Google Cloud and Single Sign-On for Modern IT

Transcript

1. © UpCurve Cloud | www.upcurvecloud.com Google Cloud and Single Sign-On

   for Modern IT

2. © UpCurve Cloud | www.upcurvecloud.com Agenda • Changing Working Environment

   • New Problems for IT • Active Directory and SSO • The new SSO ⁃ Different SSO options • Q & A

3. © UpCurve Cloud | www.upcurvecloud.com Your Presenters Eric Downing UpCurve

   Cloud [email protected] Joey Maller UpCurve Cloud [email protected]

4. © UpCurve Cloud | www.upcurvecloud.com Changing Working Environment

5. © UpCurve Cloud | www.upcurvecloud.com Users expect: • Agile workflow

   • Mobile working across multiple devices Management expect: • Seamless and Secure Workflow • Readily available access and control Expectations have changed

6. © UpCurve Cloud | www.upcurvecloud.com Users Are Accessing More Apps

   on More Devices The average user has 3+ devices and connects to 10+ cloud apps 72% growth in devices managed by businesses

7. © UpCurve Cloud | www.upcurvecloud.com Employees Partners Customers Vendors 7

   The Perimeter Has Disappeared Access is no longer limited to your office or your employees... • Vendors • Partners • Contractors • Customers An Elastic perimeter drives productivity and collaboration with faster access to customers.

8. © UpCurve Cloud | www.upcurvecloud.com ...they are time consuming, complex

   and not optimized for today’s cloud-first world Existing Approaches Were Built for On-prem Environments... Cumbersome VPNs Inconvenient authentication Limited device access

9. © UpCurve Cloud | www.upcurvecloud.com New Problems for IT

10. © UpCurve Cloud | www.upcurvecloud.com Departments utilize unapproved platforms and

    systems to workaround current inefficiencies Exposing Businesses to Unknown Risks Workarounds expose businesses to serious known risks

11. © UpCurve Cloud | www.upcurvecloud.com Employee Onboarding Sally Super Admin

    Mary New hire Admin capabilities Synced into Cloud Directory Registered for 2SV and security key Provisioned into cloud applications Provisioned to HR system Employee experience Company device pre-configured with security policies Access to relevant apps BYOD policy-sync apps and security policies with phone

12. © UpCurve Cloud | www.upcurvecloud.com User Leaves the Company Mary

    Departing employee Suspends Mary’s account in HR system Mary’s Cloud Identity account is synced and suspended Mary returns company devices Henry HR Manager

13. © UpCurve Cloud | www.upcurvecloud.com Active Directory and SSO

14. © UpCurve Cloud | www.upcurvecloud.com Active Directory • Synchronize the

    data in your Google domain with your Microsoft®Active Directory® or LDAP server. • Your Google users, groups, and shared contacts are synchronized to match the information in your LDAP server. • The data in your LDAP directory server is never modified or compromised. GCDS is a secure tool that helps you easily keep track of users and groups.

15. © UpCurve Cloud | www.upcurvecloud.com • Ensures your Google domain

    data matches that of your Active Directory or LDAP server. • Allows you to configure rules for custom mapping of users, groups, nonemployee contacts, user profiles, aliases, calendar resources, and exceptions. • Performs a one-way synchronization. Data on your LDAP server is never updated or altered. Active Directory Sync

16. © UpCurve Cloud | www.upcurvecloud.com • Runs as a utility

    in your server environment. There is no access to your LDAP directory server data outside your perimeter. • Includes extensive tests and simulations to ensure correct synchronization. • Includes all necessary components in the installation package. • Includes a number of features to keep your data secure. Active Directory Security

17. © UpCurve Cloud | www.upcurvecloud.com The New SSO

18. © UpCurve Cloud | www.upcurvecloud.com Who Needs Cloud Identity Management

    and SSO? • Organizations using multiple SaaS products • Google account users (chrome, GCP, maps, etc.) • Mobile users • Organizations that require increased security for accounts and product access Value • Adopt cloud services quicker • Makes employees lives easier • Users more secure • 50% reduction in login-related helpdesk calls • 50% Faster for users to login and use new apps

19. © UpCurve Cloud | www.upcurvecloud.com Simple Secure Reliable Enterprises Need

    a Single Solution for Managing Access to Cloud-Based Services

20. © UpCurve Cloud | www.upcurvecloud.com End User Application Access User

    Flow Single sign on means Mary doesn’t have to remember ID/passwords for each business application Context-aware access based on device-state, means Mary can login to her sensitive finance application only on her company-owned device Context-aware access based on IP address means Mary can’t login to certain apps on public wifi Access granted Access restricted Access restricted Single sign on

21. © UpCurve Cloud | www.upcurvecloud.com Delegated Administration Account suspensions Password

    resets Password resets Account suspensions Henry HR Manager Helpdesk Team Sally Super Admin Users Apps/ devices Delegate admin to G Suite, GCP and other Google Cloud Services

22. © UpCurve Cloud | www.upcurvecloud.com Monitor Your Security and Compliance

    Access Control • IP restriction • Browser Restriction • Time Restriction • Device Restriction Cloud DLP • Monitor, block and detect sensitive data • Regulatory Policy (ie. HIPAA, PHI) • Control Access • Suspicious login Identity Management • Enforce Password Policies • MFA • Log-In Activity for third-party apps

23. © UpCurve Cloud | www.upcurvecloud.com Context - Aware Access -

    Work Anywhere, Secure Everywhere Access restricted Access restricted Access granted Controlled access to applications based on context: • Who is the user? • What is the status of their device? • Where are they coming from? • What are they trying to access?

24. © UpCurve Cloud | www.upcurvecloud.com Up Curve Cloud SSO Solutions

    One Console Multiple Solutions Access Control Identity-Management Shadow It Cloud DLP (Data Loss Prevention) Single Sign On (SSO) Value Adds-Ons

25. © UpCurve Cloud | www.upcurvecloud.com UpCurve Cloud Security Plus Okta

    Google Cloud Identity • Unique Features Signature Management Consumer GMail block • Custom Login Page • Built in DLP • SAML • Active Directory Sync • All in one • 5600+ pre-integrated apps • Custom Login Page • Multiple Products • Built in DLP • A La Carte • Active Directory Sync • Mobile App • Native Google Application • Free Version & Premium Version • SAML and OAUTH • GCP • Active Directory Sync

26. © UpCurve Cloud | www.upcurvecloud.com Q&A

27. © UpCurve Cloud | www.upcurvecloud.com Thanks!