×

IDMWORKS Blog

Private Cloud Identity Management Considerations


The most natural evolution for many enterprises in their migration from traditional enterprise IT to a cloud model is the Private Cloud. One of the significant advantages of a private cloud model is the level of control and the level of security that if can offer IT organizations over their own cloud infrastructure. Traditional Enterprise IdM relies on tight integration and heavy customization. The cloud’s model of sharing resources makes tight coupling a non starter.

The most natural evolution for many enterprises in their migration from traditional enterprise IT to a cloud model is the Private Cloud. One of the significant advantages of a private cloud model is the level of control and the level of security that if can offer IT organizations over their own cloud infrastructure.  Traditional Enterprise IdM relies on tight integration and heavy customization. The cloud’s model of sharing resources makes tight coupling a non starter.

The cloud model instead needs an identity management infrastructure with the following characteristics:

Service Oriented – so that applications can take advantage of reusable shared components supported by your IT organization using SaaS (Software as a Service)

Standard Oriented – so that your services can work seamlessly with other applications on premise and off premise (SAML, SPML, XACML, OpenID, etc.).

Loosely Coupled – so that you can build and deploy services by leveraging existing ones using PaaS (Platform as a Service).

Interoperable – work seamlessly with your traditional infrastructure without introducing any deployment risks using IaaS (Infrastructure as a Service).

In a private cloud, your IT has to worry about sustaining compliance and keeping compliance costs down. In a public cloud on other hand, service providers have a significantly higher bar when it comes to compliance.  Audit standards like SAS 70 are applicable to public cloud service providers.  Sustainable compliance demands automation. So technologies like Identity and Access Governance are necessary to meet complex demands of compliance such as attestation and access governance.

Self Service is also critical in private cloud scenarios. Self service can keep administrative overhead costs down. Delegated Administration is also necessary in private clouds so that central IT can delegate control of identity management for departments to departmental owners. Technologies like Identity Administration can help with self service provisioning, password reset and in enforcing delegated administration.

Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.

Leave a Reply

Your email address will not be published. Required fields are marked *