March 03, 2010, 8:33 AM — At the RSA Conference today, CA is expected to announce additions to its enterprise identity management product that will allow customers to extend access and provisioning controls to the Salesforce.com Sales Cloud 2 application.
CA Identity Manager can now be used to automate processes, such as associating a user to a role to gain access to Sales Cloud 2, the sales forecasting application from Salesforce.com, says Lina Liberti, vice president in CA's security business unit. This added functionality for CA Identity Manager, done in cooperation with Salesforce.com, is intended to simplify the provisioning and de-provisioning of enterprise users of Sales Cloud 2 and alleviate the need to apply manual processes to grant access, Liberti says.
"In most cases, customers have to go through heavy manual processes," Liberti says. For instance, customers typically have to provision access to Sales Cloud 2 and later manually de-provision when an employee leaves the firm or changes jobs. But with support for Sales Cloud 2 access and provisioning under the auspices of CA Identity Manager, that process can now be automated as it might be with any of the customer's internal applications, through a Web service.
The extended functionality, available at no additional cost in CA Identity Manager, represents one of CA's first efforts to bring security controls into the cloud. CA's SiteMinder single-sign-on function is already integrated into Saleforce.com, according to Liberti.
Improving security and privacy controls for cloud-based applications is the main topic that CA will take up at the RSA Conference. Dave Hansen, corporate senior vice president and general manager of the security and compliance business unit at CA, will host a panel discussing security and privacy in cloud-based applications. (Check out our podcast with Hansen here.)
Representatives from Amazon Web Services, Lockheed Martin, Acxiom and Ponemon Institute are expected to join Hansen to discuss perceived challenges in security and privacy in cloud-based computing environments. The discussion may encompass a look at some service models, such as extending security controls from the enterprise to the cloud, and how cloud service providers themselves deploy security internally.