Scribd Logo
Upload

Welcome to Scribd!

  • Kcve1 Keynote Conradt

    Uploaded by

    Vinay Sekhar
    1 views21 pages
    Evolution of IAM

    Original Title

    kcve1_keynote_conradt

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Evolution of IAM

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    1 views21 pages

    Kcve1 Keynote Conradt

    Uploaded by

    Vinay Sekhar
    Evolution of IAM

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 21

    The Evolution of IAM

    ...from being a ‘bandaid’ to a strategy


    Mathias Conradt, Senior Solutions Engineer

    auth0.com
    The Evolution of IAM

    Today’s discussion:

    ■ Today’s Digital Environment and the state of IAM solutions


    ■ Build or buy - which is right for you?
    ■ Balancing user experience and security
    ■ Key considerations in app development for longevity and security
    ■ Future standards of IAM for digital environments

    auth0.com
    The Evolution of IAM

    Today’s Digital
    Environment
    ..and the state of IAM solutions

    THIS IS A PLACEHOLDER.
    YOU CAN PUT HERE AN IMAGE, GIF,
    DIAGRAM OR CHART

    auth0.com
    The Evolution of IAM

    Digital Environments and IAM

    ????

    CEO’s and Digital 41%


    Transformation
    22%

    2018 2019 2020 2021

    auth0.com
    The Evolution of IAM

    Implementation Myth

    “I can do it myself”

    39% of companies confirm, they can’t catch up with rapidly changing industry & skill-set

    Move to Cloud / IDaaS to:


    ■ Increase their Time to Market
    ■ Gain benefit from the knowledge of the industry experts
    ■ Focus on their own business innovation

    auth0.com
    The Evolution of IAM

    ‘Traditional’ Identity Consumer Identity

    ■ All about employees ■ All about consumers


    ■ Privileged users ■ Unknown audience
    ■ Often standard software ■ Often custom software
    ■ Business risk mitigation ■ UX is key
    ■ More security steps ■ Trust is key
    ■ UX “collateral damage” ■ Social Logins

    auth0.com
    The Evolution of IAM

    From data silos to centralized IAM

    App 1 USER DB 1

    ? APP 3 USER DB 3
    App 1

    APP 3
    AUTH0

    APP 2 USER DB 2 APP 2

    auth0.com
    The Evolution of IAM

    Build or Buy?
    Benefits and limitations

    THIS IS A PLACEHOLDER.
    YOU CAN PUT HERE AN IMAGE, GIF,
    DIAGRAM OR CHART

    auth0.com
    The Evolution of IAM

    Actual Value of a Purchased CIAM Solution

    Identity Management is more complex than it appears at first glance.

    The Basics:
    ■ Login
    ■ Registration
    ■ Email Verification
    ■ Password Reset

    auth0.com
    The Evolution of IAM

    Actual Value of a Purchased CIAM Solution

    Further requirements often only arise after the product launch:


    ■ Multi-Factor Authentication (MFA)
    ■ Single-Sign-On (SSO)
    ■ Passwordless (SMS oder Email)
    ■ Federation, Standard Protocols Support (OAuth2, OIDC)
    ■ Social Logins (Google, Facebook, Apple ID, usw.)
    ■ Account Linking
    ■ Brute Force Protection, Breach Password Detection
    ■ Profile Enrichment and Progressive Profiling

    An IDaaS provider is constantly innovating in the area of its core competence


    ■ Examples: Sign in with Apple, OAuth2 Device Authorization Grant, Anomaly Detection & Security

    auth0.com
    The Evolution of IAM

    Exemplary Integration and Development Effort

    auth0.com
    The Evolution of IAM

    Balancing
    User Experience
    and Security
    THIS IS A PLACEHOLDER.
    YOU CAN PUT HERE AN IMAGE, GIF,
    DIAGRAM OR CHART

    auth0.com
    The Evolution of IAM

    The Balancing Act: UX and Security

    Security User Experience

    ■ Breached passwords ■ Social Login / Federation


    ■ Credential stuffing ■ SSO (Single-Sign-On)
    ■ Regulations: GDPR and more ■ Passwordless (Email / SMS)
    ■ Culture of security: IT, Product, ■ Multi-Factor Authentication
    Engineering

    auth0.com
    The Evolution of IAM

    Building Apps,
    Longevity and
    Trust
    THIS IS A PLACEHOLDER.
    YOU CAN PUT HERE AN IMAGE, GIF,
    DIAGRAM OR CHART

    auth0.com
    The Evolution of IAM

    Building Apps, Longevity


    and Trust
    ■ programming languages
    ■ access to native device APIs
    ■ multi-platform support (iOS, Android)
    ■ best practices: open standards, i.e.
    token-based authentication

    ■ a UX that feels consistent across all


    platforms and services

    auth0.com
    The Evolution of IAM

    Expectations for an IDaaS

    ■ Intuitive, flexible platform


    ■ Customizing through configuration, not (or little) code
    ■ Developer-friendly
    ■ Scalable
    ■ Well documented
    ■ Easy to deploy

    auth0.com
    The Evolution of IAM

    Future Standards
    of IAM for Digital
    Environments
    THIS IS A PLACEHOLDER.
    YOU CAN PUT HERE AN IMAGE, GIF,
    DIAGRAM OR CHART

    auth0.com
    The Evolution of IAM

    Future of IAM

    Key areas we see:

    ■ Credential Stuffing
    ■ Continuous Authentication
    ■ IoT

    auth0.com
    The Evolution of IAM

    Top Hacking Action


    Varieties in Breaches

    2019 Data Breach Investigation Report by Verizon

    auth0.com
    The Evolution of IAM

    Malicious Traffic Observation at Auth0

    auth0.com
    Thanks.

    auth0.com

    You might also like