This document discusses strategies for deploying an identity and access management system (IAM) using a software as a service (SaaS) provider. It identifies business and technical challenges that arise when an IAM system is moved outside of an organization's private network perimeter and offers solutions to address them.
Every medium to large organization can benefit from an IAM system. Many organizations are interested in moving some of their IT infrastructure from private data centers to "the cloud" -- which often is short-hand for software as a service (SaaS). It follows that many organizations will be interested in moving their existing IAM systems or deploying a new IAM system in a SaaS model.
Table of contents:
|2||Background - IAM|
|3||Background - SaaS|
|4||Perimeter, firewalls and integrations|
|5||Risk assessment -- identity data hosted by a third party|
|6||One identity administration system or two?|
|7||Federating authentication and authorization|
|8||Securing privileged accounts|
|8.1||Securing access to cloud computing infrastructure|
|8.2||Leveraging cloud infrastructure for password vault replication|
|8.3||Connecting cloud-hosted applications to on-premise systems|
|9||Multi-tenancy and standardized business processes|
|10||Identity management deployment patterns|
|10.2||Higher education model|
|10.3||Internet portal model|
Access to this document requires registration. Please fill in the form below. The full document will be e-mailed to you automatically.