Software // Information Management
News
3/16/2012
01:30 PM
Connect Directly
RSS
E-Mail
50%
50%

Evaluating Cloud-Based ID Management Solutions

Identity management in enterprise applications is never easy, and moving to the cloud makes it even more complex. Here are some approaches to help you take control of the challenges.

12 Hadoop Vendors To Watch In 2012
12 Hadoop Vendors To Watch In 2012
(click image for larger view and for slideshow)

The process of managing identity for enterprise applications and services is challenging to begin with, but a lack of identity standards across cloud-based applications means that organizations looking to manage employee access to those applications will find it doubly difficult.

In the world of on-premise applications, identity management challenges were easily pushed aside, says Philip Cox, director of security and compliance at RightScale Inc. and author of a new InformationWeek report entitled How to Manage Identity in the Public Cloud. But once an organization sets its sights on cloud-based applications, those challenges take center stage.

Moving to the cloud adds new layers of complexity to the already challenging identity management issue. The more cloud applications a company uses, the greater the challenge, Cox says, because a lack of widely used single-sign-on systems means every application has to be managed independently. And just to throw an additional monkey wrench into the mix, many public cloud apps opt for individual, not organizational, identity management, making it harder for IT to stay in control of accounts.

And as cloud applications gain popularity in the enterprise, Cox doesn't see the landscape of challenges around identity management in the public cloud changing much over the next few years.

"Right now, it's a lot of heavy lifting because of the lack of maturity out there," he says. "You can do it, but it's not a trivial thing to do."

Because of that lack of maturity, many organizations will have to use a combination of identity management architectures for the time being, with four main approaches shaping enterprises' strategies.

The first and simplest approach is to simply use the identity management systems baked into public cloud applications. This is generally the fastest to deploy and the most commonly used approach today. Under this approach, all accounts are specific to each individual cloud-based app, with no common provisioning, deprovisioning, or password management tools across multiple applications. On the plus side, a compromised user account won't compromise more than the one cloud service. But most companies will end up having multiple credentials for multiple accounts across multiple cloud services, and users are likely to use the same credentials across multiple applications and services.

Read the rest of this article on Network Computing.

Security concerns give many companies pause as they consider migrating portions of their IT operations to cloud-based services. But you can stay safe in the cloud. In our Cloud Security report, we explain the risks and guide you in setting appropriate cloud security policies, processes, and controls. (Free registration required.)

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of October 26, 2014 and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.