Presentation on theme: "Microsoft Identity and Access Solutions Market Trends and Futures"— Presentation transcript:
1 Microsoft Identity and Access Solutions Market Trends and Futures Jesus MartinIdentity and Access Lead, Middle East and AfricaMicrosoft Corp
2 Identity and Access Management Gartner states: By 2014, investments in IAM solutions will increase 60 percent to address regulatory compliance requirements1Provisioning/DeprovisioningUser/Profile Self ServiceGroup & Role ManagementPassword Self Service & Password ManagementCertificate ManagementTwo Factor AuthenticationFederationEnterprise SSOAttestation & CertificationPrivileged Account ManagementCompliance & AuditingReportingComplianceWeak, ineffective or non-existent controls in today’s IT environments put compliance in jeopardy.Identity ManagementIT processes are complex, and managing identities has become time-consuming and businesses struggle to afford multi-year, multi-million dollar projects to gain control of Identity management.Multiple infrastructure solutions, for multiple platforms, multiplies costs.Process ManagementBusiness processes are not integrated and data errors are common.Security is not maintained (nor standardized) because defined processes are not in place.IT EfficiencyCreating, updating and terminating user accounts (User Provisioning or User Lifecycle Management) in a timely and consistent manner is an incredible challenge for global organizations.User ProductivityIf it takes IT days to provision resources to an employee and if there are mistakes or errors (human/manual process) – employees cannot properly do their job and be productiveLowers Total Cost of OwnershipOrganizations choose to invest heavily in User Provisioning because it has an immediate and high ROI while simultaneously reducing TCO.High ROI and lower TCO come from automation and it is this same automation that simultaneously improves security by eliminating mistakes and abuses.Interesting to note with the CIO magazine excerpt – CIOs believe their #1 IT control weakness is a provisioning one that ActiveRoles Server can solve!
3 The Journey Pulse champs Feedback Basic plan Refining Second plan Feedback, refining, HR feedback
4 Identity Management is not anymore about Provisioning and DeprovisioningIdentity SynchronizationDeliver tools to IT to control and secure the environmentThe Next Wave of Identity Management is aboutIt’s all about the app / Self Service EverythingDeliver IT as a ServiceWebshops/Service CatalogsEmpower the End Users and Business ManagersAnywhere Access on Any DeviceCompliance & AuditingROI/TCO
5 Trends in Identity and Access Identity and Access as a ServiceEnabling consumerization of ITFederation managementIdentity and Access GovernanceStreamlined pricing and complexity of on traditional Identity solutionsSelf Service EverythingHelp customers extend enterprise identity to address control and governance of cloud adoption
6 Market Trends ….. Futures ? Identity Management goal will be about simplifying the way we deliver services that IT provides to end users rather than delivering tools to IT departments.Business Managers will be able to deliver users access to business services without the need to contact ITEnd User Interfaces that can be used as a “Web Shop” will enable users to get access to data as easily as they can create a Dropbox/hotmail accountInterfaces will be as easy to use as FacebookWill manage the Access to Internal / Cloud based ApplicationsAny device / same user experience (Identity in the Cloud)Windows 8 will drive the future of Identity Management and Information Protection
8 User Self Service Management Self service group management integrated with Outlook and ExchangeIntegrated approvalMelissa receives from Samantha, asking her to join a group.2. Melissa clicks join group and chooses the group to join by clicking Join (if the group had been on cc or To line it would be automatically added to the mail template). Melissa sends the request,3. FIM polls the FIM Service mailbox for s and pulls the request into FIM Service. This group happens to require approval so Samantha receives that she needs to approve membership.
9 Simplify Identity Management : FIM 2010 Simplify security,manage complianceGOVERNED SELF-SERVICE AND AUTOMATIONEmpower BusinessSelf-service profile, credential, and group managementPassword and PIN reset from Windows loginGroup management from within Microsoft OfficeSingle identity across heterogeneous applicationsEmpower ITEnd-to-end, workflow-driven user provisioningPolicy-controlled self-service capabilitiesAutomatic, attribute-based group membership for simplified resource accessGROUP MANAGEMENTIDENTITY MANAGEMENTCREDENTIALMANAGEMENT“If you wanted to access a file share in your network, previously you might have had to call your service desk and get approval. Now it is all workflow based. You go to a portal. There is no manual labor.- Brian Desmond, Microsoft MVPSource: Windows identity management tools move closer to completion. Tech Target, November
10 Identity Management User provisioning Simplify security,manage complianceIdentity Management User provisioningPolicy-based identity lifecycle management systemBuilt-in workflow for identity managementAutomatically synchronize all user information to different directories across the enterpriseAutomates the process of on-boarding usersActive DirectoryLotus DominoHR SystemWorkflowUser EnrollmentLDAPFIMSQL ServerApprovalManagerOracle DBFIM CMUser provisioned on all allowed systems
11 Identity Management User de-provisioning Simplify security,manage complianceIdentity Management User de-provisioningAutomated user de-provisioningBuilt-in workflow for identity managementReal-time de-provisioning from all systems to prevent unauthorized access and information leakageActive DirectoryLotus DominoHR SystemWorkflowUser de-provisionedLDAPFIMSQL ServerOracle DBFIM CMUser de-provisioned or disabled on all systems
12 SharePoint-Based Management Console Simplify security,manage complianceGroup ManagementSelf-service group and distribution list management with the FIM 2010 Web portalOffice integration allows users to manage group membership from within Microsoft Office Outlook® for maximum productivityEnables users to use Outlook to manage approvals while they are offlineAutomatically add users to either group based on their employee type at the time they are provisioned to Active DirectoryGroup and distribution list management, including dynamic membership calculation in these groups and distribution lists based on user’s attributesFIM Add-in for OutlookSharePoint-Based Management Console
13 Self-Service Password Management Simplify security,manage complianceSelf-Service Password ManagementEnables users to reset their own passwords through both Windows logon and FIM password reset portalControls helpdesk costs by enabling end users to manage certain parts of their own identitiesImproves security and compliance with minimal errors while managing multiple identities and passwordsActive DirectoryUser requests password resetOracleFIM ServerPasswords updatedEnd UserSQL ServerIBM DSLDAPReset PasswordFIM capabilities integrated with Windows logonRandomly selects a number of questions
14 Demo HR Onboarding Provisioning / ZeroTouch Password Self Service Role Based ProvisioningUser Self ServiceApprovals WorkflowDeprovisioning