Taming Online Identity Management

 
 
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
By Cameron Sturdevant  |  Posted 2012-01-10 Email Print this article Print
 
 
 
 
 
 
 
okta

Okta can smooth the transition of online control from one employee to another.

The beauty of cloud-based applications is that any employee with a credit card (and sometimes not even that) can provision really useful corporate services on the fly.

The ugliness of cloud-based applications is that any employee can provision services on the fly. When an employee leaves--even under the best of circumstances--the lack of central IT controls over corporate assets is laid bare.

Last October I spent some time with cloud identity management provider Okta. When I wrote about my meeting with Okta, I said that I wanted to test three things:

  • Ease of integration with business apps. Company officials say the product comes with ready made integrations to over 1,000 applications. During the demo, it looked like nine fields had to be filled in by the IT administrator to connect Okta to a Salesforce.com instance. That's not unreasonable, but I do want to see how much effort is needed to integrate typical products.
  • Connector durability. When an application changes version, that is usually when the single sign on integration breaks. Okta says that it keeps an eye on these changes in order to "future-proof" the connections. I'd like to see that in action.
  • Value for money. Current Okta licenses range from $12/user/year for one application connector to $10/user/month for the enterprise level product.

As part of a recent staff turn over I got to see up close and personal the number of problems that a product such as Okta could have smoothed over. In this case a bundle of very public social media accounts including Twitter and Facebook along with a plethora of other online accounts were transitioned from a departing employee to an existing staff member.

Okta acts as a single sign-on intermediary. Not only are strong passwords used to controll account access, passwords aren't known by the employee. Thus, even after resignation or termination, and they are removed from the Okta system, they won't have access to sensitive account information. And for audit purposes, Okta maintains access records that just aren't possible when employees are using the "cowboy" method of online service access.

Of course a big part of the transition headache that I witnessed was the result not of technology. A policy was also needed to ensure that employees followed an orderly process that involved central IT and corporate decision makers. But a product like Okta certainly would have helped to make the transition more smooth.

 
 
 
 
del.icio.us | digg.com
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel