Identity Management in the Cloud

Identity management is a mature field with a number of solutions and players.

The advent of the cloud, though, has turned the market on its head. A new wave of cloud-based identity management players have emerged. These vendors are identity management in the cloud and for the cloud. The question that remains is will these innovative new approaches to identity management shake-up the market or will the old guard simply shake them off?

Identity management is a broad field encompassing the ability to securely access IT resources. That’s the goal of the field, but how that happens is a core part of how the field is categorized. There are solutions that store identities and then there are solutions that leverage those identities across the cloud and with remote IT resources. Even further still, there are solutions that verify that the user is who they say they are and also solutions that audit all of the people that access IT resources. It’s a complex field and becoming even more complex with the integration of the cloud into IT departments.

If we step back, the core categories in identity management in the Cloud are as follows:

  • Directory services – a new wave of directory services solution has recently emerged. These solutions are called Directory-as-a-Service®. They are cloud-based directories delivered on a SaaS business model. The core benefit of these solutions is that they connect virtually all of an IT organization’s resources whether those IT resources are in the cloud or on-premise. Further, because the solution is delivered as a service, the heavy lifting and costly resources expended installing, running, and maintaining a directory are gone.
  • Directory extension solutions – there are a number of solutions that extend existing on-premise directories to cloud resources. These directory extensions are a step towards identity management in the cloud, but the core identity provider, the directory, is still on-premise.
  • Single Sign-on (SSO) – many SSO solutions are in the cloud. They too generally need to connect back to a core user store, but their goal is to provide easy access to cloud-based applications – mainly SaaS-solutions.
  • Multi-factor authentication (MFA) – while it is tough to say that these MFA solutions are “in the cloud” they clearly are making an impact on cloud-based services. With Google Authenticator as a leading solution being integrated by cloud-based applications and infrastructure, this is a core part of the cloud identity management market.
  • Governance – as more auditing is required from an increasing number of regulations many of these governance solutions are based in the cloud. They are ingesting data sources, processing in the cloud, and then allowing Web-based review and analysis by IT admins.

The changing landscape of IT services is dictating a change in the identity management field. With more core IT services moving to the cloud, how Identity and Access management solutions deal with that is critical. Web-based applications have spawned an exciting category of Single Sign-On solutions. Cloud-based infrastructure is driving a new wave of directory extension solutions. Google’s corporate GMail, and multiple devices types along with cloud computing are driving a new directory services architecture.

While legacy identity management solutions may already be in place in organizations, the drive to leverage new and innovative IT solutions will dictate a shift in identity management from the cloud and for the cloud.