SSO gets more `responsibilities’

Onelogin’ Single Sign On tools are now starting to takeover end user applications provisioning as well as access rights as the company adds two European datacentres in response to Snowden eta al

  • 10 years ago Posted in

Single Sign-On (SSO) is growing as a function, according to Onelogin’s new UK Sales Director, Daniel Power. As well as just taking control of how an employee logs into a business system, and then what applications they are allowed to log in to and use, it is stretching its remit to cover the provisioning of services once they are logged in, taking over an often tedious admin task from the IT department.

Power was speaking as Onelogin announced its move into Europe with local services hosted by Rackspace and Softlayer. This move has come in response to pressure from European customers under pressure to meet European data residency and compliance standards, as well as meeting any locational preference requirements.

“one of the interesting things that is happening with the product is that, whereas we fit in the cloud single sign-on platform we being asked more and more to provision more than just access to applications. We are now being asked to provision individual users into applications. So if a business is using Active Directory and someone is recruited to the marketing department, not only do we create them and provide access to the applications such as Salesforce, but also create the user within that application.”

In practice, this means that Onelogin is taking over responsibility for provisioning a user’s defined work environment, across all the applications they are authorised to use, when they sign on. In normal circumstances defining users and their work environments within each application would need to be done effectively `by hand’, by the IT department.

“With a growing number of users and cloud services Onelogin is now becoming responsible for creating and provisioning the user, with the correct entitlements,” he said.   

This development comes as IT departments start to re-engage, as Power puts it, with the growth of cloud services into the mainstream of business management services as the trend towards Shadow IT in businesses starts to become a more significant force. This is where Line of Business managements realise that they have both the budget and sufficient knowledge to sign up for cloud-delivered services on their own, with no reference to IT.

This is, of course, and old problem that re-emerges when a new, disruptive technology comes along at price points that fit within the budget sign-off limits of LoB managers. Products such as the PC itself and the Lotus 1-2-3 spreadsheet are classic examples of such managers following a DIY route.

The downside for the business is that departments are not only out of central control, but inevitably start doing too much of their `own thing’ and reduce efficiency and ability to collaborate. In the case of user access security management, it also creates an operational mess that can be seriously counter-productive.

So the ability for Onelogin to take over some of the management of not only user access but also their provisioning within their work environment is seen by Power as a way of helping IT oversee the  increased flexibility the cloud now delivers to LoBs.

Power sees the move to providing European hosting as a natural response amongst European users to the scandals surrounding Edward Snowden, PRISM, and the NSA in the USA. The two European providers, Rackspace and Softlayer, have datacentres in London and Amsterdam respectively, which will replicate the service design for the company's US operations, which are hosted by Rackspace at sites in Dallas and Chicago. 

OneLogin now hosts its application in four physically separate enterprise-grade datacentres, with dedicated servers, DDoS protection, deep-packet inspection firewalls and load balancers. By design, the new implementation provides high-availability, cloud-based infrastructure and contains no single-point-of-failure. This includes built-in redundancy at every tier including DNS, data centre, application and database servers. Should one data centre become unavailable, traffic will redirect to the other data centre to ensure continuous operation. This is backed by a 99.99% uptime guarantee and all access to the data centres is video-monitored and requires card access.

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...