Sure, there are lots of standard authentication mechanisms coming out these days (eg: OAuth and OpenID) to enable the idea of one sign-on to multiple services in the cloud. But they won't do businesses and enterprises a lot of good unless (1) they can be centrally managed in directory service fashion and (2) an enterprise's complete portfolio of cloud apps is supported by one or the other SSO scheme.
Not a big deal you say? Think again. The benefit of a directory service is that IT managers can grant or revoke access to a collection of resources in one fell swoop to an individual user, or to groups of users. If Mary in accounting needs access to the same five resources that the rest of accounting uses, she only needs to be added to the accounting group in the central directory service, which in turn should have already been enabled for those five resources. This sort of management is infinitely better and more scalable than managing each user's access to each resource, one at a time.
Whereas many companies have a directory service in place for resources on the local area network (often Microsoft's Active Directory), the rising tide of cloud-based services still remains an outlier. Access to popular services such as Salesforce.com are almost always managed separately from other cloud-based services.
At Cloud Connect, the folks from Okta showed me how they're trying to do for the cloud what Active Directory does for the local area network. Okta even integrates with Active Directory.
Here's the video:
David Berlind is the chief content officer of TechWeb and editor-in-chief of TechWeb.com. He can be reached at [email protected] and you also can find him on Twitter and other social networks (see the list below).
My Facebook Page
Del.icio.us (dberlind )
Me on LinkedIn
Google Profile (David.Berlind)