We were flattered to participate in today’s Enterprise SaaS Working Group session on Identity Management in the cloud, with Chris Bedi from Verisign, Peter Dapkus from Salesforce.com, Steve Coplan from the 451 Group, Scott Bils from Conformity, Michael Amend from Dell, Doug Harr from Ingres, and Scott Carruth from Initiate. It was a great discussion– you can catch a replay here.
Scott Bils did a great job of laying out the identity and access issues that SaaS applications create in the enterprise. These challenges are real– a big part of what we do at Appirio as we help enterprises adopt cloud solutions is figure out how to incorporate SaaS identity into the overall enterprise access and identify framework (Here’s a post from our own Jeff Douglas describing one approach we’ve used at Appirio to solve this problem).
Given these issues, Scott posed a question to the panel: Are SaaS identity issues a speed bump or a show stopper in the enterprise?
The consensus of the panel seemed to be that these issues are much more of a speed bump than a show stopper. But Doug Harr, the CIO of Ingres, pointed out that cloud identity is as much of an opportunity as it is a problem. We wanted to dig into that here– let’s talk about how identity issues have the potential to actually accelerate the adoption of SaaS over time.
We’ve all seen identity issues be an albatross for enterprise IT for as long as there’s been more than 1 system in the data center– so SaaS isn’t creating this problem, but it DOES offer a new way out.
This is an opportunity to rethink what identity means in an open, standards-based, multi-tenant environment. Let’s think about what’s different:
- Not just systems identity and access — with platform capabilities like Salesforce Chatter, you have a much richer, integrated, sense of who someone is from a business perspective
- Not just employees— you have the potential to understand and manage identity and access for customers and partners as well
- Not even just your enterprise— you have the potential to manage identity across trusted providers throughout a supply chain
Most importantly, its not just your problem as a CIO— identity becomes something that a community of cloud providers can solve. When you move an application to a cloud platform, you’ll just inherit an identity solution. That’s something we see already within platforms– that’s one reason to move a 2nd or 3rd app to force.com or google app engine, for example — and one that we’ll increasingly see across platforms as well.
And we’ve seen this before: customization used to be a “show stopper” for SaaS, now its an accelerator. We’re seeing the same thing with security. Identity will be next. Think about how much the concept of identity has changed in the consumer world, now that I use my google, facebook, or twitter account to identify myself to hundreds of websites. When, and how, will this cross over to the enterprise?
Look at a start-up like Appirio– we had a chance to white-sheet the identity problem when we decided to run our operations as a serverless enterprise (our entire business runs on Salesforce, Google, and other cloud applications). That gave us a chance to rethink what it means to have a corporate directory. Part of the new “directory” for our employees is in Salesforce, where we track our organizational structure, roles and profiles. Part of it is in Google Apps– the key to your identity at Appirio is your email address. This actually puts Google in an interesting spot as the potential center of a federated enterprise identity, and they’re moving in that direction with the concept of a public and private Google profile, and their support for Open ID and OAuth.
Are our enterprise customers ready for this today? Not yet. But as cloud platforms incorporate a rich, open, federated identity model, identity and access becomes a reason TO move more of your infrastructure to the cloud.