A few weeks ago Ping Identity’s CEO, Andre Durand, threw down a challenge to stop theproliferation of passwords across the enterprise to the cloud. As you know, the cloud presents a whole new set of challenges and concerns for IT and security personnel as they attempt to keep their networks secure with users connecting to the cloud. The problem is significant in that an administrator must manage user identities across enterprise and cloud apps and also try to limit the number of accounts that get created. It’s as if we’re experiencing the same proliferation of identities all over again like we saw many years ago with the rise of the enterprise network. Many years ago a user store with its own authentication mechanism was created for many applications on the network. Users had to juggle multiple passwords which soon became an impossible task and led to “sticky note” identity management with every user pasting sticky notes on their monitors to remember their passwords.
Something similar is occurring in the cloud with these applications also requiring a user name and password. Durand says delivering true Cloud Security “requires industry-wide collaboration on standards so that scale and loose coupling can be achieved”. Durand goes on to state that “Identity federation – a single, strong user password – must be at the center of this new era of Internet Identity Security. Our customers show us again and again that SSO is key to enabling the access, authorization, account management and audit capabilities necessary to ensure Cloud security and bring an end to password proliferation.” But, is federation the only answer? Federation, for most organizations brings back thoughts of difficult and challenging implementations that they have attempted or have heard about from others in the field. Single sign-on is certainly an approach to solving the enterprise to cloud identity dilemma, but it doesn’t address all the needs of an enterprise.