CA Technologies has made another step into the world of cloud security with its CloudMinder package, which includes cloud-based identity and access control services.
The CloudMinder portfolio of cloud-based services is tied to user management and service provisioning, access, reporting, single-sign-on and standards-based federation linked to policies for identity-provider control.
These are the kind of features IT managers have at hand with CA's on-premises product called identity Manager. But for the first time, CA will offer customers identity and access management as purely cloud-based services. One is called CA IdentityMinder as-a-Service for provisioning both on-premises and cloud services and applications. The second is CA FedMinder as-a-Service for single-sign-on across domains.
Cloud security competition
CA's vice president of security, Lina Liberti, says competition is starting to build in what is still a new area of cloud-based identity management and security-as-a-service (SaaS) . She said that CA is going to be there with the IdentityMinder and FedMinder SaaS offerings in the first quarter of next year. "There will be nothing on premise at all with this," she points out. The announcement was made at the annual CA World conference yesterday.
Symantec, Oracle, IBM and a slew of small providers, such as Okta, Ping and Symplified, are either already in the identity-management SaaS race or are expected to get in soon.
There could be cost-savings and speed of deployment associated with cloud-based security, and while CA expects to see at least some of its customers adopt the new SaaS-based approach to identity management, Liberti indicated the likelihood is that a hybrid approach is going to be in force for some time. She noted enterprises are likely to try SaaS but don't necessarily plan to discard their on-premises Identity Manager deployments.
On-site and cloud hybrid
"We expect customers will maintain a hybrid of on-premises and cloud-based offerings," says Liberti. CA will be seeking to facilitate this dual-pronged approach. But for those who want to go full cloud for the CA managed service, that will be possible through CA assisting in synchronising the enterprise identity repositories, such as Microsoft Active Directory or LDAP, to integrate with CA's IdentityMinder SaaS in the cloud. Two CA data centres in the US will be part of the hosting service.
"It's fully automated when we establish the connection with the directory in order to provision the user," Liberti says. The IT manager will be able to carry out the same type of provisioning of users and obtain reporting through the SaaS portal. The pricing model is expected to be per user per month per application.
Last year CA extended its Identity Manager product by giving it a way to exert the same credentialing and authorisation in the Salesforce.com and Google apps environments as it might internally on premises. CA will continue to provide Identity Manager for on-premises use even as it widens choices for identity management in the cloud.