next gen idm webinar 271214
TRANSCRIPT
Agenda
• ProofID Background
• Identity Landscape in UK Academia
• What is Social Identity Management?
• Social Identity Management use cases in Academia
• IDENTify Demonstration
• Q&A
ProofID Background
Background
• ProofID is a specialist provider of fully managed identity solutions
• Trading since 2008
• Based in Manchester
• Proven track record of delivery into Academia
• Significant technical expertise across multiple identity management technologies:
• Ping Identity
• NetIQ
• Forgerock
• Microsoft
Customers
GCloud
• All of ProofID’s products and services are now available through GCloud
• IDM Consultancy
• IDM Managed Service
• IDM Technical Support
ProofID Acquisition of Salford Software
• ProofID acquired Salford Software Ltd. on 31st July 2014
• Leading provider of Identity Management to UK Academia
• £3m annual turnover
• Strong and growing managed service business
ProofID Vision – Identity Management in Academia in 2014
New
Wo
rld P
rob
lem
sOld
Wo
rld
Pro
ble
ms
Identity Management Challenges
Large User Populations
Student Experience
High User Churn Rate
Adoption of Cloud Services
Complex Operating
Environment
International-isation
ExchangeStudent PortalLibrary System Virtual Learning
EnvironmentSecurity CardSystem
Student Records System Others System
Active Directory
ProofID Managed PingFederate Service
IDM System
HR System
Old World vs. New World Identity Management
Next-generation Managed IDM Platform
ProofID Fully Managed Next Generation
Identity Management Platform
PingFederateFederation and Single SignOn
midPointOpen Source User
Lifecycle Management
IDENTifySocial Identity Management
and identity proofing
On
-
Pre
mis
e
Ap
plia
nce
Ho
ste
d
Se
rvic
e
What Is PingFederate?
• PingFederate® is a lightweight and powerful identity bridge that delivers a comprehensive identity management solution for federated access to applications using existing identity infrastructure.
• 80 pre-packaged integration kits
• Connect to any identity store and application, on-premises and in the cloud
PingFederate Customers
PingFederate Customers
Education
• University of Hull
• University of Pittsburgh
• Johns Hopkins University
• Academy of Art University
• NYU Stern School of Business
• EduTech
• UNC Kenan-Flagler Business School
Other
• Air France / KLM
• BMW
• PayPal
• Prudential
• Nokia
• Microsoft
• US Dept of HLS
• AstraZeneca
• Shell Oil
• Caterpillar
What Is midPoint?
• midPoint is a next-generation, Open Source Identity Management platform
• Heritage from SunIDM – yet developed from the ground up
• User Lifecycle Management:• Provisioning
• Deprovisioning
• Workflows
• Highly flexible provisioning capabilities
What Is IDENTify?
• Social Identity Management product
• Developed by ProofID
• Provides identity proofing mechanism to allow social identities to be used to access protected resources
• Integrated with PingFederate
Next Generation Managed IDM Platform
User Lifecycle Management
Authentication
Single Sign On
Future
Authoritative Data Source
Bring Your Own Identity
What is BYOI?
• Bring Your Own Identity
• The ability to log into institutional IT services using an external identity
By 2020, 60% of all digital identities interacting with
enterprises will come from external identity providers
through a competitive marketplace, up from <10%
today
BYOI – Student View
‘Born in the Cloud’
Convenient Frictionless
Internet experience
Not suitable for everyone…
BYOI – Gartner View
‘IAM Must Adapt to Realize all the Benefits of Social Identity Integration’ – Ant Allan & Greg Kreizmann, September 2014
- IAM leaders are seeking to integrate social identity into registration and login workflows to reduce friction and improve the experience
- By 2018, 15% of organisations will allow access to sensitive data via social login, up from less than 2% today
- IAM leaders seeking to allow social access to sensitive data must provide appropriate trust elevation
BYOI – Gartner View
Benefits of BYOI:
• Fewer passwords for users to manage
• Improved login experience
• Reduced helpdesk calls due to authentication failure
• More convenient and frictionless registration
• Improve customer profiling, intimacy and service
BYOI for Academia
• Seamless delivery of IT services to ‘Born-in-the-cloud’ students
• Remove friction from processes
• Social channel for marketing
• Improve engagement retention throughout the student lifecycle
• Grow revenues
Median Alumni donations to UK Universities are
£1,000,000 p/a
Increase of 20% through enhanced engagement is equivalent to £200,000
Social Identity Management in Academia
What is Social Identity Management?
• Enabling users to login with social credentials
• Facebook, Twitter, LinkedIn
• Any social network supporting open standards (e.g. OAUTH/OpenIDConnect)
• Mapping social identity to institutional identity
• Tying multiple social identities together
• Provisioning and seamless access to resources via social identities based upon university role
• Identity proofing to provide assurance of social identities
• Fred’s Facebook account definitely belongs to Fred
• Recertification – restate assurance on a regular basis
• Fred’s Facebook account still definitely belongs to Fred
Scenario 1 – Pre-applicant
School PupilInterested in the University
Seamless access to a taster course in VLE
Login via Facebook from University Website
Create record in CRM system
62% of internet users will abandon the
registration or login process (at least some
of the time)
Scenario 2 – New Student
New student
Login to IDENTify from University Website
Complete identity proofing processAs part of registration process
Seamless access to alllearning resources
Scenario 3 – Alumni
Student becomealumnus
Login to IDENTify from University Website
Remove access toLearning systems
Link additional social identities
Managed alumnus relationshipthrough CRM
Demonstration
