Going Cloud for the Enterprise is all about identity


Discussion topics on engaging enterprise companies are often a daily task for me these days. As the economy climate start to settle, many ISV’s face great opportunities and requests from larger organisations, and consuming cloud applications is on many CIO’s and CTO’s strategy plans the next couple of years.

Previously I have discussed a opinion of mine, that Identity is the tipping point for the cloud. I would like to connect this back to the CIOs, CTSs and IT business decision makers in modern companies. Selecting a vendor, provider or hosted that cannot help you establish single sign-on and enterprise identity life-cycle management (EILM) will not bring success to any cloud enablement. Also for ISV’s – if you do not offer, and I repeat, do not offer and identity solution to bridge internal identities with your application, your application will never be consumed in an enterprise state.

But remember there are solutions to help you built these options.

  • ISV’s should look more deeply into Windows Identity Foundation (WIF) and leverage the opportunities and tools from Windows AppFabrik. WIF and ADFS 2.0 will simply help your application be identity compatible and using STS and claim based authentication is really important. I nearly always advice any ISV to built in support for WIF/ADFS (remember, SUPPORT, do not built your application only to reply on it) as you will be faced with the issues of identity in enterprise at some point – and turning down 10.000 seats hurts like hell, just because you did not implement a middle layer on identity. See this MSDN page for more information – http://msdn.microsoft.com/en-us/security/aa570351.aspx, great whitepaper here – http://download.microsoft.com/download/7/D/0/7D0B5166-6A8A-418A-ADDD-95EE9B046994/WindowsIdentityFoundationWhitepaperForDevelopers-RTW.pdf.
  • Hosters and System Integrators should look more and more into Microsoft ForeFront Identity Manager and also WIF/ADFS 2.0. Synchronizing Active Directories are not only important but way more complex as it may seem. Having distributed identity management and recycling identities in a remote domain is not only painful – but a security risk. As a hoster your should adopt and support any endpoint issued from WIF/Geneva and Forefront Identity Manager. As with the ISV’s, this will bring you loads of seats if offered as a compelling offer. Hosters should engage consultancy companies to get going – see Implement as an option.

I meet many enterprise companies face to face every week. Often identity, data and security are the subjects of our conversations. Many of these companies tell me that the market does not sell them solutions to these pains, only that the providers and hosters realize these pains are potential problems. Remember this when you select your future platform for either applications or software – does Google offer this as a solution? It is normally not a selection-point for ISV’s by believe me, that a free framework offered for this, will lover your capital investments and reduce time to market – as building it all from scratch is not a simple solution. Select Amazon EC2 and adopt Microsoft Forefront Identity Manager if you wish to have control – or leverage Windows Azure’s out of the box implementation of WIF (although not a great implementation).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s