04.9.2017 - The OptimalCloud for Cloud Based Application Vendors

The OptimalCloud for Cloud Based Application VendorsMore and more IAM vendors are taking what they classically sold as an on premise solution and delivering their applications via the cloud. While this makes a lot of sense both for the vendors as well as their customers, it does introduce a problem with authenticating users. With the on premise solutions, they likely used Windows integrated authentication for web applications to seamlessly log the customer’s users into their web application, or they simply authenticated using the customers on premise Active Directory. To learn more, download “The OptimalCloud for Cloud Based Application Vendors” whitepaper today. ...

03.29.2017 - A Password-Free World: Past, Present or Possible Future?

Struggling to remember the password for an email address or the answer to that odd security question to sign into a bank account online can often make us feel nostalgic for the days before our lives were filled with PC passwords and unique swipe patterns on smartphones. The password-free world is a nice fantasy, but we have to break it to you, our world has had passwords for centuries, if not longer. Wearing the right colors identified your tribe, signet rings identified that you were part of a specific state or region, and many religions have had their own shibboleths to identify believers. All of these efforts were designed to let the right people in and keep others out. However, it might be a reality of tomorrow thanks to things like private cloud federation solutions and federated single sign-on (SSO) tools. ...

03.16.2017 - Five Things CMOs Need to Know About Customer Identity and Access Management

There was a time when a CMO’s didn’t need to worry about Customer Identity & Access Management (CIAM) solutions. CIAM was the province of the IT department. Things change rapidly, though, and now marketing and identity access management go hand-in-hand. A business’s applications need to be able to identify customers across multiple platforms, and should tailor its marketing strategies to specific customer identities that can only be uncovered effectively through CIAM. If you’re a CMO, or any marketing professional, who understands the importance of an effective CIAM solution for your business, here are five things to consider. ...

02.28.2017 - Three Reasons to Consider Cloud SSO for Apps

Cloud identity and access management professionals are turning to single sign-on (SSO) options to help manage the expansion of services and apps their organizations use. By pushing SSO to the cloud, they’re discovering increased support for each new tool without all the help desk cost increases that used to come along for the ride. Cloud SSO is essentially a tool to make everyone’s use of a service easier. That means your employees and customers will be more satisfied with their experience because they can get to the content they want faster, without having to sign on, dig for credentials or create gaps in your security with constant emails to reset passwords. Here are three of the biggest reasons your business should consider a cloud virtual directory to handle SSO for its apps. ...

01.24.2017 - Does IoT Have an Identity Management Problem?

Forgive us for sounding like a lawyer, but the question “does IoT have identity management?” can only be answered by saying: It depends. There are a wide range of consumer devices that have no identity management — they’re just sitting out there providing data to a local network and are easily accessible by just about anyone who is willing to take the time to find them. You can do this yourself by simply going to a search engine and looking for unsecured security cameras. Not only can you browse tens of thousands of completely unsecured security cameras, but you can also browse through nearly 100,000 cameras that use default passwords — some of which autofill when you access the cameras because they’re designed to be replaced as soon as the camera is installed. Many of these IP cameras show the inside of homes and stores, which can create significant threats for your person and your property. Business applications sometimes have a better policy on user authentication in their Internet of Things rollouts, but this isn’t a guarantee. The most likely identity management paradigm covers devices that require consistent interaction, such as keyboard and touchscreen input, or that must be unlocked through passwords and facial recognition. ...

01.10.2017 - Navigating a Multi-Forest Office 365 Migration Without Losing Your Mind

A logistics management business wants to consolidate its multi-tenant, multi-forest Office 365 environment. Expansion via acquisitions created a multi-tenant, multi-forest problem for the logistics company further complicated by additional challenges involving business productivity, managing users in AD and development of cross-forest trust. They also wanted SSO to reinforce secure access to applications and decrease time used by IT to manage end-user requests for password reset within their business. So what do you do? Decide to take the plunge and enter the crazy world of multi-forest sharepoint Catch-22s, or pull your hair out strand by strand to numb your brain and avoid dealing with it? For starters, you should know Microsoft does support different scenarios for implementing SSO. Two components needed are DirSync (directory synchronization) between the Azure AD detail used for the subscription to Office 365 and user credential authentication to the IdP. DirSync is the essential identity accessory while user credential authorization is the sharepoint federation aspect of a multi-forest Office 365 situation. But wait, there’s more… Because Microsoft does support user password synchronization — AKA “password hashes” — between Azure AD and your on-site Active Directory System, you don’t need to worry about federation because Azure AD represents the user authentication point. On-site AD systems act as the de facto system for user accounts and are not used to authenticate users of Office 365. This is a generally the preferred scenario of small- to mid-level companies that want to avoid managing a federation infrastructure with password hash synchronization. ...

12.15.2016 - How to Evaluate Your Identity Management System

So you’ve decided to integrate an identity management system for your business. Congratulations! Now what? It seems like a simple question, but getting started can be surprisingly difficult — as you likely know because you’re here hoping to learn. It’s all about finding the right fit for your business, plus a partner who is trusted. This guide looks at some things to consider for choosing the right service partner, what to look for in a platform, questions you should ask to make sure there are no loose ends and a few extra attributes that can signal that you’ve found a company who is a good fit for your brand, culture and size. ...

12.1.2016 - Why Your Business Needs an Identity Hub

With businesses working across multiple platforms with multiple users, identity authentication becomes more and more complex. Thousands, millions and eventually billions of access points will start pointing at the same databases and enterprise systems. The only way to manage that scale appears to be an identity hub. Enterprises need a common, singular endpoint that serves as the enterprise identity provider (IdP). Your IdP will manage the authentication of users from all over and generate authentication tokens for a wide range of service providers that control the resources users access. Tokens seem to be growing exponentially as more web services, from Google Apps to Salesforce and Infusionsoft, are adopted by enterprises. Each application requires multiple tokens and token translations, expanding as your team expands. Modern systems need to properly distribute all of these different tokens, and they also need to simultaneously authenticate as many users and user requests that span all of these applications. It takes a significant infrastructure to handle discovery across every authentication source. Viewing all of this global data and properly processing it, but providing authentication at the local level, is difficult for any system. It becomes simpler when businesses turn to federated identity hubs. ...

11.17.2016 - Best Practices for Better UX and Security

As technology evolves, we begin to access our data across more devices and through different platforms, and convenience and ease of use are key. While these new technologies pose their own challenges for data security, they also bring about a new set of usability concerns. We rely on the user experience (UX) to ensure that people love products and services and are willing to come back and use them again and again. Security needs to be the underlying force that keeps users safe across all interactions, while also eliminating improper intrusions into your system. ...


  • The database in which all of your organization’s sensitive identity data is stored.
  • A digital ledger in which digital transactions are recorded chronologically and publicly.
  • Securely managing customer identity and profile data, and controlling customer access to applications and services.
  • The means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
  • A legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU.
  • The policy-based centralized orchestration of user identity management and access control.
  • An authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
  • A global provider of innovative and affordable identity access management solutions. 
  • Managing and auditing account and data access by privileged users.
  • Tools and technologies for controlling user access to critical information within an organization.
  • An authentication process that allows a user to access multiple applications with one set of login credentials.