Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Evaluating Cloud-Based ID Management Solutions: Page 2 of 2

The third option Is to go to federated credentials with the use of an external directory extender that makes enterprise credentials available to services outside the firewall. This is most commonly done through Security Assertion Markup Language (SAML) and OpenID protocols. This provides a robust and scalable approach that can match an organization’s governance and compliance needs, and provides a platform for single sign-on, but it’s a complex model to manage and organizations may find supporting SAML and OpenID difficult.

Finally, organizations can opt to hand over responsibility for identity over to a third party altogether and use an Identity as a Service (IDaaS) system. Administrators manage accounts through the IDaaS supplier, which serves as a single interface for adds, removals and changes, and the IDaaS supplier deals with the integration with cloud applications. IDaaS is the most flexible of the four options, and makes it easiest to ramp up multiple applications. But it brings with it the same challenges as many cloud-based services: if the identity manager goes down or is compromised, the organization and its users are down or compromised right along with it.

In building an identity management solution that uses parts or all of any or all of those four models, Cox recommends asking a variety of questions, factoring in the need for government and other regulatory requirements, the number of public cloud apps being used, the number and ability of development resources available, the need or desire for single sign-on capabilities, and more.

There is also the possibility of private cloud-based apps. He points out that integrating applications on your own cloud is necessarily simpler both because of easier and quicker integration capabilities on the infrastructure and application sides, and because there’s an inherently greater level of trust, since IT is in charge of the infrastructure, the application, and the network over which the application is accessed.

“Identity management with the private cloud is usually just a matter of extending your current identity management capabilities,” Cox says.

Learn more about 5 Steps to Building A Private Cloud by subscribing to Network Computing Pro Reports (free, registration required).