06.23.10
Further into Identity as a Platform Play
A few weeks ago I had a great conversation with Matt Grant over at the Trusted Cloud Initiative. It was a lively conversation and Matt did a great job of turning it into a blog post. I’m not sure if I ever stated the main point of our conversation as succinctly as Matt captured it in the title, but he nailed it: “Hosters Need to Think about Identity as a Platform Play”.
When I read it today I noticed one idea I’d like to clarify a bit. The post contains this paragraph:
You see, people can move an application from one host to another without much trouble. The hosters want to be able to hold on to relationships with specific SaaS customers and the idea of identity services is one of the stickiest things possible. Why? Because where people have their user accounts is a very sticky thing.
The point I’d like to clarify is that, while user accounts are certainly sticky, convincing enterprise customers to move the control of their identity management systems into the cloud would be very difficult – and it’s unnecessary for hosters to get the sticky benefits. They can provide essential identity services such as secure authentication from enterprise accounts, and federated authentication, authorization and audit services to their application marketplace — all without physically holding the user accounts.
Such identity services are a key part of a platform on which application marketplaces can be built. They are a key part of any platform offered by hosters who want to build a SaaS marketplace.
In a typically fascinating post, Eric Norlin commented today on another application marketplace trend – in the enterprise. He was summarizing trends from the last Defrag Conference and the third trend is:
The Rise of the App Marketplace: This was one of the forward-looking things that really hit me, but may have slipped under the radar a bit. The meme of the app marketplace is coming to the enterprise. Installing collaborative, emergent environments is not enough. What we’re really driving toward is an opening up of the enterprise data layer — exposing APIs, if you will — and driving toward a world where the employee (or partner or customer) is not only consuming IT applications, but BUILDING them. The IT “app marketplace” is coming. Bank on it.
To support any such marketplace there must be a platform, whether it is in an enterprise or in the cloud, and a key part of that platform is identity services.
Tim Wessels said,
June 25, 2010 at 10:09 am
What if we are not talking about “enterprise” customers here? What about the 90M SMBs out there who may or may not have any identity management system? If they have none or just a small eDir or AD identity management system on their premises, wouldn’t locating their identity management service in the cloud be the way to go? I think it makes sense to have SMBs subscribe to Identity-as-a-Service especially when all of their data and apps will be located in the cloud.
dale said,
June 25, 2010 at 2:32 pm
Tim, I completely agree. I think for many SMBs and companies that grow up in the cloud, they will also expect their user accounts to be held in the cloud — and often at the center of an application markeplace like Salesforce user accounts are today. My point was that many companies won’t move their user accounts to the cloud, and yet hosters can still be the hub of an application marketplace by providing identity services that securely connect applications to those enterprise identities.