4 Comments

Summary:

As we adopt more and more cloud Software-as-a-Service (SaaS) applications for work, keeping track of those logins and passwords becomes a real pain. For companies, knowing which employees have access to which services and which content becomes a security, compliance and operations nightmare.

Blue doorAs we adopt more and more cloud Software-as-a-Service (SaaS) applications for work, keeping track of those logins and passwords becomes a real pain. For companies, knowing which employees have access to which services and which content becomes a security, compliance and operations nightmare.

Fortunately, a crop of companies are eager to solve the problem with single sign-on (SSO) solutions, which provide dashboards that allow administrators to add and configure SaaS applications for an entire workforce. Users get the simplicity of a single access point for all their web applications, and companies can easily set and track policies.

Another feature companies relish is integration with Active Directory, the de facto standard from Microsoft in enterprise identity management that allows administration of roles and assignments for individuals and their access credentials.

Here are a few contenders in this cloud SaaS management arena including their self-described categories:

  • Okta: identity and access management software. Okta, which recently hit the scene following a $10 million investment from Andreesen Horowitz this past summer, promotes the concept of a Cloud Area Network, described as a collection of on-demand services.
  • OneLogin: single sign on for the cloud and SaaS. OneLogin, funded by Charles River Ventures and Redpoint Ventures, also fits directly in this arena. The company claims to have over 900 pre-integrated applications and offers a free plan for a single user, as well as paid group plans.
  • ProtectNetwork: cloud-based e-credential management service. ProtectNetwork is a product of 9 Star Research, a company started in 2002 and likely familiar with e-credential management software before the cloud came along. They now have ProtectNetwork as an online, hosted offering for identity management.
  • Conformity: cloud identity and SaaS management solutions. Based in Austin, Texas, Conformity is backed by Guggenheim Venture Partners. The company has a thorough website on SaaS identity management issues, as well as some clever marketing as the anti-SSO SSO. Go figure.

On the surface, a managed single sign-on solution for companies seems like a no-brainer. (I expect there are other companies I missed in the roundup). But there’s a bigger issue and opportunity here, in my opinion: Rather than merely managing the sign-ons and security, these services could back a step to the selection of SaaS applications themselves.

SSO providers can aggregate the menu of applications at each company and the amount of application use. Combine that with clever polling of customers’ favorite applications, and you start to build a database where pattern-matching across companies (anonymously) could drive SaaS sales. The metadata about the applications becomes more valuable, in my opinion, than the service of managing the sign-ons.

Perhaps these SSO providers give birth to enterprise SaaS app stores. Customers will like the fact that they can benchmark and see patterns of application use amongst peers, and SaaS providers could benefit from a direct-line sales and marketing channel. No doubt there are still plenty of short-term sign-on challenges to solve, but if SaaS sign-ons are the enterprise check-in, I think we’ll see these SSO providers expanding to other interesting territory soon.

Gary Orenstein is host of The Cloud Computing Show.

Related content from GigaOM Pro (subscription req’d):

Photo courtesy of Flickr user Klearchos Kapoutsis.

You’re subscribed! If you like, you can update your settings

  1. Protect Network seems to be the most used and widely regarded in this field. They seem to have lots of customers and the service has been around since 2004. I found one link that is useful http://www.protectnetwork.org/sites-enabled

  2. Basant | Techno-Pulse Saturday, October 9, 2010

    Gary, I fully agree with you. Single Sign-on is a must. I just keep wondering how many userids & passwords I track on a daily basis! In comings days almost all the app & services will run in cloud as SaaS…Single Sign-On will simplify our work.

  3. My company, Ping Identity, just does federation software, especially using SAML. Our product, PingFederate, makes federation a snap, both for IdPs and for RPs (or both). Typically we can get it working in 2 hours. We have integration kits for dozens of interface mechanisms and work perfectly w/ AD, IWA, and WIF. We have a knowledge center on our Web site. You can get a license to use our software for 30 days for free and this includes all the integration kits. The Java and .Net integration kits have sample apps and are a great way to get hands-on knowledge about SAML.

  4. Gary – good post about identity management in the cloud and the need for SSO to alleviate some of the concerns. As far as the capabilities needed are concerned, existing apps in an enterprise are not going to go away. So while active directory is the first step in leveraging a companies directory, the truth is that a more richer information is needed which today exists in many systems. So a company tackling SSO needs to be able to integrate out of the box with some of those HR systems. Secondly, merely taking an identity from a directory is the first step. But here also startups should focus on being able to leverage the internal policies, roles and workflows in place that determine and validate identity information. In addition to the companies you have mentioned above there are many more that are offering mature solutions such as Novell, Ping Identity and others.

Comments have been disabled for this post