SOAP, JAVA, REST) MIM *

11 DirSync Azure Active Directory Sync FIM+Azure Active Directory Connector Sync Engine

12 Microsoft Azure

13 SaaS apps Microsoft Azure Active Directory Other Directories

14

15 Microsoft Azure 1000s of Applications, 1 Password Web Apps (Azure Active Directory Application Proxy) SaaS appsIntegrated custom apps Other Directories

16 Microsoft Azure Active Directory Corporate Network DMZ https://app1- contoso.msappproxy.net/ http://app1

17 IT professional

18 B2B collaboration “I need to let my partners access my company’s apps using their own credentials.”

19 B2B collaboration – Email verified provisioning Partner

20 Partners use their own creds to access your org. Users lose access when they leave the partner org. No external directories. No per partner federation. Partners manage their own credentials You control partner access in your directory: app assignment group membership custom attributes Organizations manage access Thousands of bulk invites at a time. Partners with Azure AD sign in to accept invite. Other partners simply sign up to accept invite. Partners of all sizes

21 Azure AD Join makes it possible to connect work-owned Windows 10 devices to your company’s Azure Active Directory. Users can sign into Windows with their cloud-hosted work credentials and enjoy modern Windows experiences.  Enterprise-compliant services  SSO from the desktop to cloud and on- premises applications with no VPN  MDM auto enrollment  Support for hybrid environments Azure AD Join for Windows 10 Windows 10 Azure AD Joined Devices MDM Auto-enrolment

22

23

24 A stand-alone Azure Identity and Access management service also included in Azure Active Directory Premium Prevents unauthorized access to both on-premises and cloud applications by providing an additional level of authentication Trusted by thousands of enterprises to authenticate employee, customer, and partner access. What is Azure Multi-Factor Authentication?

25 How it works

26 Users sign in from any device using their existing username/password. 1 On-Premises Apps Windows Server Active Directory or Other LDAP Users must also authenticate using their phone or mobile device before access is granted. 2 Microsoft Azure Active Directory Multi-Factor Authentication Server Multi-Factor Authentication Server User

27 Azure MFA vs MFA for Office 365 MFA for Office 365/Azure Administrators Azure Multi-Factor Authentication Administrators can Enable/Enforce MFA to end-usersYes Use Mobile app (online and OTP) as second authentication factorYes Use Phone call as second authentication factorYes Use SMS as second authentication factorYes Application passwords for non-browser clients (e.g. Outlook, Lync)Yes Default Microsoft greetings during authentication phone callsYes Suspend MFA from known devicesYes Custom greetings during authentication phone callsYes Fraud alertYes MFA SDKYes Security ReportsYes MFA for on-premises applications/ MFA Server.Yes One-Time BypassYes Block/Unblock UsersYes Customizable caller ID for authentication phone callsYes Event ConfirmationYes Trusted IPsYes

28

29 Allow Access Block Access Cloud Apps On-premises Application Access policies Enforce MFA per user/per app Location (IP Range) Device State User Group

30 Microsoft Azure Active Directory Cloud App Discovery 10 x Source: Help Net Security 2014 as many Cloud apps are in use than IT estimates SaaS app category Number of users Utilization volume Comprehensive reporting Reveal shadow IT : Discover all SaaS apps in use within your organization

31

32

33

34

35 Rich standards-based platform for developers

36

37 No Object Limit No Limit Advanced Security Reports Yes Premium+ Basic Features Group-based access management/provisioningYes Self-Service Password Reset for cloud usersYes Company Branding (Logon Pages/Access Panel customization)Yes Application ProxyYes SLAYes

38 Consumer identity and access management in the cloud Azure Active Directory B2C A highly available, global, cost-effective identity management service for consumer-facing applications Improve connection with your consumers Pay only for what you use Scale to hundreds of millions of consumers Help protect your consumers’ identities Let consumers use their social media accounts Customizable workflows for consumer interactions

39 Self-service Single sign on Username Identity as the control plane Simple connection Cloud SaaS Azure Office 365 Public cloud Other Directories Windows Server Active Directory On-premises Microsoft Azure Active Directory

40

Download ppt "61% of workers mix personal and work tasks in their devices* * Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise."

Similar presentations

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Azure AD & Office 365 1. Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.

Azure AD & Office Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.
Users expect to be able to work in any location and have access to all their work resources. The explosion of devices has eradicated the standards-

Users expect to be able to work in any location and have access to all their work resources. The explosion of devices has eradicated the standards-
Microsoft Ignite /16/2017 3:28 PM

Microsoft Ignite /16/2017 3:28 PM
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Peter Ginnegar Technical Solution Professional Microsoft Corporation

Peter Ginnegar Technical Solution Professional Microsoft Corporation
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.

What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.
Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers Vendors.

Today’s challenges Deliver applications to mobile platforms (BYOD) Respond to dynamic business requirements for IT: Seasonal/temporary workers Vendors.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.

Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.
Active Directory Integration with Microsoft Office 365

Active Directory Integration with Microsoft Office 365
User Microsoft Account Ex: User Organizational Account Ex: Microsoft Account Windows Azure Active Directory.

User Microsoft Account Ex: User Organizational Account Ex: Microsoft Account Windows Azure Active Directory.
Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.

Demi Albuz SENIOR PRODUCT MARKETING MANAGER Samim Erdogan PRINCIPAL ENGINEERING MANAGER Thomas Willingham TECHNICAL PRODUCT MANAGER.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Similar presentations

Ads by Google