securely access and audit the cloud

Novell® Cloud Security ServiceReducing Risk by Securing the Cloud

Anita MoorthySenior Solutions Manager, Cloud security

© Novell, Inc. All rights reserved.2

SaaS adoption is projected to increase three-fold to US$14 Billion by 2012, according to Gartner.“SaaS sprawl” is causing IT administration and security nightmare for enterprises.Enforcing consistent policies for internal and cloud applications is key to effective governance.Novell® Cloud Security Service allows organizations to extend its internal policies, roles and workflow and manage a multi-SaaS environment consistently.Novell is a leading provider of identity and security solutions and has been for over 20 years.

Key Takeaways


• Why Novell Cloud Security Service (NCSS)?

• What Is NCSS and How Does It Work?

• How Is NCSS Different?

Agenda


Source: Gartner Saas Trends 2007-2012

SaaS Adoption Growing US$8B in ’09 to US$14.7B in ’12

With CRM, content/communication and collaboration leading the way.


User data/permissions

Systems/tools

Directory

AppsIT Department

Users

Enterprise Challenge Multiple usernames/passwords

Multiple identity silos

Disparate administration tools

Challenge in timely deprovisioning accounts of ex-employees






Creating IT Administration Nightmare


DuPont: “When a sales person leaves the company, it takes 10 days to de-provision their account in SalesForce.com. Until then, the sales person has access to his account. This is a real problem.”

International Fragrances & Flavors: At an executive briefing told us, “We cannot use SaaS until it uses our identity management systems.”

“What’s keeping us from getting more large enterprise customers? Trust.” –David Carroll, Salesforce.com evangelist

And Concerns Over Security





Agenda


NCSS is a Web-based identity and access solution that enables an enterprise to manage a multi-SaaS environment and enforce its policies, roles and workflows in the cloud.

Novell® Cloud Security Service (NCSS)

Simplified Single Sign-on

Enterprise-directed Provisioning/Deprovisioning

Leveraging Enterprise-defined Identities & Roles

Security Montioring/Compliance Reporting

Inspecting WRT Specific Tenants

Enterprise with any

credentials system

Cloud vendor with

NCSS

User Identity and Roles

Compliance Events


Enterprise

How Does NCSS Work?

1 NCSS handles both use cases: A user directly logging into a cloud service or user logging into their enterprise system first.


1. Active security services for annexing cloud services into an enterprise, including Federated authentication and provisioning,

role mapping, and audit event routing

2. Connectors to SaaS and PaaS providersEnterprise identity systems

3. Deployment, configuration and monitoring tools for service management of NCSS by cloud providers

4. Per-enterprise view and management of their use of SaaS and PaaS, and the connections to their internal systems

NCSS Dashboard“Risk Meter”

NCSS Key Features


Automatic identity federationSingle sign-on to SaaS applications securely and

automaticallyEnforce your internal policies, roles and workflows in

the cloudKeep sensitive information behind the firewallZero day start/stopGet detailed audit logs from your cloud applicationsManage all your SaaS applications via a single

dashboard interfaceReduce IT costs from better SaaS administrationSupports multiple industry standards

Benefits





Agenda


High SecurityFirewall safeAutomated alerts

Ease of Use and ManagementAudit reportIntuitive management dashboard interface

Integration with On-premise InfrastructureLeverage existing identity infrastructureExtend enterprise roles, policies and workflows into the cloudFuture integrations with SIEM, workflows, usage dataSupport for multiple industry standards

Competitive Advantages


• Intangibles• Only vendor to offer identity and access solutions for both

sides of the cloud• Foundational block for an enterprise intelligent workload

management strategy• Financially stable vendor: US$1B cash—able to build and

buy• Extensive network of ISVs• 24x7 Worldwide support

Competitive Advantages


Q&A

Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

securely access and audit the cloud

Technology