Avoiding security turbulence when you are travelling through the cloud

Written by 
Rate this item
(0 votes)

Cloud computing is coming of age – it won’t be long before we’ll all be thinking how crazy it was to own and manage our own hardware platforms. Cloud computing plays to our ‘I want it now’ culture and provides us all with the flexibility to get the computing grunt we need when we need it.

 

The real power will be when there is a true open market for on-demand services – as a customer I shouldn’t need to go to a single cloud supplier for my services; I should be able to pick and choose the best provider for each service.

And now comes the security crunch – there is a huge risk that security concerns will create a very bumpy ride for us end users.

Currently, if you opt for the mix-and-match approach to cloud services end users get a very fragmented experience. Each service will have its own security model and associated username/password credentials. As a user of these services this is extremely inefficient and quite frankly a backwards step.

We clearly need to find a way to logon to cloud services which gives a seamless experience - eg, we should be able to logon to our Sharepoint site, eMail and CRM system with the same account details regardless of where they are hosted – from an end user perspective we don’t care that the services are hosted at different places and shouldn’t need to login separately to each service.

So who’s going to navigate us through the cloud?

Even before cloud computing single sign-on security models have been the golden ticket for many organisations – with many large firms spending significant budget getting close but never completely there from an end user experience perspective.

Certainly if you are a Microsoft user you will probably be used to using Active Directory – meaning you can login to your Windows PC in the morning and happily navigate through your internal applications without having to login again. But there’s a catch – if your applications aren’t Microsoft then they probably use a different security model, so this is fine for your Outlook, Sharepoint and MicrosoftCRM, but how about your non-Microsoft applications?  A further flaw with Active Directory is that it won’t work for services outside of your internal network – so you can forget the luxury of single sign-on for your new cloud services.

What we need is the concept of Active Directory working across all applications regardless of where our IT department decides to host them.

The good news is that the industry is realising that cloud computing needs a seamless, robust security solution and a number of security models are beginning to appear. Microsoft are introducing their Forefront Identity Manager (FIM) targeted at cross-platform security and a number of independent innovative solutions have launched in the market such as Cloud Sherpas and onelogin.  This is a great step forward, but for these to work the cloud vendors will need to work together to enable these services on their platforms and allow the seamless service that we need.  Only then will the true power of cloud computing be released.

For more information on how to navigate through the turbulance and realise the benefits of cloud computing contact This email address is being protected from spambots. You need JavaScript enabled to view it..

Peter Weare

Industry leader in digital transformation. Passionate about delivering a frictionless consumer  experience. Regular commenter on getting delivery right.

 View Peter's LinkedIn profile View Peter's profile