Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Evaluating Cloud-Based ID Management Solutions

The process of managing identity for enterprise applications and services is hard to begin with, but a lack of identity standards across cloud-based applications means that organizations looking to manage employee access to those applications will find it doubly hard.

In the world of on-premise applications, identity management challenges were easily pushed aside, argues Philip Cox, director of security and compliance at RightScale Inc., and author of a new InformationWeek report entitled How to Manage Identity in the Public Cloud. But once an organization sets its sights on cloud-based applications, those challenges take center stage.

Moving to the cloud adds new layers of complexity to the already challenging identity management issue. The more cloud applications a company uses, the greater the challenge, Cox says, because a lack of widely-used single sign-on systems means every application has to be managed independently. And just to throw an additional monkey wrench into the mix, many public cloud apps opt for individual, and not organizational, identity management, making it harder for IT to stay in control of accounts.

And while cloud applications gain popularity in the enterprise, Cox doesn’t see the landscape of challenges around identity management in the public cloud changing much over the next few years

“Right now, it’s a lot of heavy lifting because of the lack of maturity out there,” he says. “You can do it, but it’s not a trivial thing to do.”

Because of that lack of maturity, many organizations will have to use a combination of identity management architectures for the time being, with four main approaches shaping enterprises’ strategies.

The first and simplest approach is to simply use the identity management systems baked in to public cloud applications. Under this approach, all accounts are specific to each individual cloud-based app, with no common provisioning, deprovisioning or password management tools across multiple applications. On the plus side, a compromised user account won’t compromise more than the one cloud service, and this approach is generally the fastest to deploy and the most commonly-used approach today. But most companies will end up having multiple credentials for multiple accounts across multiple cloud services, and users are likely to use the same credentials across multiple applications and services.

The second option is to synchronize cloud identities with the enterprise identity management system, such as Active Directory. Under this approach, cloud services still have separate and distinct accounts, but they are centrally managed and propagated to various services. This allows organizations to keep using familiar identity management workflows and processes, and creates a single point of administration for accounts. But a single point of administration is also a single point of failure, and writing connectors between the enterprise directory and cloud services, and keeping those connectors current over time, poses a significant challenge.

Page:  1 | 2  | Next Page »

Related Reading

More Insights

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013

TechWeb Careers