Creates Single-Sign-On Cloud - InformationWeek
Cloud // Platform as a Service
09:51 AM
Connect Directly
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>> Creates Single-Sign-On Cloud

Salesforce Identity service connects users to Web and mobile apps through the vendor's cloud platform. But does it fit with Active Directory?

Plenty of businesses rely on Active Directory and other LDAP-based directory services to manage employee access to applications and servers behind the corporate firewall. But how are they managing the chaos brought on by the cloud and BYOD movements, with Web-based and mobile-enabled apps ranging from Gmail and Box to Concur, Workday and Office 365? on Tuesday announced the general availability of Salesforce Identity, the identity management service it announced more than a year ago at Dreamforce 2012. The extended beta period was used to consult with customers and test the services at scale, with at least 70% of customers already using aspects of the service such as Mobile Identity, according to Chuck Mortimer, a Salesforce VP of product management.

"It's not as straightforward as a beta because we've opened up a series of platform services that we already use for all of our customers," Mortimer explained in a phone interview with InformationWeek. "With Mobile Identity, for example, we've used that to deliver our own mobile applications, and we're extending that now to any application that wants to plug into our app ecosystem."

Salesforce Identity extends to third-party Web and mobile apps the consistent, platform-based identity services Salesforce customers are used to as the gateway to more than 1,900 AppExchange apps. Customers wanted the ease and convenience of Salesforce's single-sign-on access controls extended to a wider universe of unsupported apps and resources brought on by the cloud, shadow IT and mobility trends, Mortimer said.

[ Want to learn more about Salesforce cloud partnerships? Read Announces Second 'Best' Friend: Workday. ]

Salesforce Identity is not designed for client-server apps and is not intended to be a replacement for Microsoft Active Directory and similar products. Rather, Salesforce says a connector lets you take advantage of the identities, roles and access privileges set up in LDAP directories and extend them to cloud and mobile apps through Salesforce Identity.

Salesforce did not release a formal list of supported apps, but it said Identity relies on open standards including SAML (Security Assertion Markup Language), OAuth, OpenID Connect and SCIM (System for Cross-domain Identity Management) that will enable the service to be extended and customized via open APIs.

The Identity service presents a single management console (familiar to Salesforce administrators) through which admins can provision cloud-based services, custom or packed mobile apps and even Web-based apps deployed on-premises. Employees then log in once and gain access to otherwise disparate collections of apps such as ADP, Dropbox, SugarCRM and Zendesk as well as everything on the Salesforce platform.

The Identity console can be used to set higher-level access controls for certain apps, such as two-factor authentication. And when employees leave a company, a Freeze button lets administrators lock users out of all apps immediately.

Basic Salesforce Identity services are free for Enterprise and Unlimited Edition licensed users of Salesforce Sales, Service and Marketing cloud services. The catch is that that does not include the connector to existing identity directories, which adds are charge of $1 per user, per month. Lower-level subscribers and employees who do not use Salesforce applications can use the service at $5 per user, per month.

The service includes a brandable log-in page and App Launcher portal from which companies can present managed, single-sign-on apps.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll