Hi All -
No question about it: Cloud is THE big
topic of discussion in IT circles these days. The opportunities, challenges and questions related to cloud
are many. Microsoft
recently held a cloud computing
event at the University of Washington,
where we clarified that Microsoft is "all in" when it comes to cloud computing
and outlined the company's already long history and tremendous investment in
Of course, many customers have questions about cloud security and privacy. A recent
revealed that while 86% of senior business leaders are excited about it, more
than 75% believe data safety, security, and privacy are top potential risks of
To this end, Microsoft corporate vice president Scott Charney spoke at the recent RSA
security conference, explaining how the company's vision for End to End
Trust applies to cloud. In his
speech Charney highlighted the importance of identity technologies for cloud
Cloud security is a big, broad topic. But identity is a good place to start
the discussion. This is an area where we're "all in," too, with a broad set of
investments in identity and access management. Our aim is to help companies achieve more secure, efficient
access and collaboration - within the enterprise, across company boundaries and
into the cloud.
Key to this strategy is enabling companies to build on their
existing identity infrastructure - such as Active Directory (AD) - to cost-effectively
give employees security-enhanced access to the applications and information
they need to get their jobs done, no matter where the apps, data or employees are.
A first step for companies is to get their identity house in
order, meaning streamline the process of assigning identities, creating groups
and roles, and implementing the right policies for identity-based access. That's where the newly launched Forefront
Identity Manager 2010 (FIM) comes in.
Part of our Business
Ready Security strategy, FIM works with AD and provides both workflow tools
for IT admins and self-service capabilities for employees to help alleviate
much of the cost and effort related to identity and access.
You can read a case
study here, for example, about how specialty chemical manufacturer Dow
Corning is using FIM and other Forefront solutions to boost employee
productivity and collaboration with partners. Another example: First
American Title Insurance is using FIM to automate
provisioning and access to mostly on-site business systems for its 14,000
employees. And the company also
takes advantage of FIM's capabilities to govern access and security of its cloud-based
Once their identity infrastructure is in place, companies can
Directory Federation Services 2.0 (ADFS 2.0), a new role in Windows Server®that
will be released soon. ADFS 2.0 provides
a single point of management for authenticating user "claims" for single sign
on access to applications - whether those apps are on-premise, inside a
separate and trusted company, or in the cloud. Businesses such as travel company Hogg Robinson and Quest
Software are already using ADFS 2.0 to authenticate and authorize users of
their online systems.
Also, using solutions such as Forefront
Unified Access Gateway 2010 (UAG), and/or Network
Access Protection and Direct
Access in Windows Server, companies can more easily give remote workers more
secure access, too, based on their identities. (Windows 7 includes built-in support for all.) There's a great white
paper on UAG and Direct Access here, and a recent Network
World review of UAG here.
Companies will implement these solutions at different points
in time and in various combinations, depending on their identity and access needs...and
their cloud plans. That's why we
focus on helping businesses use the identity and access technologies they've
already invested in as they progress toward cloud computing. This is consistent with Microsoft's overall approach to
cloud, which assumes companies will use the combination of on-premises and
cloud computing that best serves their purposes.
I hope this is a useful overview.
Let us know your thoughts and questions!