Symplified eases move to cloud with identity, access management

Modern enterprises can't stay out of the cloud and remain competitive -- their employees use the cloud to connect in their personal lives, and they want to do the same in their professional lives.

Symplified, the Boulder, Colorado-based cloud identity company that raised $20 million in series C funding in January, announced last week that its Symplified Structure platform makes it easier and cheaper for enterprises to make the transition to the cloud.

The advantages of cloud computing are obvious. People can access content, contacts, applications and services with any device from any location. That convenience has brought consumers to it by the millions, who use apps and messaging products to communicate and share with their friends and families.

[See also: Is Facebook use in the enterprise too risky to allow?]

For enterprises, putting all their data and applications into the cloud and trying to manage their employees' identities and activities on it is much more complicated and risky. The hurdles include ensuring security, compliance with government and industry regulations, compatibility between on-site and cloud systems and identity and access management (IAM).

But their workers are forcing the issue. Consumers are already used to IAM individually, says Symplified's Dave Frechette, vice president of sales, service providers and OEMs. "It's one of the things Apple has done really well. It's not only that they make cool devices, but it's really easy for people to get into their apps from anywhere with a single Apple ID. It's IAM for the consumer. They've made it part of their core infrastructure.

"The user experience is really great," he says. "I can access my content on any device, and it instantly knows what I'm entitled to."

It is that kind of user experience, he says, that is driving enterprise to the cloud. "IT is being forced to embrace bring-your-own-device (BYOD)," he says. "You need to offer the same 'compute-on-demand, storage-on-demand' experience to your workers."

[See also: Mobile BYOD users want more security]

Structure makes that possible, he says, by providing not only heightened security with a proxy gateway between the enterprise and its workers and the Web, but by making IAM much easier. It lets a company, including cloud service providers, keep track of employees' user names, passwords, and permissions for any number of apps and cloud services without the need for major infrastructure upgrades, since it is sold as a monthly subscription.

Mark Diodati, vice president of research at Gartner, says the subscription model is one of the key advantages of Structure. "You can get all these IAM features without installing anything," he says. "There is an identity router that sits on the premises that heps them do IAM, but what's nice is that you can also administer that system from a hosted environment. So a company that does IaaS can package it as part of a complete offering."

IAM was a logical evolution from the late 1990s, Frechette says, "when companies were building all these siloed apps." Not surprisingly, it didn't take long to find that, "users didn't want to log in multiple times" with different identities every time they wanted to use an app or a service.

"Our whole strategy is to make it so companies don't have to create new identities when they move to the cloud, but to leverage the existing ones," Frechette says. "We don't care what browser you're on, we don't force you to download something to get access, and we cover the intersection of everything - partners, customers, employees."

The need for that kind of management is growing fast. Forrester Research says that by the end of 2012 employees will be using more than 10 different cloud apps on average.

And when it comes to compliance, the proxy gateway element provides an audit trail of who accessed apps and any number of services, where and when.

"We're the single truth of data for what's going in and out of applications," Frechette says. "Whether you're on mobile device or anything, you can set security policies. We can tell you that you came in from mobile device, or maybe you can only access certain apps during certain times of day. It provides access control, which means keeping the bad guys out. And if somebody leaves, they're wiped from the directory."

Since businesses are being forced into the cloud anyway, this should make it more comfortable, he says, "because they should feel more secure."

Read more about access control in CSOonline's Access Control section.

Join the CSO newsletter!

Error: Please check your email address.

More about AppleFacebookForrester ResearchGartner

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

More videos

Blog Posts