2. Rapid & Personal Impact…
Why do we need system integration?
•First off, you can begin using the application
without it.
•Manual data entry is:
•Expensive
•Inaccurate
•Delayed
3. Rapid & Personal Impact…
Topics
- Single Sign on Overview – SAML
2.0
- Data Integration Process
- Single Sign On Integration Process
- Recent Updates & Upcoming
Releases
- Wrap Up
4. Rapid & Personal Impact…
Single Sign On Benefits
Security
• Less temptation to write down password
• Easily enforce a single company wide
password policy (Controlled by client)
• 3rd party applications never receive network
passwords
• Suspended users are suspended in all
applications as soon as Active Directory is
updated
Productivity
• Less forgotten passwords mean less
downtime
• Lower helpdesk costs
• More reliable access to systems
5. Some Alarming Facts
• Almost half of respondents say they never use
special characters (e.g. ! ? & #) in passwords.
• 64% of users have written down their password at
least once in the last year.
• The average number of passwords per person is
17, with 8.5 work accounts.
• A helpdesk call for a password reset can cost as
much as $25-75 per incident
• On average 17.2% of helpdesk calls are for
password resets. Cox Communications stated it’s
20%
http://passwordresearch.com/
6. Let’s Act Out SAML 2.0
If you’re interested in volunteering,
please act like you’re hiding so that I
know you have good acting skills.
7. Step 1 – The Browser Request
End user attempts to access the
Comply365 system to view a document
8. Step 2 – Redirect to Identity Provider
End user is redirected to 3rd party
system to enter username and
password.
9. Step 3 – User enters credentials
End user is given a prompt to
login with username and
password.
10. Step 4 – Validation and Redirect
Users credentials are validated
and then the identity provider tells
the user to go back to the
Comply365 application and give it
the identity response
11. Step 5 – Access Granted!
End user gives response to the
Comply365 application and is
given access.
12. Rapid & Personal Impact…
Integration Process
Overview
“The first rule of any technology used in
a business is that automation applied to
an efficient operation will magnify the
efficiency. The second is that
automation applied to an inefficient
operation will magnify the inefficiency.”
- Bill Gates
13. Rapid & Personal Impact…
What can the agent synchronize?
•User Information
•Group Information
•Department Information
•User to Group Linking
•User to Department Linking
14. Rapid & Personal Impact…
Data Integration Steps
Data Discovery
• What data is available?
• Is data in multiple databases?
• Is data in Active Directory?
• What data is relevant?
• Human Resources Data
• Operational Data
Setting Up Data Access
• Request a database with only information
relevant to our agent
• OR request a user with AD access
• No VPN access to network
• Integrate directly with the database, no flat
files laying around
• Agent only requires port 443 access
Implementation and Testing
• We test your agent with a copy of your
database in our testing environment
• We then provide you with our Agent and ask
that you install it in your test environment
• After test environment is stable and validation
testing has taken place, we assist you
installing our agent in your production
environment
15. Rapid & Personal Impact…
Single Sign On Integration (SAML 2.0)
• Users must be in your Comply365 instance before SSO is
implemented
• Comply365 and Client trade SSL certificates to establish trust
• Client configures login/landing page on their identity provider service
• Single Sign On configuration meeting is scheduled
• Comply365 adjusts sign in method during scheduled meeting.
• Client provides testers during meeting to validate SSO is successful
on both web and mobile devices.
17. Rapid & Personal Impact…
Unified Agent
• Single code base for all existing agents
• Improved transaction logging
• Rapid delivery of enhancements or bug fixes
• Enhances stability
• Works with almost any database provider or
Active Directory
Parallel Processing
• Speed enhancements, >60% reduction
in processing time
• Allows more frequent refreshes to
maintain current data
API
• Application Programming Interface
• B2B rollout nearing completion
• Allows other applications to gather and
update data within Comply365 application
18. A few simple favors…
• If we haven’t met-- Introduce yourself!
• API ideas? Let us know!
• 3rd party software integration idea? Speak up!
19. Questions?
“Don't Make Assumptions. Find the courage to ask
questions and to express what you really want.
Communicate with others as clearly as you can to
avoid misunderstandings, sadness and drama. With
just this one agreement, you can completely transform
your life.”
- Miguel Angel Ruiz
Hinweis der Redaktion
Get through this slide quick, just give an overview of what we’re covering.
Mention that I’ve seen applications write passwords out to the log file.
OK, I need 3 volunteers from the audience.
Shannon from JetBlue will play the user (I’ve already asked her and briefed her since it’s the most moving acting role
Need 2 more who volunteer. (Amy Escanaze?, Michela Green)
- Shannon will walk over to the person acting as Comply365 app and ask to enter the site.
Comply365 app actor will tell Shannon sorry, they don’t know who she is, please have your identity validated by the Identity Provider. Shannon will walk over to the identity provider, who will ask her to whisper her name/pw securely to them. They then write her name and access level on a white board and seal it I the briefcase
Mention pre established trust
Shannon whispers login/pw, or at least pretends to.
Identify provider actor says we’ve validated your login, take this encoded message to the comply365 application and it will let you in. I’ll have the application person have a key to a lock which will be on the bag handle and use that to open ot to show that it’s encrypted.
Someone from JetBlue will interrupt with a bag that ISN’T locked an try to “fake” a validation. Comply app will ask who he is, and he hands the bag. Comply app will reject it saying it’s not locked with a lock that it recognizes. Once we demo that, we’ll pick up with Shannon who gives a locked bag to the Comply app.
For this slide, I’d like to read the quote, explain that I chose it because we’re really here to help you iron out any bad processes during the roll out and not mimic existing infrastructure.
Quickly read through these, add lib a bit, but keep it short.
Not a ton to discuss on this page– just hit the bullet points and move on….
Read through quickly, we’ll give more detail on later slides….
Hit all bullet points and elaborate slightly.
Quick comment that I’d appreciate anyone introducing themselves as I love putting a face to a name. For the API, elaborate a bit on ideas, use the NJCTL payment based Comply365 system as an example of what can be done.