NYC Identity Summit Business Day: Continuous Security

32
© 2016 ForgeRock. All rights reserved. Continuous Security

Transcript of NYC Identity Summit Business Day: Continuous Security

Page 1: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Continuous Security

Page 2: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 3: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 4: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 5: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 6: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Context

Page 7: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Dynamic

Page 8: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

• Identity Attributes• Trusted Credentials• Knowledge• Variables• Perceived Risk• Incentive

Page 9: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Digital

Page 10: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 11: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 12: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 13: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 14: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 15: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 16: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 17: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Identity’s Unique Role

User Experience Security

Page 18: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Identity’s Unique Role

Page 19: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

FunctionExperience

Efficiency

PrivacyIntegrityAvailability

User Experience Security

Page 20: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

AvailabilityExperience

FunctionEfficiency

PrivacyIntegrity

IntegrityAvailabilityPrivacyFunctionExperienceEfficiency

User Experience Security

Page 21: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

The Thing about Things…

Page 22: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Gartner Strategic Planning Assumption

Enterprises to employ mobile biometric authentication methods

Organizations to use contextual, adaptive techniques with multi-factor authentication

35%

30%

5%

5%Today

Today

End 2016

End 2017

Page 23: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Connecting the Dots

Page 24: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 25: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Strong Authentication

Page 26: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Mobile Biometrics

• Plugs directly into OpenAM

• Can be used with Adaptive Risk module

Page 27: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Adaptive Risk• Assesses risk based on

pre-configured parameters

• Requires additional authentication factors depending on risk score

• Includes over 20 parameters including IP address, IP history, cookie value, login history, Geo location etc.

Page 28: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Authentication: Modules and Chains• 20+ out-of-box modules including

device ID, OTP, adaptive risk, Google, Facebook, MS

• Authentication methods can be chained together for enforcing different levels or strength of security

• Scripted AuthN modules extend functionality on client side and server side using Groovy and Javascript

Page 29: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 30: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 31: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.

Page 32: NYC Identity Summit Business Day: Continuous Security

© 2016 ForgeRock. All rights reserved.