Today Centrify announced a new cloud-based offering that lets organizations centrally secure and control access to their increasing deployments of Software-as-a-Service (SaaS) apps and other cloud services, while also giving end users much needed single sign-on to address the password sprawl associated with these new technologies. Instead of going into the details of this announcement, I wanted to use this blog post to provide some thoughts on the challenges enterprises are facing as they embrace both cloud and mobile vis a vis identity. I will sprinkle in some high-level information about our new offering as it relates these challenges, but save the details for future posts.
As we all know, organizations of all sizes are adopting mobile devices and cloud-based applications (Software-as-a-Service aka “SaaS”) in order to reduce costs, shorten time to market and further business agility and productivity across their distributed workforce. The net effect is that a significant amount of an organization’s IT resources are increasingly located outside an organization’s data center(s) and network. Analysts often call this trend “the disappearing perimeter” or the “re-perimeterization of IT.”
In addition, there is a growing trend of end users’ devices not actually being owned by their employer but by the users themselves. This is typically known as the “Bring Your Own Device” phenomena or “BYOD.” Furthermore, the growth of multi-tenanted SaaS platforms means that more and more back-end applications accessed by users are increasingly not owned or licensed by the IT organization but rented on a subscription basis by the user’s department, or, in the case of file sharing sites, by the end users themselves. The end result of this rapid adoption of cloud and mobile platforms is that not only are more IT resources physically moving outside the firewall but are also outside the visibility, management and even ownership of the IT organization.
Regardless of where the devices and applications reside, and who owns them, IT organizations still require controls over these resources that are accessing and/or storing corporate data consistent with security and compliance best practices. One key aspect of these controls is that IT organization must manage users’ digital identities and the corresponding roles and rights those identities have across mobile devices, servers and applications — i.e. IT still must manage who can access what business systems — even though they no longer own the endpoints or back-end resources.
Managing identity is hard to do in a traditional data center comprised of heterogeneous systems and applications. Over the last 8 years Centrify has built a nice business addressing this challenge. But now throw into this mix the additional identity silos introduced with new cloud and mobile platforms, and it becomes even more difficult to ensure critical IT compliance and security tasks such as de-provisioning user access, running compliance reports and managing privileged user access are easily and fully implemented.
Another significant challenge arising from the adoption of cloud and mobile platforms is the increasing burden on end users to keep up with all the URLs and passwords they need to remember to do their jobs. Having a plethora of logins with differing password strengths, the frequent re-use of passwords, etc. clearly leads to security and risk issues. Having additional logins also leads to additional burdens (and costs) on the helpdesk regarding lost or forgotten passwords. At the same time end users are demanding ease-of-use and self-service to applications from their preferred computers, tablets and smartphones that may stretch what IT can deliver.
Clearly identity sits at the intersection of cloud, mobile and each organization’s compliance and risk requirements. Thus one of the biggest challenges of any organization is how can they manage their users’ identities to optimize user productivity, IT efficiency and compliance across data center, cloud and mobile?
Centrify sees this significant challenge as one that can in fact be addressed in a comprehensive and cost-effective manner where IT organizations can truly do more with less. Today’s announcement is a big huge step in helping address this challenge. With this new offering Centrify is now delivering a set of unified identity services that centrally manage identities across data center, cloud and mobile to optimize cost, agility and security. Our identity services include integrated authentication, access control, privilege management, policy enforcement and compliance. This results in one single login for users and one seamless identity infrastructure.
Key to Centrify comprehensively addressing this fundamental challenge is our approach of letting organizations leverage an existing identity infrastructure they already own — Microsoft Active Directory — to centrally manage identities across on-premise and cloud resources well as mobile devices. This means IT does not have to sacrifice control of corporate identities and can leverage existing technology, skillsets and processes already established to take advantage of innovations occurring outside the perimeter while also enabling productivity and secure access for their user-centric mobile workforce. With more than 4,500 customers including small businesses to the largest enterprise organizations, Centrify is a proven solution deployed on millions of server, application and mobile device resources.
We encourage you to check out Centrify’s unified identity services across data center, cloud and mobile for yourself. You will love the results — one single login for users and one unified identity infrastructure for IT. Go to our product page for Centrify for SaaS to learn more details.