backstage tour of identity - london identity summit

© 2016 ForgeRock. All rights reserved.

BackstageTour of Identity

Simon.Moffatt@forgerock.com | Product Manager

Victor.Ake@forgerock.com | Founder & Office of the CTO

Jon.Knight@forgerock.com | Customer Engineering

Wayne.Blackledge@forgerock.com | Customer Engineering

© 2016 ForgeRock. All rights reserved.

“Band Materials”: An Evolving Modern Organisation

1M weekly active users

rising to 10M in year 1

Omni-channel

device access

Home grown &

legacy

infrastructure

Costly to maintain

& future proof

New applications and

infrastructure to be cloud-

first

Competitive

pressures require

agility and

differentiationExisting system

insecure with poor UX

© 2016 ForgeRock. All rights reserved.

Requirement #1

We need rapid integration & protection of existing apps, services & API’s!

© 2016 ForgeRock. All rights reserved.

Poor UX /

SSO

Multiple

legacy

user stores

Single app entry

point & user store

Old World New World

© 2016 ForgeRock. All rights reserved.

Requirement #2

But all new apps and services will run in Cloud Foundry. Can we still integrate?

© 2016 ForgeRock. All rights reserved.

© 2016 ForgeRock. All rights reserved.

Requirement #3

Our user registration and sign up process needs simplifying!

© 2016 ForgeRock. All rights reserved.

Increase new user sign

up

Increase assurance by

mapping social data to

internal data

Increase sign in speed

for existing usersProtected apps

& resources

S3 – Simple Social

Sign up / in

© 2016 ForgeRock. All rights reserved.

Requirement #4

Social sign in seems insecure. Can we make it safer?

© 2016 ForgeRock. All rights reserved.

Friction free Push

Authentication

Smart Trigger – for

untrusted actions,

devices, locations

Simple and Secure

for Android & iOS

Out of band second

factor

Protected apps

& resources

© 2016 ForgeRock. All rights reserved.

Requirement #5

MFA is great...but I want something more in-session, transparent and contextual..

© 2016 ForgeRock. All rights reserved.

Post login, in-

session check

Leverage context

Analyse geo-loc

changesPolicy engine with

access to external

context

Device &

Environmental

changes

© 2016 ForgeRock. All rights reserved.

Requirement #6Sign up has increasedSign in is more secureSign in is simpler

..but I want gadgets!We need to be competitive...

© 2016 ForgeRock. All rights reserved.

Devices need identities

too!

“Pin & Pair” - device

representing a user to a

service or application

Easy revocation for

device sale or theft

Device

accesses

services on

users

behalf

Simple out

of band pairing

© 2016 ForgeRock. All rights reserved.

SummaryRapid IntegrationNew Single User Store + SSOCloud ReadySimple Social Sign in / Sign upModern Push MFADevice Integration

© 2016 ForgeRock. All rights reserved.

Thank You