Simple but Strong: Why IdM (done right) is a No-Brainer

For the latest proof that passwords are passé, just look at the 4Chan nude celebrity photo uproar.

Allegedly hacked from online storage services such as iCloud, intimate photos of stars including actress Jennifer Lawrence and model Kate Upton were posted anonymously on the 4Chan website.

Apple protests that its iCloud systems weren’t compromised, suggesting that hackers managed to gain illegal access by figuring out passwords and the answers to personal security questions. That sounds like a compromise to me.

This brings us to the nub of the problem of basing protection on passwords – using a password that is readily memorable means it is also more easily hackable. When we require dozens, if not hundreds, of passwords to protect our identities online, the questionable effectiveness of passwords becomes completely degraded.

As I’ve written previously, the obvious solution is to get rid of most passwords. We’ve known how to do this for a long time through Identity Management (IdM), using Single Sign-On (SSO) technologies such as SAML, openId or oAuth so users can greatly reduce the number of passwords they need to manage.

The great news is that companies such as Centrify and its partner Samsung are now democratizing IdM so it is both accessible and affordable for virtually anyone who goes online. For more details about Samsung’s latest offerings, visit www.samsungknox.com.

At the heart of these IdM services is Centrify’s Identity-as-a-Service (IDaaS) platform. IDaaS provides SSO for the cloud through an authentication infrastructure that ends password sprawl and secures your online services and mobile apps. According to Gartner, IDaaS functionality includes:

  • Identity governance and administration, with the ability to provision identities held by the service to target applications
  • Access, comprising user authentication, Single Sign-On, and authorization enforcement
  • Intelligence, such as logging events to report on who accessed what and when

Of benefit to both organizations and individuals, IDaaS is much simpler to use than relying on multiple rotating passwords and is a much stronger defense for keeping your online identity secure.

The beauty of IDaaS is its simplicity: For the organization, it requires no additional infrastructure, no new tools, and no extra servers or devices. For the individual, it provides high levels of online protection without requiring mnemonic gymnastics.

The reason for this ease-of-use is that IDaaS eschews the legacy approach of securing devices, networks and services to focus on IdM – securing the identity of individual users, who can be aggregated into groups of various privileges for access to resources. IDaaS provides a single location where an administrator can add, modify and remove user accounts. So, for example, if a new salesperson joins your company, they are placed in the ‘Sales’ group, automatically giving them access to the sales system as well as the expense, benefits and payroll systems. Likewise, when they leave, they are removed from that group, effectively terminating any employee privileges.

IDaaS can also control logons and policies for laptops, tablets and smartphones, so employees log into those devices in defined ways to access applications and data.

During the past two years, Centrify has established itself as a global leader in IDaaS by leveraging more than a decade of IdM expertise with enterprise-level Active Directory-based Federated Identity services. This month’s announcement of an enhanced partnership with Samsung, embedding Centrify’s IDaaS technology in the Samsung KNOX offering, provides a highly credible validation of our expertise.

Centrify is so confident in the simplicity and strength of our IDaaS offering that we invite you to try it out for yourself at http://www.centrify.com/saas/trial.asp.

We believe trying before you buy will convince you that IdM, done right, really is a no-brainer.