Identity Orchestration and Management
through Advanced Workflows
IdentityMaestro.com
Cloud and continuous change break the traditional identity
management model
The Cloud –
disrupting every industry and sector
Cloud services, system coexistence and Cloud adoption are
critical to customer growth.
Identity Maestro delivers Cloud adoption, simplicity and growth
across hybrid systems.
Global Cloud IAM adoption
32%
of IT leaders say lack of
resources & expertise is now
their #1 cloud challenge.
‘RIGHTSCALE’
63%
of IT leaders will be replacing 1 or
more IAM technologies within the
next 2 years.
64%
of CFOs reported that implementing
cloud technology would reduce
operational costs by up to 20%.
‘CLAIM VANTAGE’
‘GARTNER’
The chaos of managing identities
Data silos
Inefficiencies
Multiple systems
Upgrades
Consolidation
Migrations
Business disruption
Costly training
Lack of control
Customer support
Separate logins
IT inefficiencies
Marketing automation
CRM implementations
Staff outsourcing
Outsourced apps
Mobile apps
Security
Identity Maestro delivers a better and simpler way
to manage
hybrid identities
#IOMmadesimple
Why customers value Identity Maestro? Improved…
ROI
Simplicity
Agility
• Increase business efficiency
• Accelerate migration to the
cloud
• Reduce complexity
• Reduce personnel and IT costs
• Streamline business operations
• Service desk staff manage IAM
tasks
• Empower end-users with selfservice
• Simplify IAM and orchestration
tasks though automated workflow
• Single interface to manage all
systems
• Accelerate cloud adoption and
user satisfaction
• Supports federated identities
and SSO
• Hybrid Cloud made better and
simpler
Compliance
•
•
•
•
PCI
Sarbanes-Oxley
Governance Risk
Compliance (GRC)
ISO 27001
Extensibility
•
•
•
SaaS connectors
Support legacy business
applications
Manage multiple service and
business apps through
workflow - from a single
interface
Identity management requirements
Agility
Enable organizations to
adapt to change in the
competitive marketplace
Service Optimization
Enable IAM
program initiatives
Simplicity through Automation
Eliminate unnecessary complexity and manual
processes
Speed of Deployment
Deliver smooth employee
onboarding/offboarding
Zero-Day Start
Automate and standardize
zero-day start processes
Self-service Forms
Self-service vacation requests, forgot
password
and more
Identity Maestro – default Cloud connectors
Office 365
Azure AD
Skype for Business Online
Cloud Services
and Applications
Connectors
Exchange Online
Identity Maestro SDK for thirdparty solutions
Legacy systems and applications
Exchange 2016, 2013, 2010, 2007
ActiveDirectory
Open LDAP,
eDirectory
Identity Maestro SDK for
third-party solutions
(SAP, Oracle, PeopleSoft, ...)
Microsoft Terminal Services
Home Directory Servers
On-premises Applications and
Connections
Lync 2013, Skype for
Business 2015 Server
GroupWise 2014, 2012, 8
New Features
Manage Module
Enable + disable Lync 2013 Server and Skype for
Business 2015 Server
On-Premise users
Enable + disable Office 365 users
Audit Module
Full audit logging of Azure AD,
O365, GroupWise
Create Module
Profiles now use integrated workflows for user
creation as a background process
Create Azure and Office 365 users,
enable/disable mailboxes and
Skype For Business Online
Create AD users, enable Exchange
On-premises mailboxes and
Skype for Business Server
Create AD or eDirectory users with
GroupWise 2014 mailboxes
Create home folders in DFS
Includes advanced approval
and related workflow
Workflow Module
Includes default create workflows for target
systems
Includes default manage workflows to enable + disable
user accounts and mailboxes for target systems
Workflow Center provides updates to status of
workflow jobs
Flexible email notification services for approvals
and related workflows
Additional workflows can be customized by our
Professional Services Team
Identity Maestro – the new way of doing things
OLD WAY
NEW WAY
DEVELOPMENT
Custom code
SERVICE CONNECTORS
RESOURCES
Multiple management applications requiring
permissions
DELEGATED IAM
LINE OF BUSINESS
Building custom solutions to interface with legacy
applications
BUILT IN WORKFLOW & SERVICE INTEGRATION
SYSTEMS
Complex connections on
old systems
MANAGEMENT FABRIC
PLATFORM
Agile IT automation through workflows
Enable O365 users with
a few clicks
Onboarding 1500
employees in 2.5 hours
Automate departing
users and revoke
access
Speed of deployment,
security, simplicity,
immediate ROI
Reallocating valuable IT
resources to more
complex IT projects
Secure Delegation
Directory Systems
Azure AD:
Office 365 Exchange Online Mailboxes
Skype for Business Online
AD (On-Premise):
Lync Server 2013
Skype for Business Server 2015
eDirectory
Open LDAP
Email Systems
Office365
Microsoft Exchange 2013 –
2007
Novell GroupWise
and others ...
CRM Systems
Salesforce.com*
Dynamics CRM*
and others ...
* Identity Maestro remote agents and customization requried
LoB Applications
SAP*
Oracle*
PeopleSoft*
SQL applications*
HR Systems*
And others ...
Attack and Defense in a Hybrid IT World
Create
Manage
Provisioning
De-provisioning
SaaS Accounts
Licenses
Group Membership
Access Rights
Applications
Devices
Identity Sync
Self-service
Single Sign-On
Audit
Username
•••••••••••
Other
Directories
Windows Server
Active Directory
SaaS
Azure
Public
cloud
On-premises
Workflows
Microsoft Azure Active Directory
Office 365
Cloud SaaS
The evolution of Identity Maestro
Company kick-off
ISV Subsidiary of Omni Technology.
HQ Edmonton, Alberta, Canada
EMU
1999
2000
GroupWise and eDirectory
Management desktop application
2003
eControl 1.0
GroupWise and eDirectory
Web-based, "Zero Rights" delegated account management
Manage, Create, Self-service, Audit
eControl V2.5
2004
Added support for Active Directory
and MS Exchange 2003
2007
eControl V3.6
Added support for Exchange 2010
eControl V3.7
2010
eControl V3.6
2016
ServiceControl
Added support for Exchange 2010
2013
Added support for Exchange 2013, GroupWise 2014
eControl rebranded to
ServiceControl V4.0
Added Integrated and Advanced Workflows
as the new core architecture for the ServiceControl
platform, added support for Azure AD/Office 365,
Exchange Online, Skype for Business Online, Lync 2013,
Skype for Business 2015
2017
April
2017
Identity Maestro
ServiceControl rebranded to Identity Maestro
Where we’ve been
Website hosted on IIS
32-bit Remote Agent Service
SC Server
64-bit Remote Agent Service
Supported Server Platforms
Windows 2003 + 2008 – 32/64 bit
.NET 3.5.1+
eControl (r.3.6.3)
Target Systems
AD (On Premise) 2003+
Exchange 2003 – 2010 (On Prem)
eDir (On Prem) 8.5+
GroupWise 7.x to 2012 (On Prem)
Open LDAP
Create
Manage
Modules
Self Service
Audit Reporting
Administration
How we help customers today (1)
Supported Server Platforms & Core Requirements Windows Server 2016, 2012 (R2) x64 + .NET 4.5+
ServiceControl Web Portal (hosted on IIS)
32-bit & 64-bit Connection Agent Windows Services
SC Server
Installed Components
Azure AD Agent Web Application (hosted on IIS)
Workflow Engine
Workflow Engine Web Application (hosted on IIS)
Workflow Engine Monitor portal hosted on IIS
Default workflows for Create, Manage, Self-service tasks for supported target systems
AD (On-Premise) 2008+ Exchange 2016 – 2007
Lync Server 2013
Skype for Business Server 2015
Target Systems
Azure AD Office 365 Exchange Online Mailboxes Skype for Business Online
eDirectory, GroupWise 2014 to 8 - requires eDirectory & GroupWise clients installed
GroupWise 2014
ServiceControl (4.0)
GroupWise 2014 with AD
GroupWise 2014 with eDir
Open LDAP
How we help customers today (2)
AD + Azure AD + O365 Mailbox + Skype for Business Online
AD + Exchange 2007+ Lync 2013 accounts
Now uses legacy or new workflows
Create
eDir + Legacy GroupWise
AD + GroupWise 2014
eDir + GroupWise 2014
Modules
Supports non-workflow methods for third-party extensions
Manage
Uses standard or workflow-enabled tasks
User able to modify personal details and group memberships
Self-Service
Forgot password
Audit Reporting
Administration
Pricing (USD)
Corporate
$12/user
Government
$6/user
University
$2/user
K-12
$1/user
Includes all modules: manage, create,
self-service, audit, workflow.
Includes all modules: manage, create,
self-service, audit, workflow.
Includes all modules: manage, create,
self-service, audit, workflow.
Includes all modules: manage, create,
self-service, audit, workflow.
Customized Workflow
Add $12/user
Customized Workflow
Add $6/user
Customized Workflow
Add $2/user
Customized Workflow
Add $1/user
Pricing (EUR)
Corporate
Government
University
K-12
€12/user
€6/user
€2/user
€1/user
Includes: manage, create, self-service,
audit, workflow.
Includes: manage, create, self-service,
audit, workflow.
Includes: manage, create, self-service,
audit, workflow.
Includes: manage, create, self-service,
audit, workflow.
Customized Workflow
Add €12/user
Customized Workflow
Add €6/user
Customized Workflow
Add €2/user
Customized Workflow
Add €1/user
“A unified identity management solution that saves valuable administrator
time, reduces administration complexity and keeps all our systems and
modifications under control.”
Andreas Thiele, Assistant Director of Systems, Identity Management and Infrastructure
The University Hospital of Würzburg
“The return on investment was immediate. Tasks that would have
otherwise taken 30 minutes for a senior IT person to complete are done in
a couple of minutes by our service desk staff.”
Municipal IT Manager
The results were phenomenal. In a few short hours, we had created 3,500
user, home directory, and email accounts.
John Moreno, MIS Directory for PEDS
Pendergast Elementary School District
“Advanced audit capabilities and full logging of changes helped us pass our
last security audit.”
Nelson González Moreno, Director of IT Operations
Binaria for the CGE Group
How can we help you grow in the future
The next Identity Maestro development sprints start
June 12, 2017 and July 31, 2017. Identity Maestro’s future is 100% customer driven.
Which of the following will help you grow better and faster?
o New connections and remote agents for specific target systems
o New features/functions/options across specific systems
o License management options for additional systems
o New Workflows
o Others
Contact us
Don’t get left behind in the Cloud dust!
Build your future with Identity Maestro.
Contact us:
Aldo Zanoni, CEO
408.675.5020 ext. 232
[email protected]
www.servicecontrol.com