3 Building Blocks for Managing Cloud Applications

March 25th, 2010

Today’s Speakers

Todd Clayton President and CEOCoreBlox

Dieter Schuller VP Sales and Business DevelopmentRadiant Logic

Mike Donaldson VP Marketing and Product ManagementPing Identity

3

Agenda

“MyCompany” Cloud Computing Case Study Todd

Solution Walkthrough Todd

Role of Virtual Directory Dieter

Role of Internet Identity Security Platform Mike

Questions & Answers All

CoreBlox

5

• MyCompany has moved their CRM to Salesforce• Management of user provisioning/de-provisioning

time consuming and manual process• Users are not consistently de-provisioned• High number of Salesforce password management

issues• Internal sales portal needs to display both internal

and Salesforce information

MyCompany Challenges

6

• Automate Salesforce provisioning and de-provisioning based upon Enterprise Directory group membership

• Centralized portal view of user information with attributes coming from Enterprise Directory and Salesforce

• Centralized view of accounts owned by Sales Reps• Single sign-on from portal to Salesforce with no

passwords maintained on Salesforce

Desired Use Case

Infrastructure Components

SalesforceSales RegionList of Accounts

Enterprise DirectoryAuthoritative Identity Repository

RadiantOneIdentity HubCommon Data Access Point

PingFederateSingle Sign-onSaaS Provisioning

Company PortalAccess Sales Data

Salesforce Provisioning and Single Sign-on

1. User Added to Enterprise Directory2. User Granted Salesforce Access3. Virtual Directory Proxies User

4. User Provisioned into Salesforce

5. User Accesses Portal

6. User Gets SSO into Salesforce

Complete User Profile

Centralized Identity Hub

Attribute Reads and Updates

Demo Step 1: Add User to Enterprise Directory

Demo Step 2: Add User to Salesforce Group

Demo Step 3: User Provisioned Into Salesforce

Demo Step 4: User Accesses Portal

No region and account details

Demo Step 5: User Sets Details In Salesforce

Demo Step 6: Portal Shows Salesforce Info

Region and account detailspopulated

17

• Simplified identity management environment• Greater flexibility to expand into other Cloud services• Reduced trouble tickets for Salesforce password

resets• Improved internal access to information both inside

and outside the firewall• No application changes required

Results

Radiant Logic

The Out is Now In

• Borders between employees, contractors, vendors, partners, customers getting blurry

• Applications outsourced to SaaS and Cloud

• Mergers, Acquisitions, Divestitures

Linking Identity and Contexts… One Identity, Many Application Contexts

21

Identity and Context Virtualization

“Virtualization is occurring at all layers across the IT "stack" — hardware, operating systems, applications, services, processes, presentation layer — even identities. At its core, virtualization is simply a layer of abstraction between a layer of consumers and an underlying layer of providers. However, this simple notion causes powerful shifts in the way that security must be managed and will accelerate the move to externalized identity services”

– Neil MacDonald – Gartner Fellow – “Everything You Know About Identity Management Is Wrong”

Abstract Protocols and Access Methods

Example: Integrating Data Across Silos

• Build a complete, unique profile from information in all data sources

cn = Laura Callahan mail=laura@rli.com phone=415.209.6800 employeeID=8

FullName = Laura Callahan Title=Account Manager Department=Sales UserID=8

First_Name = Laura Last_Name = Callahan Territory= West Account=Acme

FullName = Laura Callahan mail=laura@rli.com title=Account Manager employeeID=8 Territory=West Account=Acme Department=Sales phone=415.209.6800

Example: Multi-Tenant Services

tenant1 tenant2 tenant3

CRM

Virtualized Identity Service

Virtualization layer: Model, Mapping, Transaction, Persistence, Caching

Order Entry

Directory

Managed Service Provider

The Real Cost of Integration:Customization vs. Identity & Context Virtualization

• Zero Impact on Existing Systems• Get up and running without breaking your current

infrastructure.

• Invest Once, Evolve As Needed• Build a system that grows and adapts with your business.

• Integrate As You Go• Add new sources any time, without costly custom coding.

• Centralized Accountability• Gain a central access point for an “accountability” audit.

• Ongoing ROI• Create a platform for new initiatives, add value beyond

security.

The Business Value: Identity and Context Virtualization

Ping Identity

• Reduce User/Application Friction• Users Love (and Expect) Single Sign-On• Maximize Application Usage and Adoption

• Cost Containment• User Account Management• Support / Help Desk Overhead

• Strengthen Security• Eliminate Passwords• Address Zombie Accounts

• More than SAML Required• Multiple Access Devices• Useful (but Proprietary) APIs• Traditional Enterprise IdM Products Not Designed to

Work with Salesforce

Salesforce Identity Challenges

28

Ping’s Internet Identity Security Products

29

On-Premise InternetIdentity Security Software

Platform

On-Demand SaaS Single Sign-On and User Account

Management

Salesforce Single Sign-On Anytime, Anywhere

30

• Any Device• Desktop Browsers• Mobile Devices• Outlook Plug-In• Emailed Report

URLs

• Any Location• In the Office

• On the Road

Automated SalesforceUser Account Management

31

• Close Security Loopholes

• Improve Compliance Controls

• Reduce Administrative Overhead

• Out-of-the-Box Active Directory Support

Comprehensive Salesforce Single Sign-On

32

• Salesforce CRM• Customer Portal• Partner Portal• Ideas Portal• Force.com

SSO-Enabled Customer Portal

33

Ping Identity vs. Alternate Solutions

Ping Identity IdM Suite Vendors Do-it-Yourself

Deployment Time Days Months Months

Dependencies Works with existing authentication and directory

Upgrade production IdM infrastructure to latest release

Programmers with Internet security expertise

Functionality Every module, every device, every use case

IdP-Initiated Browser SSO for employees

How much custom code to you want to write and maintain?

Form Factor Lightweight standalone on premise software or on-demand service

Extensive, complex, expensive enterprise infrastructure software

Depends on what kind of custom code you decide to write and maintain

Ping Identity Makes Your Salesforce Investment Go Farther

• Increase User Adoption • Automate User Account

Management Tasks• Strengthen Security • Save Money

35

Contact Us:

Radiant Logic CoreBloxPing Identity

415-209-6800 877-879-2569877-898-2905

info@radiantlogic.com info@coreblox.comwww.pingidentity.com

www.radiantlogic.com www.coreblox.com@PingNewsFlash

@coreblox or @ssohelp

Questions