Analyst Glazer says cloud computing is having a profound effect on the vendors in the identity management arena, which spent years arguing and developing SAML, to find one of its most promising uses is not just in the fortress of the enterprise to control provisioning and other functions in corporate networks, but now also in the cloud.
While huge uncertainty yet hangs over how exactly identity management in the cloud can be put in the hands of enterprise managers, there are three basic approaches that have emerged, Glazer says.
There are hosted options for identity management for the enterprise, such as what IBM can provide, and secondly the cloud service providers themselves are beginning to offer security services, with Novell's Cloud Services among the vanguard in catering to service providers as a kind of middle tier. The third approach is represented by companies such as Symplified, as well as Ping and TriCipher, which "look at a weaving between the traditional on premises capabilities and the cloud."
Some of the larger players in identity management, such as IBM, Oracle and Siemens, haven't raced into the cloud-integration game as fast as smaller companies like Symplified, he notes. "The cloud opens up opportunities for smaller vendors like Symplified to absolutely go toe to toe against the established brand vendors."
One Symplified customer, Merit Medical Systems based in South Jordan, Utah, has not deployed the Cloud Trust option yet, but has experience with Symplified’s Identity Router appliance. And it was a decision made just a few months back to start using cloud-based applications, specifically Google Apps Docs as well as Telania's eLeap for sales training purposes, that propelled the firm to bring in the more sophisticated kind of identity management controls that hadn't been in place at the company before it turned to the cloud for these applications.
Lincoln Cannon, director of Web systems at Merit, which makes and sells medical devices, was brought in 10 months ago to help the company adopt new technologies. When Google and Telania were selected as the first cloud-based applications to try out, there was some pushback from the IT department which raised concerns about how it would be possible to maintain control of applications, Cannon says.
"We needed to resolve the concerns expressed," Cannon says. That was when Merit decided to deploy the Symplified Identity Router appliance to exert single sign-on and provisioning controls for about 200 internal users as well as 50 distributors.
Although Symplified can also provide the same functionality as a hosted single sign-on service, Merit staff felt more comfortable with an identity-management appliance on premise.