Mar 17, 2011 (01:03 PM EDT)
Okta Shows Single Sign-On Service For Cloud Apps
Read the Original Article at InformationWeek
Whereas many of the companies at Cloud Connect were showing off cloud management tools for provisioning private clouds and bridging the gap between private and public clouds, one company -- Okta -- was there dealing with another looming pain point: single sign-on (SSO) for the cloud (video appears below).
Sure, there are lots of standard authentication mechanisms coming out these days (eg: OAuth and OpenID) to enable the idea of one sign-on to multiple services in the cloud. But they won't do businesses and enterprises a lot of good unless (1) they can be centrally managed in directory service fashion and (2) an enterprise's complete portfolio of cloud apps is supported by one or the other SSO scheme.
Not a big deal you say? Think again. The benefit of a directory service is that IT managers can grant or revoke access to a collection of resources in one fell swoop to an individual user, or to groups of users. If Mary in accounting needs access to the same five resources that the rest of accounting uses, she only needs to be added to the accounting group in the central directory service, which in turn should have already been enabled for those five resources. This sort of management is infinitely better and more scalable than managing each user's access to each resource, one at a time.
Whereas many companies have a directory service in place for resources on the local area network (often Microsoft's Active Directory), the rising tide of cloud-based services still remains an outlier. Access to popular services such as Salesforce.com are almost always managed separately from other cloud-based services.
At Cloud Connect, the folks from Okta showed me how they're trying to do for the cloud what Active Directory does for the local area network. Okta even integrates with Active Directory.
Here's the video:
David Berlind is the chief content officer of TechWeb and editor-in-chief of TechWeb.com. He can be reached at firstname.lastname@example.org and you also can find him on Twitter and other social networks (see the list below).