A few years ago, no one was sure business operations should be run from the cloud, and enterprise organizations spent significant time and money making sure applications were safe and sound and securely locked down in their on-premises environments. The mere notion of turning them over to an outside cloud service provider sparked fears for the security and privacy of corporate data. On-premises access control was relatively easy, but business apps stored in the cloud relied on the provider’s security policies, which may or may not have been as good as what the organization could provide on-premises.
Today, the reliability of cloud providers has increased, and businesses are confident that their applications will be kept running and business continuity will be maintained. Organizations are beginning to recognize the benefits of running important applications in the cloud and no longer have to handle a multitude of physical boxes, while someone else reliably manages, updates and maintains their applications.
Upon moving to the cloud, IT runs into management and control issues they previously solved through time and expense of on-premises infrastructure and software. One critical area where companies spend money is enabling IT to gain more efficiency in managing the identities of everyone who needs access to corporate resources. Cloud providers, however, may have their own identity infrastructures. Traditionally, corporate IT could control access and identities when everything was managed on-premises but, having placed company data is in the cloud, the level and complexity of control IT has is determined by the cloud provider’s rules. Further complicating this is the fact that employees, partners and customers use a variety of different devices to access corporate data, both in the cloud and internally.
Making the choice to move applications to the cloud is an important, money-saving move. By initiating a new cost, users need multiple passwords to access different applications in the cloud, in addition to those they already have for accessing on-premises apps. Organizations expect to have the same type of user and IT efficiency, as well as security that they had with its solely on-premises infrastructure. Users need new identities to access cloud apps, IT needs to create them, and security officers worry that applications running in the cloud are being accessed by usernames and passwords that can easily be compromised.
To solve all of these issues, organizations need single sign-on to corral access to all of an organization’s cloud-based apps. But, even if an organization decides to host every single business app in the cloud, it can’t be accomplished overnight – it’s a process. Down the road, it is likely that enterprises will have more apps running in the cloud than they do today; it’s also reasonable to expect they will still maintain some on-premises pieces that are intended to continue to run internally.
Single sign-on will allow businesses of any size to have secure, browser-based access to cloud apps of any type – Google (News - Alert) apps, Office 365, in-house developed apps, or commercial off-the-shelf apps. By doing so, organizations will enable enhanced security and IT efficiency, keep users productive, and help IT meet the expectations of the business.
Edited by Maurice Nagle