KEMBAR78
Enterprise secure identity in the cloud with Single Sign On and Strong Authentication | PDF
GARL, profile picture
Uploaded byGARL
PDF, PPTX1,115 views

Enterprise secure identity in the cloud with Single Sign On and Strong Authentication

The document discusses enterprise secure identity management in the cloud, emphasizing single sign-on and strong authentication to enhance cloud security. It highlights the rise in cyber threats and breaches, advocating for the implementation of securepass, a comprehensive identity management solution that facilitates strong authentication and user control. The service is built on robust security protocols and offers high-level data protection, ensuring user privacy under Swiss regulations.

Download as PDF, PPTX
ENTERPRISE SECURE IDENTITY IN THE CLOUD WITH SINGLE SIGN-ON AND STRONG AUTHENTICATION MAKING THE CLOUD A SAFER SPACE Giuseppe Paternò, Director of GARL @gpaterno | www.gpaterno.com
ABOUT ME IT Architect and Security Expert with 20+ years background in Open Source and Cloud (OpenStack, OpenNebula, ...). Former Network and Security architect for Canonical, RedHat, Wind/Infostrada, Sun Microsystems and IBM and Visiting Researcher at the University of Dublin Trinity College. Past projects: standard for J2ME Over-The-Air (OTA) provisioning along with Vodafone, the study of architecture and standards for the delivery of MHP applications for the digital terrestrial television (DTT) on behalf of DTT Lab (Telecom Italia/LA7) and implementation of HLR for Vodafone landline services. Lot of writings, mainly on computer security. CTO and Director of GARL, a multinational company based in Switzerland and UK, owner of SecurePass and SecureAudit.
IT security products and virtualization services focused on identity protection on the Cloud. Born from Symantec, conducting pentest and vulnerability assessment on their behalf in EMEA Extensive OpenSource experience and large-scale Open Source projects such OpenStack, OpenNebula, .... Most of the customers in finance and telco operators HQ based in Switzerland (Lugano and Zurich) and office in London. User privacy is protected by strict Swiss privacy regulations, no UE or US exceptions allowed. MAKING THE CLOUD A SAFER SPACE
THE CLOUD IN THE ENTERPRISE It’s easy to span new instances (often) it takes less time than internal IT to have a virtual machine Great for prototyping and then they bring it into production Might have discounts from HW/SW vendor (especially HP Cloud, Azure, ....) Some applications are outsourced (eg: SalesForce, ...) Small software suppliers prefer to sell software-as-a-service
WHAT HAPPENS IN REALITY Applications and instances are out of control Not always possible to enforce IT security policies Each application have its own username/ password Prone to identity frauds and bruteforce attacks Can’t have a central point of control
62% Increase breaches in 2013(1) TOO MANY THREATS 1 in 5 rganizations have experienced an APT attack (4) 3 Trillion$ total global impact of cybercrime(3) 2,5 billion exposed records as results of a data breach in the past 5 years(5) 8 months Is the average time an advanced threat goes unnoticed on victim’s network(2) 1,3,5: Increased cyber security can save global economy trillions, McKinsey/World Economic Forum, January 2014 2: M-Trends 2013: attack the security gap, Mandiant, March 2013 4: ISACA’s 2014 APT study, ISACA, April 2014. Source: ISACA Cyber Security Nexus
Hosted Apps THE CLOUD CONTROL Cloud Orchestrator 2FA/SSO Single point of control
345227 One Time Password 345227 345227 Identity Management Single Sign-On SECUREPASS FEATURES 3-in-1 identity management for maximum security in cloud and internet services: Strong authentication: no more passwords to remember but “one time password” generated by a token. Identity management: manage users and group lifecycles from a control panel Single Sign-On: SecurePass recognize users for every application or network integrated
CENTRAL IDENTITY MANAGEMENT SERVICE FOR ALL DISTRIBUTED APPLICATIONS AND FIREWALLS OTP is built-in and mandatory, the way around of “standard” services - OTP generated on mobile and hardware tokens - Ensure the protection against brute force password attacks Works out of the box with all VPN/SSL VPN software Works with Web applications with little or no effort Works with corporate SaaS applications like SalesForce and Google Apps Works with virtualization software such as Citrix XenApp, VMWare Horizon/vCloud & more...
SECUREPASS IS OPEN Open protocols: RADIUS, LDAP, CAS and SAML Seamless integration: works out of the box with more than 98% of the software Clients and APIs available on GitHub Python, Java, PHP, C# NSS Plugin for Linux Apache Plugin Plugin for popular CMS Wordpress, Joomla & Drupal
Python modules available in the Python Installer (PIP) GARL WORKS UPSTREAM TO ENSURE MAXIMUM COMPATIBILITY Modules are now “upstream” in the main Linux distributions: - Debian “Jessie” - Ubuntu 15.04 “Vivid Vervet” - Builds tested & available for Fedora and RHEL/CentOS
WHY SECUREPASS IS SECURE 3 high-secure high-speed datacenters with business continuity in different networks. High-encryption and best practices as deployed in standardmilitary environments. Core keys in a secret location, former Swiss military premise, resistant up to 10 megatons nuclear attack. Only few people has keys to access the data in the production environments and their identities is secret also to any member of GARL staff, including the board itself. Processes to revoke the above keys if one of the administrator is leaving the company or under any personal threat. Emergency procedures and legal coverage against attack targeted to GARL. PCI-DSS and ISO 17799 compliant. SecurePass do not deal with your data In no case we will be handling your application data and we won’t be even able to understand what kind of application or device is behind the login process. All GARL services are covered with an insurance policy with a premier Swiss-based multinational that will be able to refund up to 250’000 CHF per incident. With special agreements, GARL is able to cover up to 5 Million CHF per incident (ask for update).
CASE STUDY WITH ING DIRECT 100 75 50 25 0 RSA VS. SECUREPASS TIME COST MTN % difference RSA SecurePass Financial advisors access to European leasing system Replacement of RSA 2 factor solution, more than 70% of savings IBM labs created plugin for IBM Websphere portal
GARL IS NOT ONLY SECUREPASS Strong authentication and identity management for cloud and internet services Password manager for teams with delegation Network security assessment up to 8 public IP Build a virtualization service on standard hardware without licence Secure storage for backup to comply to industry’s regulations Tailored security audit for web app, network, VPN and devices Secure data collection app to your centralized server BANK OF PASSWORDS Secure Data VULNERABILITY ASSESSMENT
CUSTOMERS PARTNERS
Q&A

More Related Content

PDF
SecurePass at OpenBrighton
byGiuseppe Paterno'
 
PPTX
Business Continuity and app Security
byCristian Garcia G.
 
PPTX
Cloud Security Strategy by McAfee
byCristian Garcia G.
 
PPTX
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
byCristian Garcia G.
 
PPTX
INFINITY Presentation
byCristian Garcia G.
 
PDF
Introduction to Cloud Security
bySusanne Tedrick
 
PPTX
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
byCristian Garcia G.
 
PPTX
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
byCristian Garcia G.
 
SecurePass at OpenBrighton
byGiuseppe Paterno'
 
Business Continuity and app Security
byCristian Garcia G.
 
Cloud Security Strategy by McAfee
byCristian Garcia G.
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
byCristian Garcia G.
 
INFINITY Presentation
byCristian Garcia G.
 
Introduction to Cloud Security
bySusanne Tedrick
 
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
byCristian Garcia G.
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
byCristian Garcia G.
 

What's hot

PPTX
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
byCristian Garcia G.
 
PPT
Security as as Service: Case Study of F-Secure
byPouria Ghatrenabi
 
PDF
Cisco Live Cancun Collaboration Press
byFelipe Lamus
 
PPTX
Seguridad en Capas: Smart & Actionable Data
byCristian Garcia G.
 
PPTX
El Futuro de la Cibersegu
byCristian Garcia G.
 
PPTX
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
byCristian Garcia G.
 
PPTX
Kaspersky
byKappa Data
 
PPTX
Reduciendo su riesgo cibernético midiendo su Cyber Exposure
byCristian Garcia G.
 
PDF
Protect your guest wifi - NOW
byJoshua Sibaja
 
PDF
Kaspersky Lab new Enterprise Portfolio
byKaspersky
 
PDF
Cisco Live Cancun PR Session
byFelipe Lamus
 
PPTX
Kaspersky endpoint security business presentation
byData Unit
 
PDF
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
byNetworkCollaborators
 
PDF
Tomorrow Starts Here - Security Everywhere
byCisco Canada
 
PDF
Cisco umbrella overview
byCisco Canada
 
PDF
Infographic: Security for Mobile Service Providers
byCisco Security
 
PDF
Strategy Cloud and Security as a Service
byAberla
 
PDF
OFFICE 365 SECURITY
bySylvain Martinez
 
PDF
Cisco Security Presentation
bySimplex
 
PDF
Cisco Endpoint Security for MSSPs
byCisco Russia
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
byCristian Garcia G.
 
Security as as Service: Case Study of F-Secure
byPouria Ghatrenabi
 
Cisco Live Cancun Collaboration Press
byFelipe Lamus
 
Seguridad en Capas: Smart & Actionable Data
byCristian Garcia G.
 
El Futuro de la Cibersegu
byCristian Garcia G.
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
byCristian Garcia G.
 
Kaspersky
byKappa Data
 
Reduciendo su riesgo cibernético midiendo su Cyber Exposure
byCristian Garcia G.
 
Protect your guest wifi - NOW
byJoshua Sibaja
 
Kaspersky Lab new Enterprise Portfolio
byKaspersky
 
Cisco Live Cancun PR Session
byFelipe Lamus
 
Kaspersky endpoint security business presentation
byData Unit
 
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
byNetworkCollaborators
 
Tomorrow Starts Here - Security Everywhere
byCisco Canada
 
Cisco umbrella overview
byCisco Canada
 
Infographic: Security for Mobile Service Providers
byCisco Security
 
Strategy Cloud and Security as a Service
byAberla
 
OFFICE 365 SECURITY
bySylvain Martinez
 
Cisco Security Presentation
bySimplex
 
Cisco Endpoint Security for MSSPs
byCisco Russia
 

Similar to Enterprise secure identity in the cloud with Single Sign On and Strong Authentication

PDF
Enhancing Authentication to Secure the Open Enterprise
bySymantec
 
PPT
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
bySylvain Maret
 
PDF
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
byOKsystem
 
PDF
Oracle 4월 20일
byCana Ko
 
PDF
Secure Identity: The Future is Now
byLane Billings
 
PDF
SafeNet - Data Protection Company
byASBIS SK
 
PDF
Secret Sprawl and Electric Vehicle Charging Stations
byRoger Qiu
 
PDF
0011sas security whitepaper
byCMR WORLD TECH
 
ODP
Open sso enterprise customer pitch
byxKinAnx
 
PDF
Orange Business Live 2013 Security Breakout
byOrange Business Services
 
PPTX
Next generation data protection and security for oracle users - gdpr blockc...
byUlf Mattsson
 
PDF
Ciphercloud Solutions Overview hsa oct2011
byRamy Houssaini
 
PDF
Meeting Mobile and BYOD Security Challenges
bySymantec
 
PDF
Securing Oracle EBS on Oracle Cloud Infrastructure_PPT_v2.pdf
byvasuballa
 
PDF
Assurity seminar 24 jan
byJason Kong
 
PPTX
RSA 2019: Machine Identity Protection
byMichael Thelander
 
PPT
Introduction to distributed security concepts and public key infrastructure m...
byInformation Security Awareness Group
 
PPT
Security
bymajstors
 
PDF
10695 sidtfa sb_0210
byHai Nguyen
 
PDF
A Single Strong Authentication Platform for Cloud and On-Premise Applications
bySafeNet
 
Enhancing Authentication to Secure the Open Enterprise
bySymantec
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
bySylvain Maret
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
byOKsystem
 
Oracle 4월 20일
byCana Ko
 
Secure Identity: The Future is Now
byLane Billings
 
SafeNet - Data Protection Company
byASBIS SK
 
Secret Sprawl and Electric Vehicle Charging Stations
byRoger Qiu
 
0011sas security whitepaper
byCMR WORLD TECH
 
Open sso enterprise customer pitch
byxKinAnx
 
Orange Business Live 2013 Security Breakout
byOrange Business Services
 
Next generation data protection and security for oracle users - gdpr blockc...
byUlf Mattsson
 
Ciphercloud Solutions Overview hsa oct2011
byRamy Houssaini
 
Meeting Mobile and BYOD Security Challenges
bySymantec
 
Securing Oracle EBS on Oracle Cloud Infrastructure_PPT_v2.pdf
byvasuballa
 
Assurity seminar 24 jan
byJason Kong
 
RSA 2019: Machine Identity Protection
byMichael Thelander
 
Introduction to distributed security concepts and public key infrastructure m...
byInformation Security Awareness Group
 
Security
bymajstors
 
10695 sidtfa sb_0210
byHai Nguyen
 
A Single Strong Authentication Platform for Cloud and On-Premise Applications
bySafeNet
 

Recently uploaded

PDF
Ethical Initiatives in AI and accountability.pdf
byShiwani Gupta
 
PDF
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
PPTX
"Towards React Server Components in Clojure", Roman Liutikov
byFwdays
 
PDF
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
PDF
Meta and Apple close to settling EU cases.pdf
byLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
PDF
The Journey Is The Reward - Apple Maps Travel Companion
byJohn Andrews
 
PDF
UiPath DevConnect 2025: Introduction to Agentic Automation
byDianaGray10
 
PDF
From Bots to Brains: Getting Started with Agentic Automation in UiPath
byUiPathCommunity
 
PPTX
CBD Belgium 2025 - The adventures of a Microsoft 365 Platform Owner.pptx
byJasper Oosterveld
 
PDF
Atlantix is an AI-first venture studio, building companies with AI at the core
byadmin625551
 
PDF
Cassandra vs. ScyllaDB: Evolutionary Differences
byScyllaDB
 
PPTX
Top Trends in Kubernetes Security: TalosCon 2025
byCheryl Hung
 
PDF
A 4-Terminal Approach to Validating Charge Conservation in MOSFET Compact Models
byEalwan Lee
 
PDF
2025 October Patch Tuesday
byIvanti
 
PDF
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
PDF
Using Copilot with Microsoft Office Apps
byDeb Walther
 
PDF
Session 4 - Specialized AI Associate Series: UiPath Document Understanding O...
byDianaGray10
 
PDF
How to Measure Microsoft 365 Copilot Success and Manage AI Risk: Advanced Str...
byNikki Chapple
 
PDF
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
PDF
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 
Ethical Initiatives in AI and accountability.pdf
byShiwani Gupta
 
Session 2 - Agentic Orchestration with UiPath Maestro
byDianaGray10
 
"Towards React Server Components in Clojure", Roman Liutikov
byFwdays
 
Ask Me Anything About AI Assist: Practical Answers for Real Workflows
bySafe Software
 
Meta and Apple close to settling EU cases.pdf
byLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
The Journey Is The Reward - Apple Maps Travel Companion
byJohn Andrews
 
UiPath DevConnect 2025: Introduction to Agentic Automation
byDianaGray10
 
From Bots to Brains: Getting Started with Agentic Automation in UiPath
byUiPathCommunity
 
CBD Belgium 2025 - The adventures of a Microsoft 365 Platform Owner.pptx
byJasper Oosterveld
 
Atlantix is an AI-first venture studio, building companies with AI at the core
byadmin625551
 
Cassandra vs. ScyllaDB: Evolutionary Differences
byScyllaDB
 
Top Trends in Kubernetes Security: TalosCon 2025
byCheryl Hung
 
A 4-Terminal Approach to Validating Charge Conservation in MOSFET Compact Models
byEalwan Lee
 
2025 October Patch Tuesday
byIvanti
 
Fairness and Bias in AI Ethics and Explainability
byShiwani Gupta
 
Using Copilot with Microsoft Office Apps
byDeb Walther
 
Session 4 - Specialized AI Associate Series: UiPath Document Understanding O...
byDianaGray10
 
How to Measure Microsoft 365 Copilot Success and Manage AI Risk: Advanced Str...
byNikki Chapple
 
From Data Chaos to Copilot Confidence: A Step-by-Step Microsoft 365 Copilot R...
byNikki Chapple
 
Unlocking Full-Stack Observability for AIOps: A Precisely Ironstream for Big ...
byPrecisely
 

Enterprise secure identity in the cloud with Single Sign On and Strong Authentication

  • 1.
    ENTERPRISE SECURE IDENTITYIN THE CLOUD WITH SINGLE SIGN-ON AND STRONG AUTHENTICATION MAKING THE CLOUD A SAFER SPACE Giuseppe Paternò, Director of GARL @gpaterno | www.gpaterno.com
  • 2.
    ABOUT ME ITArchitect and Security Expert with 20+ years background in Open Source and Cloud (OpenStack, OpenNebula, ...). Former Network and Security architect for Canonical, RedHat, Wind/Infostrada, Sun Microsystems and IBM and Visiting Researcher at the University of Dublin Trinity College. Past projects: standard for J2ME Over-The-Air (OTA) provisioning along with Vodafone, the study of architecture and standards for the delivery of MHP applications for the digital terrestrial television (DTT) on behalf of DTT Lab (Telecom Italia/LA7) and implementation of HLR for Vodafone landline services. Lot of writings, mainly on computer security. CTO and Director of GARL, a multinational company based in Switzerland and UK, owner of SecurePass and SecureAudit.
  • 3.
    IT security productsand virtualization services focused on identity protection on the Cloud. Born from Symantec, conducting pentest and vulnerability assessment on their behalf in EMEA Extensive OpenSource experience and large-scale Open Source projects such OpenStack, OpenNebula, .... Most of the customers in finance and telco operators HQ based in Switzerland (Lugano and Zurich) and office in London. User privacy is protected by strict Swiss privacy regulations, no UE or US exceptions allowed. MAKING THE CLOUD A SAFER SPACE
  • 4.
    THE CLOUD INTHE ENTERPRISE It’s easy to span new instances (often) it takes less time than internal IT to have a virtual machine Great for prototyping and then they bring it into production Might have discounts from HW/SW vendor (especially HP Cloud, Azure, ....) Some applications are outsourced (eg: SalesForce, ...) Small software suppliers prefer to sell software-as-a-service
  • 5.
    WHAT HAPPENS INREALITY Applications and instances are out of control Not always possible to enforce IT security policies Each application have its own username/ password Prone to identity frauds and bruteforce attacks Can’t have a central point of control
  • 6.
    62% Increase breachesin 2013(1) TOO MANY THREATS 1 in 5 rganizations have experienced an APT attack (4) 3 Trillion$ total global impact of cybercrime(3) 2,5 billion exposed records as results of a data breach in the past 5 years(5) 8 months Is the average time an advanced threat goes unnoticed on victim’s network(2) 1,3,5: Increased cyber security can save global economy trillions, McKinsey/World Economic Forum, January 2014 2: M-Trends 2013: attack the security gap, Mandiant, March 2013 4: ISACA’s 2014 APT study, ISACA, April 2014. Source: ISACA Cyber Security Nexus
  • 7.
    Hosted Apps THECLOUD CONTROL Cloud Orchestrator 2FA/SSO Single point of control
  • 8.
    345227 One Time Password 345227 345227 Identity Management Single Sign-On SECUREPASS FEATURES 3-in-1 identity management for maximum security in cloud and internet services: Strong authentication: no more passwords to remember but “one time password” generated by a token. Identity management: manage users and group lifecycles from a control panel Single Sign-On: SecurePass recognize users for every application or network integrated
  • 9.
    CENTRAL IDENTITY MANAGEMENTSERVICE FOR ALL DISTRIBUTED APPLICATIONS AND FIREWALLS OTP is built-in and mandatory, the way around of “standard” services - OTP generated on mobile and hardware tokens - Ensure the protection against brute force password attacks Works out of the box with all VPN/SSL VPN software Works with Web applications with little or no effort Works with corporate SaaS applications like SalesForce and Google Apps Works with virtualization software such as Citrix XenApp, VMWare Horizon/vCloud & more...
  • 10.
    SECUREPASS IS OPEN Open protocols: RADIUS, LDAP, CAS and SAML Seamless integration: works out of the box with more than 98% of the software Clients and APIs available on GitHub Python, Java, PHP, C# NSS Plugin for Linux Apache Plugin Plugin for popular CMS Wordpress, Joomla & Drupal
  • 11.
    Python modules availablein the Python Installer (PIP) GARL WORKS UPSTREAM TO ENSURE MAXIMUM COMPATIBILITY Modules are now “upstream” in the main Linux distributions: - Debian “Jessie” - Ubuntu 15.04 “Vivid Vervet” - Builds tested & available for Fedora and RHEL/CentOS
  • 12.
    WHY SECUREPASS ISSECURE 3 high-secure high-speed datacenters with business continuity in different networks. High-encryption and best practices as deployed in standardmilitary environments. Core keys in a secret location, former Swiss military premise, resistant up to 10 megatons nuclear attack. Only few people has keys to access the data in the production environments and their identities is secret also to any member of GARL staff, including the board itself. Processes to revoke the above keys if one of the administrator is leaving the company or under any personal threat. Emergency procedures and legal coverage against attack targeted to GARL. PCI-DSS and ISO 17799 compliant. SecurePass do not deal with your data In no case we will be handling your application data and we won’t be even able to understand what kind of application or device is behind the login process. All GARL services are covered with an insurance policy with a premier Swiss-based multinational that will be able to refund up to 250’000 CHF per incident. With special agreements, GARL is able to cover up to 5 Million CHF per incident (ask for update).
  • 13.
    CASE STUDY WITHING DIRECT 100 75 50 25 0 RSA VS. SECUREPASS TIME COST MTN % difference RSA SecurePass Financial advisors access to European leasing system Replacement of RSA 2 factor solution, more than 70% of savings IBM labs created plugin for IBM Websphere portal
  • 14.
    GARL IS NOTONLY SECUREPASS Strong authentication and identity management for cloud and internet services Password manager for teams with delegation Network security assessment up to 8 public IP Build a virtualization service on standard hardware without licence Secure storage for backup to comply to industry’s regulations Tailored security audit for web app, network, VPN and devices Secure data collection app to your centralized server BANK OF PASSWORDS Secure Data VULNERABILITY ASSESSMENT
  • 15.
  • 16.