This content is part of the Essential Guide: Authentication blues? Consider cloud identity management
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Identity management guide for CIOs

Identity management can mean the difference between secure and compromised information systems. Get news, tips and more in our CIO Briefing.

As security concerns increase, so does the need to properly identify the individuals using your systems. Identity management deals with identifying individuals in a system and controlling their access to resources within that system. This also includes locking down systems after employees have moved on. So where does your organization stand on implementing identity management measures? Check out our CIO Briefing on identity management for the latest news, resources and advice to help you understand and evaluate this growing trend.

This guide is part of's CIO Briefings series, which is designed to give IT leaders strategic guidance and advice that addresses the management and decision-making aspects of timely topics. For a complete list of the topics covered to date, visit the CIO Briefings section.

Authentication in the cloud

Identity management (IDM) in cloud computing is a nebulous application for most enterprises. While new products and standards efforts promote cost savings and management efficiencies, it all boils down to trust.

"I worry about authentication in the cloud," said Phil Kramer, chief technology officer of Systems Solutions Technologies LLC In Old Hickory, Tenn., a consultancy and systems integrator with more than 30 years of experience in enterprise-wide deployments of network infrastructure and information security. "I worry that encryption will be tightly coupled with weak authentication. Username and password would not be enough for me."

Federating Identity management makes sense, especially in a cloud environment where users are logging onto to multiple systems within and outside the firewall, Kramer acknowledged. Internal IDM is all about account provisioning, assigning user access to systems and resetting end user passwords; interbusiness IDM is about identity mapping within a partner's context.

Learn more in "Identity management in cloud computing courts enterprise trust.” Also:

SaaS and identity management

Software as a Service (SaaS) might be here to stay, but that doesn't mean it is easy or fast to develop. Independent software vendors (ISVs) and CIOs deploying private clouds could benefit from a SaaS platform that turns existing applications into full-bodied, multi-tenant programs.

That's the route Market6 LLC took in deploying a SaaS for its supermarket customers. The Walnut Creek, Calif.-based data aggregator provides predictive analytics so that stores know the quantities of food they have in stock and the amount of movement to expect.

Find out more in "SaaS platform gives Market6 multi-tenancy and identity management.” Also:

Identity management and the business

Provisioning new employees with IT access, making a fast, clean digital break with departing employees and keeping up with changing access rights is important, especially for organizations like Brookdale Senior Living Inc., which are subject to SOX and Health Insurance Portability and Accountability Act compliance. But is identity and access management (IAM) a job for seven full-time security professionals?

"In the senior living industry, at certain levels, there is quite a bit of turnover. In some jobs we have more than 100% turnover in a year," said Scott Ranson, CIO for the fast-growing Brookdale Senior Living, which employs about 32,000 people in 560 locations and manages them with an IT team of 95.

But keeping track of employees was not just an IT problem, as Ranson discovered when he convened the company's business process owners to talk about using technology to automate some of these transactions.

Learn more in "CIO turns to identity and access management to solve business problem.” Also:

More resources

Dig Deeper on Enterprise information security management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.