I(AM) in the cloud, and you can too

Kolby Dauler
20 Oct 2017
16:50 - 17:40
CTRL room

I(AM) in the cloud, and you can too

This presentation is for nimble startups as well as corporate conglomerates who are seeking a success story around revamping legacy IAM practices. IAM has been a difficult technology to implement in even traditional IT and enterprise environments. When it comes to Cloud and migrating to Cloud, IAM requires a completely different approach.

Success of our implementation required cross-functional collaboration (security, cloud operations, and product teams) to build a stakeholder focused, secure, and cloud scale solution. Using a combination of native AWS IAM, Microsoft Active Directory Services, Hashicorp Vault, and a home grown serverless IAM management engine, our solution addresses multiple pain points ranging from secret management, key exchange, session management (for operations) to single sign on (SSO) in a single, auditable, management solution. The solution enabled transformation of applications from traditional data center environment to AWS cloud in a secure and scalable manner. It also enabled Autodesk to achieve multiple security certifications including SSAE-16 SOC 2 – something that is accepted by enterprise customers across the globe as the de-facto standard for security practices.

Attendees will learn and walk away with concepts regarding AWS IAM, Microsoft ADS, Hashicorp Vault and their implementation challenges for global scalable applications. While the talk will focus on technical details, cultural lessons learned played a major roll in the implementation of this solution and will be included in the talk.