Thanks to consumerization and the cloud, one of IT’s biggest challenges today is how to maintain control over end users. New approaches to identity management and application delivery give administrators a way to regain some power.
Identity as a Service (IDaaS) platforms can deliver legacy and Web applications to end users through a secure portal while offering IT a way to control which employees access which corporate resources and where.
Some IT pros say that the combination of identity management and application delivery could signal the next era of IT management.
By 2013, one in five identity access purchases will be a cloud service, according to Gartner, Inc. But IDaaS is in its infancy and only makes sense if it’s part of a business’ overall strategy for the future, said Gregg Kreitzman, vice president of research for identity services at Gartner.
“It’s going to be a hybrid world between on-premise and cloud for larger enterprises for a long time because of legacy applications and infrastructure,” Kreitzman said.
Identity as a Service with Okta
Enterasys, a networking company based in Massachusetts, is one example of a company transitioning to a primarily cloud-based infrastructure over the next two to three years.
A big piece of the company’s IT infrastructure is already in the cloud with Salesforce.com and payroll company ADP, said Benjamin Doyle, Enterasys’ director of IT applications.
The move will take Enterasys from using Software as a Service to IDaaS -- an approach that will help the company bridge the gap between its traditional, on-premise infrastructure and cloud services.
As part of the project, Enterasys needs to give employees secure, easy access to corporate applications anytime, anywhere. Doyle chose Okta, Inc.’s application management tool, which takes Active Directory and tailors it for the cloud era.
Users access Okta’s portal using a Web browser where end users sign on with their Active Directory passwords. Okta also provides IT pros with a way to record and control which end users can access what resources.
AMAG Pharmaceuticals in Lexington, Mass. also chose Okta for identity management and application management because most of the company’s applications are already Web-based, said executive director Nate McBride.
“I only need five people to run the entire operation,” McBride said. “We’re fast, agile and because of our approach, we’re running lots of pilot programs, and [we] fluidly move new applications in and out as we need.”
Okta, which is based in San Francisco, doesn’t support legacy applications yet, so it may not be appropriate for enterprises. But it is ideal for nimble small and medium-sized businesses, industry analysts say.
Enterprise Identity as a Service
There are also application delivery and identity management service options for large companies.
Specialist Distribution Group (SDG), a UK-based technology solutions provider, has deployed Centrix Software’s WorkSpace Universal. Centrix caters to large enterprises by integrating off-premise cloud apps with on-premise legacy applications in the same user portal.
The ability to access cloud and legacy enterprise apps without having to “rip everything out from scratch” was the deciding factor, said Dan Cartter, an SDG director of cloud solutions and services.
“The challenge IT has is to centralize and secure the infrastructure,” he said. “Users have different devices all over the world, and they want access to everything all the time. Centrix is a single portal to have access to your desktop.”
Rather than working in various desktop windows, employees work in browser tabs from whatever computer they want with either Okta or WorkSpace Universal. Similar offerings are available from other companies as well.
More on Identity as a Service
Cloud Identity Management as a Service: Not quite ready for prime time
Is Identity Management as a Service (IDaaS) a good idea?
Citrix Systems offers the combination of Receiver, CloudGateway and CloudPortal. VMware touts Horizon Application Manager, upstarts such as Nukona offer controlled enterprise application delivery, and Flexera Software (purveyor of InstallShield) jumped into this niche when it acquired SCCM Expert.
Other Identity as a Service tools include Novell’s Secure Access services and other cloud options such as Identropy, PasswordBank and Simplify.
All of the products offer employees a familiar environment for selecting enterprise apps in the same way they would through Apple’s App Store. The only concern around these offerings is availability. If a business uses a cloud service and it goes down, that failure could effectively take down the entire business’ ability to do work. Service-level agreements help companies mitigate that risk.
Dig Deeper on Enterprise mobile app strategy
Why organizations of any size should consider IDaaS
Hybrid identity management could be a method to the madness
An update on Google Cloud Identity, Google’s IDaaS and EMM platform
Conditional access (zero trust) is the most important EUC movement since mobile and cloud