Have you ever tried to do single sign-on on-premises? IT has to install the single sign-on tool hook to all users, usually through a directory technology such as LDAP or Microsoft Active Directory, find the apps users access, then set up the identity and password and link them to all these apps and services. A good cloud service, having no infrastructure to create and maintain, and being offered by a company with single sign-on experiences, moves the whole thing from being a bear to a breeze.
The same is true for federated identity management. Here IT has to set up good directory-based identity management for their own shop, and often using meta directories, tie this to partner and customer identities.
Both of these techniques fall under the identity and access management (IAM) umbrella, an overall industry just ripe for the cloud or so says research company Ovum. In fact there are now two IaaSs, the well-known infrastructure as a service and the lesser talked about Identity as a Service.
“The increasing use of cloud-based services is driving the need for better and more interactive single sign-on (SSO) and federated identity management (FIM) facilities. For the foreseeable future, organizations will continue to make use of a mixed range of on-premise, hosted and cloud-based systems and services,” said Andrew Kellett, principal analyst for IT security solutions.
This move to the cloud is already happening, opening the doors for new players and forcing traditionalists to adapt.
And the fact that end users and departments are moving the cloud under ITs nose, so-called shadow IT, makes the need for stronger identity management all the more pressing. “The issue when working with locally sourced services involves what is becoming commonly known as ‘shadow IT,’” said Kellett. “In some organizations ‘shadow IT sprawl’ is already presenting significant infrastructure, control and security problems. This is because services are often open at the point of delivery, and can allow anyone to sign up and create identities and passwords, while utilizing information systems that the organization does not control.”
Forrester’s IAM Vendor Analysis
Last year, Forrester looked at six vendors in “The Forrester Wave: Enterprise Cloud Identity and Access Management (IAM), Q3 2012” report. Covisint was a leader, along with Okta and Symplified.
“Covisint is perhaps the oldest of all cloud IAM services. It began as Covisint’s Trusted Broker Network to offer IAM for the automotive industry. The company has now moved into other verticals such as healthcare, energy and travel,” Forrester wrote. “Of all companies included in this Forrester Wave, Covisint has been in the market the longest (more than 10 years), has repeatable services, and offers a federation protocol converter. It is the strongest player in identity management and attestation, has extensive strong authentication capabilities, and provides consumer identity management for all OnStar customers as part of the OnStar Connected Vehicle Platform.”
Identity and Access Management (IAM) is a hot area for MSPs and other service providers. For one, clients have to safely access the services. For two, these functions are ideal for outsourcing as a dedicated and expert service provider can arguably do a better job managing access than IT itself.
Meanwhile, in a program announced last month, Covisint is allowing partners to exploit its white label IAM service.
Edited by
Alisen Downey
