One User Name to Rule the Cloud: Identity Management for your One Stop SaaS Shop

According to market research conducted by TechValidate and sponsored by IBM, security is the top concern or barrier for more than half of IT professionals to migrate workloads and IT services to the cloud. And as far as user experience is concerned, companies must make sure these cloud applications are easy to use throughout. When introducing new SaaS applications, however, there are quite a few challenges popping up. The end user should in theory craft a user name and password for each of the different applications he or she will be using – a different one each time on top of that, for safety’s sake. If you’ve read my previous blog on the password paradox, you’ll know that that’s not a realistic scenario. Here at IBM, for example, we’re currently using over 700 different SaaS applications company-wide. Imagine if we IBM-ers would have to remember username/password sets for every SaaS application we use… Luckily IBM set up a single sign-on program to ease that pain.

Seamless IAM experience for users

One of the most important aspects of a successful implementation of new SaaS applications is that deployment should be fast, and it should always put user experience in the first place. There shouldn’t, for instance, be any difference between on-premises applications, and cloud-based applications. To put it bluntly – the end user could not care less whether an application is running on premise, or on the cloud. Translated into terms that are helpful to those implementing new applications: what the user wants, is a totally transparent and seamless experience. Need easy and secure access to cloud apps? Click here to discover how cloud identity works.

Breathing space for IT staff

Not only end users, but also IT staff that is charged with implementing new applications face challenges. For one, most companies already have some legacy to keep track of when it comes to SaaS applications. And before a new application is ready to use, a lot has to be handled behind the scenes: from exchanging certificates and encryption keys to uploading all user identities and everything in between. Though cumbersome, that is still feasible had this been a one-off event – but for some companies, digitalization happens so fast that a new SaaS application needs to be deployed every week. It’s a task that requires a lot of effort, and very specialized knowledge. Needless to say that this puts a lot of stress on IT staff, preventing them from focusing on real value-adding innovation. Moreover, people well-versed in Identity and Access Management are particularly difficult to find, and even more difficult to retain, due to an immense cybersecurity skills gap. In this context, a solution that would allow for companies to just tick off the boxes of the SaaS applications they want to connect to would be far from an unnecessary luxury.

One password to rule them all

IBM’s Cloud Identity Connect solution largely resolves those issues. Due to its single sign-on capability, you’ll just need one password and user name to rule them all: after authenticating once, transparent access is granted to hundreds of SaaS applications. We’ve understood that it is essential to ensure compatibility with a wide range of SaaS applications. The pre-configured settings for a wide range of these SaaS applications also allow for a much faster deployment. The TechValidate survey mentioned above found that it takes 79 percent of organizations more than a day to integrate web-centric business applications into their existing on-premises IAM solutions – in 35% of the cases, it even takes a month or more. If an employee waxes lyrical about this application or that solution, he or she doesn’t want to wait long, sometimes for months, before the new application is deployed and ready-to-use. Take a more in-depth look at Cloud Identity here.

On-prem / Off-prem – who cares? The user doesn’t

Currently, the most widely-used SaaS applications can be connected with a click in the Cloud Identity Connect. Of course, no company can be run entirely from the cloud. It is perfectly understandable that programs using sensitive data and databases are deployed on-premises. A lot of companies already have a single sign-on policy in place for their arsenal of on-premises applications, for example through IBM Security Access Manager. But if those on-premises applications are accessed in a different manner than those in the cloud, the advantage of a single sign-on solution solely for the cloud is largely overturned. Fortunately, the integration of on-premises applications is also provided by Cloud Identity Connect: these on-premise applications can be accessed as before – without any changes in user experience at all. After all, end users do not really care whether an application is floating in the cloud or remains on-premises – all they want is a quick-and-easy access to applications.

Engaging everyone to take to the cloud

In this day and age, SaaS applications have become the new normal. Lots of tasks have found their place in the cloud. In taking to the cloud, a top-notch user experience and successful deployment often go hand in hand. It’s central to our efforts in developing cloud identity solutions like Cloud Identity Connect. By making the transition to the cloud more transparent (through also integrating existing SaaS and on-premise applications), one user name and one password can open up a whole arsenal of SaaS apps to employees. Gone are the days of keeping track of spades and spades of complicated passwords.