Managing a single cloud service is challenging for service providers, not to mention multiple cloud services. But many companies are working on multiple cloud strategies that seem to conflict with the customer's uncomplicated and bulletproof security strategy. The customer requires single sign-on (SSO) functionality, but the provider and customer must ask themselves whether the convenience of cloud SSO is worthwhile for their potential security letter.
Cloud providers say they now face a daunting challenge: they must push end users and IT managers to use multiple sign-on to maintain security, or they must find out how to secure federated cloud authentication, protect data, and meet compliance.
"There are two sides to everything," said Adam Stern, president and system engineer of infinitely virtual, the Los Angeles cloud provider. "On the one hand, multiple sign-on for each end-user is annoying and IT security is it: when you have to ban a user, how many places do you have to manage a user's account?"
Cloud SSO demand is growing fast?
Security Cloud SSO functional requirements are not surprise to vendors, but some argue that demand growth is becoming more and more urgent as usage increases. "This has been a problem for some time, but as the average end-user consumer service volume has increased," Stern said.
According to a recent Microsoft survey of 3,000 SMA, the three-percent enterprise is already a cloud user, each using the cloud small and medium enterprise (SMB) in 2011 to use an average of four cloud services. In the future years, each SMB enterprise expects the average number of cloud services to be expected to reach six.
A variety of cloud services that assist in the business management and security of an account are becoming a competitive advantage, as described by a number of service providers that have already embarked on this issue.
Management Service Provider (MSP) Alvaka NX Company has developed a single management portal to help clients evade the problem, according to Oli Thordarson, who is the founder and CEO of the company. Through this cloud SSO portal, the customer receives a login, which ensures security and access to the user behind the scenes. "Customers don't have to manage six logins," Thordarson said. "We do claim that this is an advantage because not everyone has a customer-facing portal that can handle all of these applications and technologies." ”
Convenience is not the only driver of SSO. Another challenge for vendors is that many users with cloud services do not coordinate with their IT teams. Ultimately, it is difficult or impossible for a vendor to create a single or federated login process to accommodate the company's many cloud applications without a centralized control point. "Distance is annoying or wasteful, and not everyone uses the same rules for certification," Stern introduced.
Cloud single sign-on: Mature service Opportunities
This confusion favours MSP and value-added retailer (VAR), as they are able to use their skills for joint certification management and the performance of SSO products to their advantage, while in the past two years it has become easier to provide federated access to applications through the Cloud SSO feature. The first step is to help business people choose cloud Services, which complements the joint view. By assisting the company IT team in developing proactive security policies, this security strategy should be considered in the new cloud application assessment.
Whenever possible, service providers should also steer customers away from services that cannot be combined, Saurabh Verma, director of Global Services Shishou acumen solution. There are two reasons for this: not only does federation allow cloud services to better interact with supplemental products, but it also enables customers ' existing infrastructures to be more easily integrated with these services. "People have begun to think carefully about the security architecture within the enterprise, and the cloud needs to be considered in such an environment," Verma said.
One way in which Var and MSP can quickly handle SSO problems is to collaborate with vendors that have already built consolidation in their products, Mike Gold, who is the president of Intermedia, a California service provider.
Intermedia uses the application interface (API) to enhance the user's login experience, which consolidates the cloud applications of the Management Service platform. "From the perspective of IT managers, at the end of the day, their job is to maintain a safe, always available environment, and employees ' efficiency," Gold said.
There are two emerging standard cloud SSO that are easier to implement: Security Declaration Markup Language (SAML), an xml-based open standard, evolved from the Oasis Security Services Technical Committee; OpenID is an open-source approach to identifying management, used by many big-story companies, like Facebook, Google and Microsoft, Network Granville.
There are also specific tools to ensure secure cloud services, including CipherCloud, a service that embraces salesforce.com ecosystems and Amazon Web services; Intel Expressway Cloud Access 360:identity Federation provides a dual authentication of integrated cloud services; Ping Identity provides joint administration to ensure secure single sign-on.
"All the tools on the market are trying to go to the standard SaaS (software as Service) authentication mode," Verma.
(Responsible editor: The good of the Legacy)