In this Security School lesson, expert Phil Cox looks at the identity management options for cloud computing models, the policy and process decisions organizations have to make, as well as the technology options at your disposal.
Phil Cox is a former director of security and compliance with SystemExperts Corp.
In this part:
Before considering cloud computing, it's essential to make sure you have your existing IAM program under control. While every CSO and security manager understands that IAM is critical to the long-term success of any security strategy, they often get bogged down with technical minutiae and lose sight of the issues that can drive a successful IAM program. There are three strategic issues/questions that need to be identified within an organization to ensure that your strategy for IAM in the cloud will succeed:
- Identify the business drivers for identity management.
- Identify interoperability requirements: More specifically, which standards you will likely need to support.
- Identify cloud use cases for your identity and access management project.
Implementing dynamic provisioning between an enterprise and a cloud service provider takes a lot of work, but as expert Phil Cox explains, it can result in both cost and time savings.
Deploying a cloud IAM architecture is not for the faint of heart. The first step most enterprises take is extending their identities into the cloud, but it takes a lot of time, effort and dedication to do it right. This podcast will count down the top five steps you should take to successfully extend your identity services infrastructure into the cloud, including what you'll need to do to provide the service from the enterprise, as well as consume it from the cloud.
Quiz: Identity management and access control in the cloud
Reinforce your knowledge of the key concepts of this lesson by taking this five-question quiz.