Extend the Enterprise into the Cloud with Single Sign-On to Cloud-Based services

In this blog post we examine how Single Sign-On from the enterprise to Cloud-based services is enabled. Single Sign-On is a critical component for any organization wishing to leverage Cloud services. In fact, an organization accessing Cloud-based services without Single Sign-On risks increased exposure to security risks and the potential for increased IT Help Desk costs, as well the danger of “dangling” accounts from former employees which are open to rogue usage.

Let’s take a look at Google Apps and the concept of Single Sign-On. Organizations are increasingly using Cloud services such as Google Apps for email and document sharing. Google Apps, especially Gmail, are a popular option for organizations making their first foray into leveraging Cloud-based Services. While the cost advantages of this model are compelling, organizations do not want to create a whole new set of accounts for their employees in the Cloud, or force their employees to remember a new password.

The solution to this problem is to allow users to continue to use their own local accounts, logging into their computers as normal, but then seamlessly being logged into the Cloud services. In this way, the user experiences a continuous link from the corporate systems, such as their Windows login, into the Cloud services, such as email. This is known as Single Sign-On, and is enabled by technologies such as Security Assertion Markup Language (SAML).

This allows operations staff to manage their organization’s usage of the external Cloud services as if they were a part of their internal network, even without the same degree of physical control. As a result, the usual problems of password synchronization, user provisioning (adding users) and de-provisioning (removing users), and auditing are minimized. Continue reading…

Related Posts

Location, Location, Location: Three Recent Court Controversies on Cell Phone & GPS Tr... Welcome to the 21st century, where we all carry tracking devices in our pockets and where one morning you might find an FBI-installed GPS tracking dev...
U.S. Government Seizes 82 Websites: A Glimpse at the Draconian Future of Copyright Enforce... Over the past few days, the U.S. Justice Department, the Department of Homeland Security and nine U.S. Attorneys’ Offices seized 82 domain names of ...
The Message of Firesheep: “Baaaad Websites, Implement Sitewide HTTPS Now!” The Firesheep Firefox extension has been scaring users across the Internet since its introduction at the Toorcon security conference this past weekend...
ST-Ericsson and Linaro, working towards the first release By ST-Ericcson: Open source has become an important driving force in the smartphone industry and a particularly key area of focus for ST-Ericsson. We...
How To Stop Domain Names Being Seized By The US Government As the United States authorities continue with their domain name seizure policy, file-sharing, streaming and link site operators around the world are ...
VLC developer takes a stand against DRM enforcement in Apple’s App Store Rémi Denis-Courmont is one of the primary developers of the VLC media player, which is free software and distributed under the GPL. Earlier this week...

We Recommend These Vendors and Free Offers

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


One Comment

  1. Pingback: Tweets that mention Extend the Enterprise into the Cloud with Single Sign-On to Cloud-Based services -- Topsy.com

Leave a Comment

Your email address will not be published. Required fields are marked *

*