SIE3195BU Why Identity Management and …...Why Identity Management and Enterprise Mobility Are the...

Sachin SharmaJoshua Clark

SIE3195BU

#VMworld #SIE3195BU

Why Identity Management and Enterprise Mobility Are the First Steps in Securing Users, Endpoints, and IoT

VMworld 2017 Content: Not fo

r publication or distri

bution

• This presentation may contain product features that are currently under development.

• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

• Technical feasibility and market demand will affect final delivery.

• Pricing and packaging for any new technologies or features discussed or presented have not been determined.

Disclaimer

#SIE3195BU CONFIDENTIAL 2



bution

Agenda

1 Challenges and Trends in the Mobile-Cloud Era

2 Workspace ONE Adaptive Security

3 Customer Story – Southern Company

4 Advanced Security Capabilities with Partners

5 Case Studies

6 Q & A

3#SIE3195BU CONFIDENTIAL



bution

Challenges and TrendsIn the Mobile-Cloud Era



bution

5

Consumerization is driving

DIGITAL TRANSFORMATION

ModernWorkforce

AppsAnywhere

MobileWorkflows

EmergingDelivery Models

#SIE3195BU CONFIDENTIAL



bution

Mobility: A Key Aspect of the Consumerization of IT

Consumer Experiences The Way We Work

6

IT Service Delivery

Graphics created by VMware based on industry research:1. Statista, “Global mobile retail commerce revenue from 2012 to 2018,” January 2017 2. Gartner, Mikako Kitagawa, “User Survey Analysis: Mobile Device Adoption at the Workplace Is Not Yet Mature,” October 2016 3. Gartner, “The Things People Buy: CIOs Need to Know the Smartphone User Preferences That Impact Mobile Policies” January 22, 2016

Global mobile commerce is projected to almost double by 2017.1

employees, as of 2016 in a Gartner survey, use a personally owned device or devices for work.2

Number of respondents = 5,862Base: Works a full-time job or part-time job

By 2018, 95% of global enterprises will have both a choose-your-own-device (CYOD) and a formal bring-your-own-device (BYOD) plan in place.3

$315

$549(U.S. Billions)

2015 2017

95%BYODand

CYOD

2 out of 3



bution

Why Your Security Team is Concerned

7

152% INCREASE

34% REPORTED

56% INCREASE

EXPLOITS ON IoTincrease in 2015

INTELLECTUAL PROPERTYtheft in 2015

EMPLOYEEScited as source of compromise in 2015




bution

8

Consumerization Drives Vertical Integration

iOS / MAC

• iTunes

• Apple ID

• App Store

• iWork

• iCloud

ANDROID / CHROME

• Gmail Account

• Google Play

• G Suite

• Google Drive

WINDOWS

• Microsoft ID

• AD/Azure AD

• Office 365

• Windows Store

Update Service

• SCCM




bution

9

…And Creates Silos within IT

• iTunes

• Apple ID

• App Store

• iWork

• iCloud

• Gmail Account

• Google Play

• G Suite

• Google Drive

• Microsoft ID

• AD/Azure AD

• Office 365

• Windows Store

Update Service

• SCCM

• Salesforce 1

• Concur

• Workday

• Slack

• Dropbox

• Docusign

Mobile Team Desktop Team LOB

iOS / MAC ANDROID / CHROME WINDOWS SaaS APPS




bution

• iTunes

• Apple ID

• App Store

• iWork

• iCloud

• Gmail Account

• Google Play

• G Suite

• Google Drive

• Microsoft ID

• AD/Azure AD

• Office 365

• Windows Store

Update Service

• SCCM

• Salesforce 1

• Concur

• Workday

• Slack

• Dropbox

• Docusign

Mobile Team Desktop Team LOB


10

A Platform Approach Breaks Silos and Delivers a Digital Workspace

Connected Things

(Rugged / IoT)

Identity and Access Management

Unified Catalog Single-Sign On Authentication Access Policy

Digital Workspace Platform

End-User Services Team





bution

You can’t transform

business without a

great user experience

You don’t need to

compromise security

to get there

VMware Workspace ONE Empowers the Digital Workspace your business needs




bution

Identity Services

Unified Catalog Single Sign-On Authentication Access Policy

AirWatch Unified Endpoint Management (UEM)

Management Context

End-User Services Team


12

Securing Your Digital Workspace with Unified Endpoint Management and Identity Services

Open

Ecosystem

App Config

Community

Mobile

Security

Alliance

Authentication

and Identity

Providers

Connected Things

(Rugged / IoT)

Virtualize




bution

Conditional Access using Identity Context and Device Compliance

13

AUTHENTICATION

MODULE

DEVICE

POSTURE

USER

AUTH

APP SERVICE

Workspace ONE

Managed Jail Broken

DEVICE COMPLIANCE

OS

3rd PartyMSA | Malware | Trust

LocationBlacklist

Apps

IDENTITY CONTEXT

Authentication

Provider

Network

Scope

Authentication

Strength

Session

Time

Per

Application

Remote Apps | Web Apps | Native Apps

Integrates identity and device compliance to create and enforce granular policies for secure data access

Leverage existing Identity management investments to simplify data management

Eliminate manual compliance management, minimizing data access risk




bution

Device Trust

14

DEVICE TRUST

Enforce specific policies when a user

tries to use a particular application

Empower end users with option to enroll their device if secure app access is needed

Transparency of privacy is displayed before enabling workspace services




bution

Complete a business process on

your phone in less than 72 seconds

What a Digital Workspace can do for you

Fast Deployment

Contextual Control

Mobile Access

Remote

Management

Establish access policies, gain

visibility from one place

Provision devices, onboard

employees in minutes

Empower employees with self

service, lower help desk calls




bution

Customer StoryJoshua Clark

Application Solutions Architect

Southern Company



bution

17

Joshua Clark Application Solutions Architect

• Technical lead for Mobility in Workplace Solutions (EUC team)

• Technology enthusiast

• VMware AirWatch Enterprise Mobility Expert

About Southern Company

9 million utility customers

Operating in

19 states46,000 MW

of Generation Capacity

Nearly 200,000 miles of power lines,

80,000 miles of natural gas pipelines

32,000employees

Ranked among Computerworld's

100 “Best Places to Work in IT”for 11th consecutive year

CONFIDENTIAL



bution

Mobility Journey

2010 Now

4,500 BlackBerry, BES managed

6,000 Exchange ActiveSync

Policy ‘managed’

No idea what was personal

vs. corporate owned

Email, Calendar, Contacts only

Manual Configuration

23,000 mobile devices managed

60% Corporate / 40% Personal

85% iOS / 15% Android

30 Internal Apps, 100+ Web Apps

Seamless configuration

18



bution

Strategic Vision

• Simplicity for End-Users

• Security is key, but it doesn’t always have to get in a user’s way

• Solving identity is a major challenge for a large enterprise

• Conditional access is key to securing data in the cloud

19

The journey to get there is not

The desired result is often clear



bution

Demo



bution

Advanced Security CapabilitiesWith Partners



bution

Network

Endpoint

App

Cloud

Workspace ONE and the Mobile Security Alliance




bution

23

Example: Protect Against Mobile Threats Through Partner Integrations

Conditional

Access

Policy

Mark DeviceNon-Compliant

MTD solutions



bution

Example: Integrated Governance with SailPoint

24

(Authoritative

HR Application)

End User /

Device

Change

Notification

Governance

(Provisioning)

AccessAuthentication

App and Device

Entitlements

Directories

Applications




bution

Case Studies



bution

Speed Relief to Disaster Victims

Business Issue

Problem Solution

Speed transaction processing, supporting a highly distributed an dynamic user population

Existing IT services not suited to their mobile mission.

Need to deliver a mix of legacy and new application types, but maintained to the latest version.

Delivered a new service called the Red Cross Virtual Workplace with 10K unique users and 150 apps.

IT focuses on app delivery – to any device – with virtual desktops and RDSH apps, web and SaaS apps.

Reducing new hire

time to productivity

from a few weeks to a

few hours.

Taking advantage of the

security and flexibility of

new devices while still

delivering legacy apps.

Ultimately speed the

flow of relief payments

and supplies to

disaster victims.




bution

• 24,000 desktops and laptops

• 27,000 smartphones and tablets

– 13,000 employee owned

• 5,000 Horizon virtual desktops

• 400 applications

– 377 SaaS / web-based, 10 mobile, 13 client-server

• Workspace ONE Deployed to 22,000 users

– 13,200 users chose to enroll devices

• Cost to Deploy - $3.83M

• Annual Cost Savings Realized - $5.78M

• Productivity Gains – 3,140 work days per year

VMWARE ON VMWARE

CASE STUDY – OCT 2016

Source: VMware’s Move To A Digital Workspace




bution

Deliver best user

experience

Contain costs of

shadow IT

Secure the

environment

Integrate all

services

Only IT is in the best position

to drive business innovation




bution

Learn More

29

YouTube youtube.com/vmwaretv

Product Pages vmware.com/products/workspace-one

Hands on Labs labs.hol.vmware.com

Twitter twitter.com/workspaceone

Facebook facebook.com/vmware




bution

Q&A



bution



bution

SIE3195BU Why Identity Management and …...Why Identity Management and Enterprise Mobility Are the...

Documents

Transcript of SIE3195BU Why Identity Management and …...Why Identity Management and Enterprise Mobility Are the...