Ping pulls cloud into enterprise security schemes

New software from could allow enterprise security policies to be applied to cloud apps

New software from Ping Identity could provide a way for users to apply existing security policies to applications stored in the cloud claimed Ping.

The company said that the latest version 6.6 of its PingFederate cloud identity management software enabled enterprises not only to use single-sign-on (SSO) to and from the likes of Salesforce, Facebook and Google Apps, but could aso apply customers' existing enterprise security policies to cloud apps.

The company said that the software's new adaptive federation capabilities should help the many organisations which are struggling to maintain their information security policies as they embrace new cloud-based technologies such as cloud apps, mobility and social networking.

Adaptive federation means that the level of authentication required can be varied according to security policies, said Julie Smith, Ping's product marketing director. For example, within the office you could simply use your Outlook Web Access or Facebook credentials to log into corporate resources, but if you log in from a remote IP address the system might also require a second authentication factor, such as a one-time code generated by a smartphone app or security token.

She said the service could also be useful to cloud service operators such as online retailers. They could allow customers to log in with social network IDs to simplify registration, but require a second stronger authentication for online purchases or account access.

“The problem with social ID is that most security architects don't feel it is secure enough,” she explained. "Step-up authentication allows you to go from an initial social ID login to a stronger login with another set of credentials.”

According to technology analysts, integrating cloud apps with existing enterprise security policies will be both a key requirement and a major challenge for organisations seeking to embrace the cloud.

“Mobile devices and social identity access are compounding the problems around cloud security," said IDC analyst Sally Hudson. “This is driving new requirements for solutions that enable enterprises to extend their existing authentication policies to the cloud.”

And in Ernst & Young's 2011 Global Information Security Survey, Paul van Kessel, global leader for IT Risk and Assurance Service at E&Y, wrote that “although many organisations have moved to the cloud, many have done so reluctantly, evidenced by 80 percent of respondents who are challenged to deliver information security initiatives for new technologies such as cloud computing and virtualisation.”

Smith noted that Ping has cloud identity connectors available for Salesforce, Facebook, LinkedIn, Twitter, Windows Live, and for OpenID 2.0 providers such as Google, Google Apps and AOL. It relies upon the cloud app supporting SAML standards, she said; then once your account has been linked to the federated scheme the app will always refer login attempts to your ID provider.

“Every business has its own rules governing customer, partner and employee access to resources and applications. Adaptive federation makes the cloud conform to existing identity security policies. Enterprises can combine their existing user authentication methods and user profile data for a personalised, protected and compliant cloud,” Smith concluded.

Read more about:

Sign up for our free newsletter