securely access and audit the cloud
TRANSCRIPT
Novell® Cloud Security ServiceReducing Risk by Securing the Cloud
Anita MoorthySenior Solutions Manager, Cloud security
© Novell, Inc. All rights reserved.2
SaaS adoption is projected to increase three-fold to US$14 Billion by 2012, according to Gartner.“SaaS sprawl” is causing IT administration and security nightmare for enterprises.Enforcing consistent policies for internal and cloud applications is key to effective governance.Novell® Cloud Security Service allows organizations to extend its internal policies, roles and workflow and manage a multi-SaaS environment consistently.Novell is a leading provider of identity and security solutions and has been for over 20 years.
Key Takeaways
© Novell, Inc. All rights reserved.3
• Why Novell Cloud Security Service (NCSS)?
• What Is NCSS and How Does It Work?
• How Is NCSS Different?
Agenda
© Novell, Inc. All rights reserved.4
Source: Gartner Saas Trends 2007-2012
SaaS Adoption Growing US$8B in ’09 to US$14.7B in ’12
With CRM, content/communication and collaboration leading the way.
© Novell, Inc. All rights reserved.5
User data/permissions
Systems/tools
Directory
AppsIT Department
Users
Enterprise Challenge Multiple usernames/passwords
Multiple identity silos
Disparate administration tools
Challenge in timely deprovisioning accounts of ex-employees
User data/permissions
User data/permissions
User data/permissions
User data/permissions
User data/permissions
Creating IT Administration Nightmare
© Novell, Inc. All rights reserved.6
DuPont: “When a sales person leaves the company, it takes 10 days to de-provision their account in SalesForce.com. Until then, the sales person has access to his account. This is a real problem.”
International Fragrances & Flavors: At an executive briefing told us, “We cannot use SaaS until it uses our identity management systems.”
“What’s keeping us from getting more large enterprise customers? Trust.” –David Carroll, Salesforce.com evangelist
And Concerns Over Security
© Novell, Inc. All rights reserved.7
• Why Novell Cloud Security Service (NCSS)?
• What Is NCSS and How Does It Work?
• How Is NCSS Different?
Agenda
© Novell, Inc. All rights reserved.8
NCSS is a Web-based identity and access solution that enables an enterprise to manage a multi-SaaS environment and enforce its policies, roles and workflows in the cloud.
Novell® Cloud Security Service (NCSS)
Simplified Single Sign-on
Enterprise-directed Provisioning/Deprovisioning
Leveraging Enterprise-defined Identities & Roles
Security Montioring/Compliance Reporting
Inspecting WRT Specific Tenants
Enterprise with any
credentials system
Cloud vendor with
NCSS
User Identity and Roles
Compliance Events
© Novell, Inc. All rights reserved.9
Enterprise
How Does NCSS Work?
1 NCSS handles both use cases: A user directly logging into a cloud service or user logging into their enterprise system first.
© Novell, Inc. All rights reserved.10
1. Active security services for annexing cloud services into an enterprise, including Federated authentication and provisioning,
role mapping, and audit event routing
2. Connectors to SaaS and PaaS providersEnterprise identity systems
3. Deployment, configuration and monitoring tools for service management of NCSS by cloud providers
4. Per-enterprise view and management of their use of SaaS and PaaS, and the connections to their internal systems
NCSS Dashboard“Risk Meter”
NCSS Key Features
© Novell, Inc. All rights reserved.11
Automatic identity federationSingle sign-on to SaaS applications securely and
automaticallyEnforce your internal policies, roles and workflows in
the cloudKeep sensitive information behind the firewallZero day start/stopGet detailed audit logs from your cloud applicationsManage all your SaaS applications via a single
dashboard interfaceReduce IT costs from better SaaS administrationSupports multiple industry standards
Benefits
© Novell, Inc. All rights reserved.12
• Why Novell Cloud Security Service (NCSS)?
• What Is NCSS and How Does It Work?
• How Is NCSS Different?
Agenda
© Novell, Inc. All rights reserved.13
High SecurityFirewall safeAutomated alerts
Ease of Use and ManagementAudit reportIntuitive management dashboard interface
Integration with On-premise InfrastructureLeverage existing identity infrastructureExtend enterprise roles, policies and workflows into the cloudFuture integrations with SIEM, workflows, usage dataSupport for multiple industry standards
Competitive Advantages
© Novell, Inc. All rights reserved.14
• Intangibles• Only vendor to offer identity and access solutions for both
sides of the cloud• Foundational block for an enterprise intelligent workload
management strategy• Financially stable vendor: US$1B cash—able to build and
buy• Extensive network of ISVs• 24x7 Worldwide support
Competitive Advantages
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.