What You Need to Know about API Security

Since the growth of APIs “hockey-sticked” around 2005, the proliferation of web-based APIs has spanned every industry and vertical from e-commerce to map services to enterprise. APIs like that of Twitter, Amazon, and Netflix garner billions of API calls every day, and these represent just a few of the more visible.  With this rapid growth, on the order of 300-400 new APIs arriving each month, security is an ever-increasing concern.  Enterprise focused, SaaS based APIs are among the fastest growing segments, and in light of this, securing company assets and Data Loss Prevention are paramount.  The perimeter of enterprise networks has become amorphous as workflows increasingly leverage platforms and applications beyond the firewall.  So what does that mean for your organization’s security?

Attend our May 10^th webinar featuring Intel, McAfee, and tech analyst & CTO, Dan Woods for an advanced perspective on what you should do to ensure API Security, specifically as related to Authentication, DLP, and Validation Controls.

 For more information about Intel Expressway Service Gateway — with free webinars, tutorials and expert blogs on securely exposing Web Services in the Cloud, please visit us at: www.intel.com/go/identity

Webinar: Applying Strong Authentication and Data Loss Prevention to Collaborative File Sharing (April 26)

Join us for what will be a very informative webinar on Applying Strong Authentication and Data Loss Prevention to Collaborative File Sharing

April 26th 2012 – Time: 10:00 AM PDT, 1:00 PM EDT

> Register Now

Employees love the convenience and utility of collaborative file sharing applications like Box. Sharing contracts, graphics/video files, or other corporate content using a cloud-based service empowers users to share information directly with external partners-outside traditional enterprise security controls.

While you want to encourage productivity, you also need a strategy that addresses how you’re going to control access to file sharing applications and inspect data before it leaves the enterprise.

In this webinar Intel, McAfee and Box join forces to discuss how your sensitive content can be protected throughout the collaboration life cycle—from access and upload to download and distribution.

You will learn:

• Overview of typical file sharing use cases and workflows
• Streamlining access for users
• Tying federated authentication to corporate ID stores
• Adding 2nd factor strong authentication for sensitive document security
• Blocking sensitive files from upload
• On-prem, 100% in the cloud, and hybrid SaaS access options

As a bonus, all attendees will be eligible to receive a free enterprise trial account from Box.

 

 

 

 

 

For additional information, please visit www.intel.com/go/identity

 

 

March 29th Analyst Webinar – Identity and Access Management in the Cloud: Real or Mirage?

 

 

 

 

Traditional IAM solutions have not kept pace with cloud innovation and new approaches to identity and access management are gaining ground. Should you move your IAM infrastructure to the cloud? What is the role of related standards? These and more questions will be addressed in a free webinar “Identity & Access Management in the Cloud: Real or Mirage?”, hosted by Intel and industry analyst firm KuppingerCole on March 29, 2012 at 10:00 AM Pacific (1:00 PM Eastern, 7:00 PM CEST).

In this webinar KuppingerCole Sr. Analyst Dave Kearns will discuss the benefits and challenges of moving use identities to the cloud. Vikas Jain, Director of Product Management at Intel, will follow with an overview of Intel Cloud SSO, Intel’s newest identity and security solution for the cloud. Click here to register for this informative event.

RSA 2012 Interview with Andy Thurai, Chief Architect of Intel’s Application Security & Identity Products Group

Watch this interview between Tom Field and Intel Application Security & Identity Products Group, Chief Architect Andy Thurai.  Andy talks about API management and the attendant issues including security, management, auditing, metering, monitoring and monetization.

You’ll hear Andy talk about Social APIs vs other APIs, as well as how Intel is providing mobile enablement. Andy talks about a platform that is technology, security, and identity agnostic, so that when messages are sent to a hosted app or a partners app, one has the appropriate mechanism to consume those messages coming in from mobile devices. Listen to Andy talk about Intel’s latest announcement made at RSA, about Cloud SSO  — visit www.intelcloudsso.com for more information.

RSA 2012 Interview with Andy Thurai

Intel introduces IAM as-a-service for cloud apps

At the RSA conference 2012 this week, we’re excited to introduce a new cloud service “Intel Cloud SSO” for Enterprises to provide Identity and Access Management (IAM) for cloud applications from the cloud. The service runs on Salesforce’s Force.com platform as-a-service (PaaS), and offers secure seamless single sign-on access to 100+ SaaS applications through pre-built connectors. End users have to remember just one password to login into the service’s SSO portal, from where they can launch all the applications they are allowed to access. This single sign-on experience eliminates password sprawl, improving security and user productivity. To help Enterprise IT deal with on-boarding/off-boarding of users, the service includes role based automated provisioning/de-provisioning of user accounts into cloud apps.

Intel Cloud SSO service is the cloud version of the Intel Expressway Cloud Access 360 (Intel ECA 360) on-premise software which was released during last year’s RSA conference 2011. We’ve implemented “Freedom Licensing” for both products that allows customers to use either Intel Cloud SSO or Intel ECA 360, or both, for the same license fee, providing ultimate flexibility to our customers.

The service provides enhanced security and improved IT controls by:

• Including One-time Password based step-up authentication when accessing secure cloud apps. The built-in One-time Password technology supports mobile soft-tokens through a downloadable mobile app.
• Customers using Intel Ultrabook client devices to access cloud applications can leverage the service’s seamless trusted device authentication by integrating with Intel Identity Protection Technology.
• Including policies that IT can use to restrict access to cloud apps based on various contextual elements such as: which mobile device the user is accessing from, accessing from corporate network or not, etc.
• Customers can use their corporate identity store (such as Active Directory) and Kerberos to authenticate into service’s SSO Portal, thereby eliminating even the password required to sign in to the service’s SSO portal.

Do I need to be an IAM expert to use it?

No. When we were building Intel Cloud SSO, we laid out basic tenet for the service – keep it simple. Anybody should be able to configure and use it, and shouldn’t require special skills. Having worked with other IAM systems in the past, this wasn’t an easy goal to achieve …

How can I get access to the service?

Currently, the service is in a Beta phase. You can apply for Beta by visiting www.intelcloudsso.com.

Is it available through McAfee?

McAfee (an Intel company) already sells Intel ECA 360 software as McAfee Cloud Identity Manager under the McAfee Cloud Security Platform (read post), and plan to include this service in its portfolio later this year.

Vikas Jain is Director of Product Management at Intel Corporation responsible for Cloud Identity and Security Products. You can follow him on Twitter @VikasJainTweet

Visit Intel at HIMSS 2012

As HIMSS 2012 approaches  (Feb 20-24 at the Venetian Sands Expo Center in Las Vegas), we’d like to give you the opportunity to sign up for complimentary Intel workshops.

You’ll have a chance to discuss critical healthcare IT challenges and opportunities with industry experts, and to encounter leading-edge solutions and practice models from security to mobile to cloud.
Simply go to the link below, where you can review abstracts and use our easy tool to select the free workshops you’d like to attend.

If you can’t make all of the sessions, make sure not to miss a review of the standardized reference architecture proposed by VisionWare* and Intel for secure, scalable master data management, using the Intel® Expressway Service Gateway and the VisionWare MultiVue* products.

The Need for Secure, Scalable State Healthcare Registries

Tuesday, February 21
9:00am – 10:00am

Read Abstract & Register

At the next session, following an overview of  Healthcare Cloud Service Brokers, the service broker enabling technologies will be demonstrated for a hands-on look at security, API management, and integration workflows.

Simplify Member-Provider Information Exchange through Healthcare Cloud Service Brokers
Tuesday, February 21
10:00am – 11:00am

Read Abstract &  Register

Lastly, here’s another session that you should not miss:

The Creation of a Healthcare Insurance Exchange Using Your State Medicaid Management Information System (MMIS) As a Foundation

Wednesday, Feb. 22
5:00pm – 6:00pm

Read Abstract & Register

You can register for any of the sessions  here.

If you would like more information about Intel Expressway Service Gateway for Healthcare, please visit our site: www.intel.com/go/identity

We look forward to seeing you there!

Webinar: Federal Cloud Security Initiatives Explained – Choosing the Right Standards and Technologies

Join us on 10/6  at 2pm Eastern Time for an exciting and informative webinar:

Federal Cloud Security Initiatives Explained – Choosing the Right Standards and Technologies

Mapping the alphabet soup of federal cloud security initiatives is a daunting task. Tim Grance from NIST and federal security expert Gunnar Peterson join forces to decompose the funded programs and standards initiatives to recommend an adoption path for cloud security. Tim begins with a grounding in NIST’s baseline cloud security architectures/guidelines. Gunnar follows with insight into how these practices have been incorporated into programs such as NSTIC, FedRamp, FICAM, Cyberscope, and DOD-PKI.  This will be followed with additional guidance on some of Intel’s solutions from Intel Application Security & Identity Products Chief Architect, Andy Thurai. A group discussion will comment on the adoption timelines, real world use cases, and applicable COTs commercial technologies. Attendees of this webinar will receive a copy of Gunnar Peterson’s Federal Cloud Security white-paper. Sponsored by Intel & McAfee.

Register here:

http://washingtontechnology.com/webcasts/2011/10/intel-mcafee-cloud-security-100611.aspx?tc=page0

 

Forrester Cloud Jam Session DAY 2: The Authoritative ID Store Is Dead – How the Cloud Changes Provisioning

Join us this Thursday, July 28, 2011 at 1PM Pacific (replay will be available after initial broadcast) as Andras Cser, Principal Analyst, Forrester and Vikas Jain, Director of Product Management, Intel Cloud Identity & Security shed light on how account provisioning should be added to deliver enterprise class secure cloud access implementations.

Register here:

As IdM in the Enterprise evolved, all software programs from operating systems, middleware, and applications as well as networking programs such as VPN converged on integrating with a single authoritative ID store based on LDAP protocol. The cloud is changing this as every SaaS application tries to maintain account information about users leading to emergence of multiple identity silos. On the other hand, many SaaS providers are eyeing identities they manage as business assets to create stickiness with their products and getting in the race of becoming authoritative identity provider themselves. These couple of scenarios are leading to new challenges to solve in the identity provisioning and synchronization space.

Forrester Cloud Jam Session DAY 1: Adaptive Strong Auth & Federated SSO – The New Power Couple

Join us this Wednesday, July 27, 2011 at 10am Pacific (replay will be available after initial broadcast) as Eve Maler, Principal analyst at Forrester and Vikas Jain, Director of Product Management for Intel Cloud Identity and Security shed light on how strong authentication should be added to deliver an enterprise class secure cloud access implementation.

Register here:

Enterprises are adopting federated SSO to cloud SaaS apps such as Google Apps and Salesforce to reduce helpdesk costs associated with password resets. But there’s another good reason to centralize authentication in the enterprise: it lets you you perform two-factor strong authentication to enable secure access to these cloud applications. Strong authentication via hardware tokens has been used to secure internal app access for some time, but recent events have shown this method to have serious downsides. As the cloud, partners, and a remote workforce drive demand for access to sensitive applications outside the traditional firewall, clearly a more convenient, adaptive, and portable strong authentication model is required. The emergence of federated internet SSO and mobile-based software tokens provide a more powerful, flexible approach.

Visit us at HIMSS Healthcare IT Conference and Exhibition in Orlando February 20th-24th

Join us at HIMSS11 – Healthcare IT Conference and Exhibition and learn about the first purpose-built SOA integration appliance for healthcare.

The event is taking place Februay 20th – 24th at the Orange County Convention Center in Orlando, Florida.

We’ll be in booth #2963.

Intel^® SOA Expressway for Healthcare delivers best-in-class performance, open standards, and simplified security. It provides real-time, accelerated message processing, legacy connectors, and service enablement capabilities to power best-of-breed Health Information Exchange solution architectures for systems integrators, governments, health plans, and large providers.