Securing the Hybrid Enterprise
Web Single Sign-On (Web SSO)
One large scale study of password habits ((2007), A Large-Scale Study of Web Password Habits, International World Wide Web Conference; Dinei Florencio and Cormac Herley ) found that a typical web user has about 25 accounts that require passwords and types eight passwords per day. Web users face the burden of managing this increasing number of accounts and passwords, which leads to what is called password fatigue.
Courtesy of barnoid’s photostream (flickr)
At the same time, application access management is reported to be one
of the most important areas of cloud security and IAM ((2010),
Enterprise Single Sign-On: The Fast Lane To Identity And Access
Management; Forrester ). In the case of Single Sign-On (SSO), it is
necessary to enable users to securely sign-on to corporate applications
so passwords are no longer required.With web SSO, organizations with many SaaS applications provide the users with a seamless login experience without having to manage user accounts on the SaaS side. Examples of this include supplying a username and password from providers such as Yahoo or Google, or more sophisticated versions with OpenID, Microsoft Live ID or other services.
IT managers recognize that cloud applications can potentially fragment the identity systems they have been building, putting at risk the security of corporate information. At the same time, when users access webbased applications they face different login forms. These inconsistent and counter-intuitive user experiences impose significant cognitive burden on average web users.
The risk of using Web SSO is that one compromised account on an identity provider may result in breaches on all services that use this compromised identity for authentication. Phishing attacks during single sign-on processes are another security concern.
SSO in the private cloud
A private cloud presents the opportunity to meet both security and compliance requirements. Instead of accessing applications and data through the corporate firewall, businesses can embed the rules for application access and use at their own pace.
Single sign-on services provisioned and managed in a private cloud have the extraordinary benefits that can be extended to any device (desktops, laptops, mobile devices) from any place. End-users can use them whenever and wherever they may be – in the office, on the road or at home.
Private Cloud SSO provides access to corporate resources and applications from a custo
mized user interface,based on corporate identity and permissions granted by the Administrator. Employees’ identities become completely portable and there are no limits regarding what type of applications they can access within the corporate policy established.
The main benefits of Private cloud SSO are:
- Same user application Sign-On experience regardless of location and device
- Secure access to corporate applications, especially those hosted outside the firewall
- Easy administration and management
- Maximum flexibility
- Increased end-user productivity
- Cost efficiency: reduction in help-desk support
Today´s IT environment is rapidly evolving to a hybrid model. A large number of companies allow their end users and partners access to a mix of web-based applications, in-house and enterprise legacy applications. This complexity requires the need to implement an Enterprise Single Sign-on solution to cover all their applications.Securing access to cloud-based applications used inside and outside company boundaries has become a big challenge as cloud computing is rapidly adopted by small, medium and large companies. At the same time, the increased adoption of non-Windows platforms worldwide introduces a new requirement to provide enterprise class tools, like SSO for Mac and Linux users
Categories:
CLOUD COMPUTING,
CLOUD SECURITY
0 comments:
Post a Comment