Identity Defined Security Alliance

Putting Identity at the Center of Security

Problem Statement

This topic will be used to discuss the problem statement related to an Identity Centric approach to Mobility.

Should we kick this off with a Use Case or Persona?

I think we should start by defining the problem we are trying to solve for. It could be either use case or persona. When you think of it, which perspective are you generally thinking about?

Yes - I think starting with the problem statement is perfect. There are so many vectors on Mobility. Are we thinking about the problem of a Zero Trust Mobile device accessing network resources or ?

With feedback from the CAB we are going to shift the problem statement slightly to include O365.

I am going to posting an update later this morning with the specifics.

Here is the feedback we received from the CAB:

Here is the scenario.

Mobility- O365-Azure

Enterprise adopting Microsoft cloud eco system which includes (O-365 for communication, messaging, collaboration, etc) to enable their workforce to easily access enterprise content in a secure manner.

Challenge: How to enable secure and seamless access to the content

Components involved:
Microsoft: 0365, Azure, AD Sync, ADFS,
MDM:
SSO/ID Federation:
MFA:

To start us off, we could also add in CASB and SIEM to the above component list.

Based on meetings in Dallas, here is what we have for a problem statement so far:

Securing o365 is a layered, complex process that can be done partially with native tools, but is better secured, managed, and interconnected with multiple IDSA Partners that go above beyond Microsoft’s native capabilities.