LASCON 2018 has ended
Back To Schedule
Friday, October 26 • 12:00pm - 1:00pm
It takes a village to get security right: Building collaborative IAM solutions

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
We have seen two evolutionary trends in the Identity and Access Management (IAM) industry. The first is a universal realization that passwords are not enough and must be combined with a second additional factors to properly authenticate users. The second, more recent trend is that even this stronger authentication should not stop at the perimeter, but instead should be done, or re-done, as close as possible to the actual interactions that matter. These interactions can be starting an application, accessing a data block, or performing a transaction. In response to these trends players in the IAM space have been developing targeted solutions that address a specific aspect of the overall need. For example, there are products that specialize in single sign-on (SSO), multi-factor authentication (MFA or 2FA), access management (AM) and or privileged access management (PAM). Although these products may rely on standards such as SAML, OpenID Connect (OIDC), they are generally not interchangeable across vendor boundaries. As a result customers have to get a bundled solution from a single vendor – not an ideal situation to say the least.
Instead of being forced to select all of these individual products from a single source, customers prefer to have the flexibility to pick products from different vendors. Multiple vendors in the IAM space have recognized this need and have created an industry consortium, Identity Defined Security Alliance (IDSA, https://www.idsalliance.org/) to promote interoperability among member products so customers can have this flexibility.
In this talk, we will explain why MFA, SSO, AM, and PAM are specialized areas and how they have evolved independently in response to the two aforementioned trends. We will also explain why it is difficult for a single vendor to deliver robust solutions in all four of these specialized areas, and why it is important to build solutions that inter-operate. The complexity of building robust security solution in today’s ever-changing environment demands this industry collaboration and confluence of expertise. We will then show an example of how SSO-AM-MFA-PAM chain of service can be build using products from different vendors.
This talk will cover the following topics:
  1. Evolutionary trends in IAM space
  2. Difference between SSO, MFA, AM, PAM
  3. Why it is difficult for a single vendor to deliver products in all four of these areas
  4. How IDSA can help build identity centric security strategies
  5. A dDemo of an example integration to get chain of chained SSO-AM-MFA-PAM services


Friday October 26, 2018 12:00pm - 1:00pm CDT
Qualys Room