Time For A Rethink: Managing Identity In A Cloudy World

Cloud Identity

Cloud computing delivers tremendous benefits to both companies and end-users alike. For example, a company can quickly deploy a lower cost, cloud-based storage solution that also makes it easier for employees to collaborate online. IDC predicts that spending on public IT cloud services will reach $47.4 billion worldwide this year, rising to more than $107 billion in 2017.

Line of business owners and end-users can choose their own applications easily, jumping on software-as-a-service apps from the likes of Google, Microsoft and Dropbox. However, this means they often ignore policies and bypass company security.

For line of business teams that implement cloud applications, security is often an afterthought. The reality of ‘Shadow IT’ – the use of applications and IT assets that the company does not control – is something that organisations have to address head on. Some 71% of respondents to a recent survey admitted that they are already using cloud applications that are not sanctioned by their internal IT departments.

The anxiety around this is understandable. More people using cloud apps means a dramatic increase in that traditional IT problem, the password. A company with 1,000 employees and 10 apps each is now managing or forcing their employees to manage 10,000 usernames and passwords. That’s also 10,000 points of entry for a hacker or disgruntled former employee.

When all company data existed internally behind the firewall, IT only had to manage access to the physical building and the PCs within it. If an employee left, their access card was taken away. In one swoop, they would no longer have access to company applications.

Today, users are bringing their own devices to work, while the data and applications available to them can be accessed from anywhere. Traditional approaches to security have lost their value. Without control over access, any disgruntled employee can get online, sign into a cloud application and download whatever data they find after they have left the company.

The solution it to change your viewpoint: stop thinking about the perimeter and focus on the user. Just as applications are moving over to the cloud, identity management solutions are doing the same. There are now cloud-based identity and access management systems that make it easy to provide secure single sign-on to public cloud applications as well as those behind the firewall.

Many SaaS vendors support SAML (Security Assertion Markup Language) which when combined with identity management makes it easier than ever to control access and eliminate passwords. SAML uses digital certificates to sign a user into an application.

Big players like Google and Salesforce have supported SAML for years, and most SaaS vendors either support it today or have it on their product roadmaps. This helps IT take back control of access for both custom web apps and commercial SaaS offerings.

Getting rid of all those passwords also helps eliminate the dreaded password reset help desk call. According to numerous surveys, these calls make up between 20 and 25 per cent of all help desk calls, so the saving here can be significant. Users will also be less frustrated as they won’t be locked out of their applications. Making it easier to access applications also increases the likelihood of those apps being adopted successfully by workers across the organisation.

Cloud computing offers compelling cost and productivity efficiencies across multiple dimensions, including security. After taking the plunge into your first SaaS applications, make sure you lock down user access with a cloud-based identity and access management solution. By addressing security issues head on you’ll be securing your corporate data and boosting worker productivity in one fell swoop.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone
Daniel Power

Dan Power is the EMEA Sales Director of OneLogin, a cloud identity and access management company. His role includes evangelising the potential for SaaS and cloud companies around SAML, as well as leading the company's growth efforts in Europe around cloud IAM. Dan has a wealth of experience around cloud computing, identity, security and asset management technologies. Prior to OneLogin, he worked at companies including KACE (prior to acquisition by Dell) and LANDesk.

  • Well it sounds good but don’t we all have multiple offline and online identities. I am a son, a father a brother etc. etc. I also have work based email and home based email, both in the cloud but they should never cross over. I think it will be a while before the discrete password per application disappears completely.