Hi All -

No question about it:  Cloud is THE big topic of discussion in IT circles these days.  The opportunities, challenges and questions related to cloud are many.  Microsoft recently held a cloud computing event at the University of Washington, where we clarified that Microsoft is "all in" when it comes to cloud computing and outlined the company's already long history and tremendous investment in cloud. 

Of course, many customers have questions about cloud security and privacy.  A recent Microsoft study revealed that while 86% of senior business leaders are excited about it, more than 75% believe data safety, security, and privacy are top potential risks of cloud computing.

To this end, Microsoft corporate vice president Scott Charney spoke at the recent RSA 2010 security conference, explaining how the company's vision for End to End Trust applies to cloud.  In his speech Charney highlighted the importance of identity technologies for cloud security. 

Cloud security is a big, broad topic.  But identity is a good place to start the discussion. This is an area where we're "all in," too, with a broad set of investments in identity and access management.  Our aim is to help companies achieve more secure, efficient access and collaboration - within the enterprise, across company boundaries and into the cloud. 

Key to this strategy is enabling companies to build on their existing identity infrastructure - such as Active Directory (AD) - to cost-effectively give employees security-enhanced access to the applications and information they need to get their jobs done, no matter where the apps, data or employees are.

A first step for companies is to get their identity house in order, meaning streamline the process of assigning identities, creating groups and roles, and implementing the right policies for identity-based access.  That's where the newly launched Forefront Identity Manager 2010 (FIM) comes in.  Part of our Business Ready Security strategy, FIM works with AD and provides both workflow tools for IT admins and self-service capabilities for employees to help alleviate much of the cost and effort related to identity and access.   

You can read a case study here, for example, about how specialty chemical manufacturer Dow Corning is using FIM and other Forefront solutions to boost employee productivity and collaboration with partners.  Another example: First American Title Insurance is using FIM to automate provisioning and access to mostly on-site business systems for its 14,000 employees.  And the company also takes advantage of FIM's capabilities to govern access and security of its cloud-based email service.

Once their identity infrastructure is in place, companies can use Active Directory Federation Services 2.0 (ADFS 2.0), a new role in Windows Server®that will be released soon.  ADFS 2.0 provides a single point of management for authenticating user "claims" for single sign on access to applications - whether those apps are on-premise, inside a separate and trusted company, or in the cloud.  Businesses such as travel company Hogg Robinson and Quest Software are already using ADFS 2.0 to authenticate and authorize users of their online systems.

Also, using solutions such as Forefront Unified Access Gateway 2010 (UAG), and/or Network Access Protection and Direct Access in Windows Server, companies can more easily give remote workers more secure access, too, based on their identities.  (Windows 7 includes built-in support for all.)  There's a great white paper on UAG and Direct Access here, and a recent Network World review of UAG here.

Companies will implement these solutions at different points in time and in various combinations, depending on their identity and access needs...and their cloud plans.  That's why we focus on helping businesses use the identity and access technologies they've already invested in as they progress toward cloud computing.   This is consistent with Microsoft's overall approach to cloud, which assumes companies will use the combination of on-premises and cloud computing that best serves their purposes. 

I hope this is a useful overview.  Let us know your thoughts and questions!

David