We have to manage the identities of our employees at multiple SaaS providers. We can't say that this employee has terminated and automatically shut him off from all the systems he has access to.Wakeman has hit the nail on the head. SaaS will only complicate security, audit and compliance if it doesn't effectively address identity management. As he points out, supporting federated identity management would go a long way to addressing those issues...
N.B. The online article, for whatever reason, totally omits the question that lead to this quote: "Is security an issue?". This is the second question in the print edition that appears on page 21 of the January 1, 2009 "Forecast 2009" issue of ComputerWorld.
Technorati Tags:
identity management, federation, SaaS
2 comments:
Jackson,
Am sure you are aware of the upcoming concept of 'identity as a service', which aims at providing federated identity management. Its nothing but taking your favorite 'directory' to the cloud. As an enterprise I may subscribe to various services, all of whom outsource identity management to a single identity management service provider.
Also, as a hack, there are a few services which even provide Active Directory authentication for their customers (AD resides in the enterprise and a local agent or proxy coordinates with the service) ! They provide many different flavors of that as well. For enterprise services, this may become a practical solution (subscribe to only services that support this).
Well, we now have to accept SaaS and do our bit to overcomes the hurdles and not try to find 'that one thing' which will be an impediment to the movement to SaaS.
My 2 cents.
Regards,
Rajesh
Microsoft recently announced its big push in SaaS with Microsoft Online Services. In this buzz driven discussion of life in the cloud, there is limited discussion of identity management.
Thanks,
Amanda
my site
Post a Comment