Importance of User Authentication with Cloud Services

Importance of User Authentication with Cloud Services

George Khalil, CIO, City of Riverside

What are some of the recent trends and challenges in the cloud computing landscape?

The most prominent challenge in cloud computing is the integration with user identity. Today, the proliferation of cloud has led to increased cloud-based applications and platforms deployed for performing various business operations. Unlike in legacy systems where users’ login information are identified by validating through active directory (AD) integration, the cloud has complicated the workspace by separating identity and access information from centrally administered user account management. Trying to handle user accounts on a large number of cloud-based services without a central identity repository is extremely difficult, thereby, increasing the risk of a data breach. Consequently, organizations should try to integrate and combine identity management either through third-party solutions that would merge users account into the single or double repository through native security assertion markup language (SAML) or distributed file system (DFS). This helps in authenticating between two entities: service providers and an identity provider.

"Universities should devise various insurance programs and spread awareness about the importance of formal educations of risk management"

What are the different methodologies available in the market for user identity integration, and how should firms adopt the best service depending on their business practices?

Today, most of the firms are utilizing active directory federated services (ADFS) and DFS built-in tools that facilitate user authentication. And, others are using commercial platforms to try and enhance security associated with user identity integration such as dual factor authentication on top of the initial validation credentials: username and password. However, firms can also improve user login verification with dual factor authentication using third-party platforms.

How should organizations embrace the right solutions by identifying the right partnership for identity management?

Visibility is critical for organizations; numerous firms are concerned about transparency with regard to the access to their information from the cloud services. Addressing such issues, organizations should collaborate with vendors that provide access to logs and events associated with firms’ data. Today, organizations are anticipating that the next significant breach is going to be within the cloud landscape. Therefore, associating with a vendor that is proficient in providing per customer access log and activity information would increase the visibility of users’ activity on the cloud, thereby, empowering firms to control and respond if a threat arises.

Companies are striving to aggregate their events and log information on a security information management (SIM) system. Hence, vendors that have the maturity to export events  and logs out of their cloud services to the customers SIM - one differentiating factor that would exhibit maturity, transparency, and in turn, raise the comfort level of customers. These log data depends upon the cloud services that firms’ have subscribed to. Case in point, if a company is using the software as a service-based email, and then they would require user identity and logs, failed attempts, IP address of the device used to connect, and other similar metadata for identity management.

In the ever-changing cloud landscape, what should be organizations cloud strategy before moving their legacy applications?

The firms should assimilate their needs with regards to required metadata, the roles, and responsibility between cloud providers and their teams. Following that, companies should communicate their expectations to cloud service providers and contractually define business curtail aspects such as availability of infrastructures, data ownership, service level agreements, and response time expected from vendors.

How should firms mitigate the limitation in implementing cloud services for business growth?

The challenges that organizations witness depend on the type of cloud service they embrace. Cloud has various services such as software as a service (SaaS), platform as a service (PaaS), infrastructure as a service (IaaS), and more. Case in point, IaaS is essentially an extension of data centers, thus, organizations should focus on mobility and multi-cloud to dynamically allocate workloads. Often, to manage operating cost, vendors move firms’ assets between different cloud providers. Therefore, organizations should position themselves to obtain similar flexibility that virtualization offers: move infrastructure between various data centers without any downtime of their cloud services. This will allow companies to promptly move applications and information between several data centers and leverage cloud offerings across multiple vendors and benefit from different services.

What are the methods used in user identity integration process to enhance the capabilities of different organizations?

Standardizing open standards technology would significantly enhance mobility and flexibility while allowing organizations options to embrace cloud instead of building legacy infrastructure. This will deliver similar mobility that virtualization would provide in traditional infrastructure. Such advancements will enable firms to quickly move data between different cloud hosting providers from on-premise infrastructure by migrating without rebuilding or reconfiguring applications.

Would you like to convey an ideal approach to integrate legacy applications with cloud services?

Some legacy technologies are end-of-life and are often incompatible with modern operating systems, thereby, making it a cumbersome task for migrating to cloud. For such applications, firms should use progression; initially moving to virtualization, and then, utilize cloud, and finally, the public cloud. Virtualization opens up a base to perform further migration with ease.

What are some of the misconceptions people have with regards to the cloud landscape?

Currently, people think that the cloud is secure, and the vendors perform all the necessary security tasks. However, it’s not true as to protect cloud against is a shared responsibility between vendors and organizations. A cloud provider delivers infrastructure, firmware, software, but the credentials to access cloud services are set up by employees, which can be weak and a potential cause of breaches. Consequently, organizations and cloud service providers are mutually responsible for protecting data.

Check out: Top Cloud Solution Companies

Weekly Brief

Read Also

Putting the Awareness in Security Awareness

Paul Jones, CIO, City of West Palm Beach

Leveraging Technology to Enhance City-Business in the Post-Pandemic World

Muslim Gadiwalla, Chief Information Officer, The City of St. Petersburg

San Francisco's Digital Equity PlanAdapts with Coronavirus

Linda Gerull, CIO and Executive Director of the Department of Technology for the City and County of San Francisco

Building A "New Better" - Not A "New Normal" - With Government Digital Services

Ted Ross, Chief Information Officer, City of Los Angeles

Smart Community Innovation For The Post Pandemic

Harry Meier, Deputy CIO for Innovation, Department of Innovation and Technology, City of Mesa

The Road to Modern Governance

David J. Elges, Chief Information Officer (CIO), City of Boston