Federated Identities: Is Secure Ease-of-Access Keeping Up with Cloud Usage Patterns?

B. Ostergaard
B. Ostergaard

Summary Bullets:       

  • Business users are pushing companies into a multi-cloud environment.
  • The automated mechanisms for handling multi-cloud access securely are not yet in place.

It’s not just the European summer weather that’s cloudy; so too is the future IT paradigm.  In this emerging multi-cloud near-future, business users will want easy access to corporate cloud resources from their private cloud, as well as the ability to launch apps in a platform-as-a-service (PaaS) environment and the ability to access a variety of ever-changing external SaaS clouds.  Users would prefer not to have to log in to these clouds individually with different passwords and log-in procedures, which just results in people keeping lists of passwords on yellow stickers or Word files on their desktop computers, clearly breaching any corporate security policy.  Public cloud destinations such as Amazon mostly rely on user-centric passwords (i.e., not aligned with the password used for corporate data site access), and even if a cloud site such as Salesforce.com (SFDC) is linked to a specific corporate account, it will still not sync with the user’s corporate password.  If the company wants to make such cloud access easy and safe (and keep password lists off user desks), the solution lies in storing individual passwords in the company’s Active Directory (AD) and subscribing to a federated identity service that automates access to multiple clouds based on the user information in AD.  With a federated identity service, users get a single sign-on service that may be either single-factor or require two-factor authentication for access to sensitive data. Continue reading “Federated Identities: Is Secure Ease-of-Access Keeping Up with Cloud Usage Patterns?”