SafeNet Trusted Access

Cloud Access Management Service

Last updated: October 14, 2018

1
Enterprise Cloud Challenges

2
We are the world leader in digital security

15,000
€3bn 180+
EMPLOYEES

2017 REVENUE 121 AEX COUNTRIES WHERE

OUR CLIENTS ARE
BASED LISTED ON EURONEXT
3,000
NATIONALITIES OF AMSTERDAM & PARIS; R&D ENGINEERS
+2bn OUR EMPLOYEES IN DUTCH AEX
STOCK INDEX
88
END USERS
BENEFIT FROM NEW PATENTS
OUR SOLUTIONS FILED IN 2017

WE’RE UNIQUE. WE’RE GLOBAL. WE’RE INNOVATIVE.

Serving six main markets

GOVERNMENT

SOFTWARE
MOBILE MONETIZATION
BANKING &
PAYMENT
IoT

ENTERPRISE
SECURITY
 Gemalto protects the entire digital service cycle

 Multimodal authentication
(risk, token, biometric)
 AFIS, Live facial recognition
 Active protection

Access Data
LOG
Management & IN
USE encryption
Authentication

Digital IDs:  Key management

 Personalized smartcards  DP on demand
 Token issuance  HSM, HSE
 Biometric registries  Software monetization

Identity Cryptographic
verification SIGN account
LEAVE
UP
deletion
 Traditional security is no longer sufficient
Breaches are growing year-on-year across all sectors

DATA RECORDS LOST OR STOLEN SINCE 2013

5 million per day

on average

Customers across all our business units are exposed

Retail Entertainment Healthcare Education Other
Technology Financial

Government
9% 5% 3% 1% 23%
41% 5%
13%
Source: breachlevelindex, Q1 2018
The main causes of cyber threats

Main cause of attacks Main cause of damages

IDENTITY THEFT UNENCRYPTED DATA

69%
of breach
incidents
came from
identity theft
95%
of breaches involved
unencrypted data
Cloud is mainstream
The cloud computing applications most commonly used

Average of
90
27 Cloud
80 78%
73% Applications
70

60

50

40 37%
87% of respondents in
30 27% Gemalto’s annual cloud
20 16%
security survey say cloud
11% will increase in importance
10
over the next 2 years
0
Infrastructure Business Email & Virtual desktop We don’t use Other
communication SaaS
SafeNet Trusted Access
Overview

9
How do you…

Build on your
current MFA
scheme?
Simplify
access for
Comply with users?
regulations
Ensure
access
security?
 SafeNet Trusted Access

Network Legacy
logon Cloud IT Web VDI

Orchestration / Business Logic

Policy Management Risk Assessment Geo Fencing Session Management

AUTHENTICATION DEVICES CONTEXT

OTP Push PKI Password Kerberos Google 3rd Party Windows FIDO
Authenticator Hello
SafeNet Trusted Access

A service that allows organizations to

manage access to numerous cloud applications by:

> Validating identities

> Enforcing access policies

> Applying appropriate access controls with Smart Single Sign On

12
Secure dozens of cloud and web
based apps

13
SafeNet Trusted Access
Supporting the cloud and web-based apps you use…

+ Bring Your Own Apps

+ SAML 2.0 generic wizard

and many more…

Application
management made
simple
> Simple Template-based out of the box
integration for industry leading apps
maintained and expanded by Gemalto

> No complex integration guides needed

– Integrated help system

> Bring Your Own App – Add custom

applications using our built-in SAML-
based integration template

> Read-only permissions for STA

Operators (optional)

15
 Catalogue of preintegrated apps

16
CONFIDENTIAL FOR
Flexible Policy Configuration

17
SafeNet Trusted Access
Scenario-based Access Policy Enforcement for Apps

Use scenario-based access policies to gain control of

your digital identities

> Scenario-based access policies provide optimal

convenience for your users at the appropriate level of trust
and security for the business.

Decide when your users need to authenticate using

contextual information

> Where you are

> What app you’re accessing
> When you last logged in
> What OS you’re using
SafeNet Trusted Access
Scenario-based Access Policy Enforcement for Apps

Tailor Access Policies to App Sensitivity and User Role

> Increase security for privileged accounts, such as C-Suite users and IT admins
> Increase security for high value apps (e.g. VPN, Salesforce)
> Deny access or step-up authentication based on contextual information

Make Authentication easy for employees and partners

> Contextual information used to reduce access friction
> Leverage user’s current Active Directory password
> Out-of-band push authentication - No more typing your OTP
into an application, just accept the pop up on your phone!
> Out-of-the-box support for multiple languages (EN, FR, DE, etc.)

19
 Manage risk through scenario-based policies
IT Admins

Standard Users
C-Suite

C-Suite

Target Apps Users/Groups

Adjust Define Policies

• Scenario-driven
• Compliance-focused
• Based on context & risk
Monitor Risk • Set Auth rules by policy
Global Policies

The global policy is the default

access policy for all apps and all
users.
Add a Scenario

Add a conditional scenario to set different

access requirements when contextual info is
evaluated (device OS, location, network).
Mitigate risk with universal
authentication method

25
SafeNet Trusted Access
Universal authentication methods

• Utilize the MFA schemes

already deployed

• Extend PKI
OTP Push Password Kerberos 3rd Party PKI authentication to the
cloud

• Offer the appropriate

level of assurance

SMS Grid Hardware Google Windows FIDO*

Authenticator Hello*

* Supported in coming months 26

Logging and reporting

27
 LOGGING AND
Failed/ Successful access attempts: STATS
• 30-day history
• Per target app
• Per policy

User details and

account status

Access and Audit Logs

• Export to spreadsheet
• Result of each access attempt
• Name of policy applied
• Credentials required
Smart Single Sign On user
experience

29
Launch all my apps from a central user portal
Trigger Single Sign On by logging into the user portal

30
Smart Single Sign On

> Log in to all your apps with current identity

Log in from the office with a single click

> Users are only prompted to authenticate when YOU decide its needed.

> Context-based authentication reduces friction

Log in from home with a OTP

31
Why SafeNet Trusted Access?

32
Why SafeNet Trusted Access?

Minimum Complexity Maximum Security

 5 minutes to set up apps & policies  Protect all users and apps
 Fastest time to live  Superior MFA built into the service
 Easy for end users  Simple, secure access for end users

33
 Trusted by leading global brands
Why Gemalto?
Gemalto is the world leader in digital security with
solutions that protect the entire digital service cycle

 30 years in Identity & Access Management

 More than 25,000 IAM customers and more than UK Government
30 million users
 Cloud security pioneer: First vendor to offer
cloud-based authentication
Gemalto: Taking digital security to the next generation

Digital Data
Identity Protection

Digital Privacy Enabled

Next Steps

36
Demo

37
What’s in the box?
STA offers an all-inclusive license and subscription fee!
No hidden fees!

> Each STA license includes:

 Built in MFA (OTP push, SMS, OTP HW)
 Customer support
 100% cloud solution that installs with your current infrastructure
 All the latest features and functionality:
o Smart Single Sign On
o Multi-factor authentication
o Granular policies
o Easy app integration
o Data-driven insights

38
Upgrading from SAS to STA

> STA is an add-on to SAS that enables single sign on to numerous applications.
> Maintain your current investment in 2FA
> Benefit from a single 2FA and Access Management platform
> Combined technology platform - No rip and replace, simply purchase a license
> 50+ preconfigured apps, new apps added continuously, Bring-your-own App Template

SAS SAS + STA

Multi-factor Authentication  
SSO 
Session Management 
Scenario-based Access Policies 

39
Questions

40