What is federated identity? And why should I care?

I’m not going to surprise anybody by saying we’re seeing an increasing move to cloud-based services. However, this raises a host of other challenges: How to provide access to these services? Do you trust cloud providers to safeguard your users’ identities?

Federated identity addresses the security concerns involved with consuming cloud-enabled services. It can be used to authenticate users across physical, virtual and cloud applications. However, regardless of where the applications reside, the actual credentials for each user can be maintained safely within the company. The enterprise need only share enough information with providers to verify identities. This means your users only have to be authenticated on your network. In the perfect world, the security of your users is preserved, regardless of what happens to the cloud provider.

Federated identity essentially allows for a seamless extension of existing data center resources. By spanning heterogeneous environments, federated identity enables enterprises to:

  •         Tighten security controls and control virtual sprawl through comprehensive identity management across the organization

  •         Automate security-related processes such as provisioning/deprovisioning

  •         Provide added convenience for users, who no longer need to remember passwords for myriad SaaS applications


Maintaining identity information within your enterprise helps to both increase your security and reduce your liability – you’ve minimized the amount of information any external entity can see about your users. However, federation is more than a technical decision. If you’re going to federate identities, make sure you’ve got a solid identity management infrastructure in place internally and ensure that you’ve done the right contract work with your external partners. Are you employing federated identity in your enterprise? What do you see as the positives and the challenges?

Labels:

Identity & Access Mgmt
Anonymous