Posts Tagged ‘SaaS Management’

On the subject of password management…

August 19, 2010

There is an interesting movement that is happening in and around the Identity management space in there is a struggle going on between the desire to have a single universal and secure way of accessing resources and applications, and finding the right third-party to “trust” with your access.

A variety of technologies and vendors are involved including SAML, Active Directory, individual passwords, and some of the social media vendors such as Facebook and Twitter, to name a few. And of course, all the other cloud, enterprise, and identity vendors have a dog in this fight too.

Here at Conformity we are clearly a part of the discussion, and ultimately we hope, part of the solution, but the ugly truth is the vast majority of current secure website services and SaaS business applications still use passwords for their primary authentication model. Andrew Jaquith’s blog entry on “The Rationality Of Re-Using Passwords” makes an observation that passwords will be around for a long time, which is a point of view that I share.

Since we are on the topic of passwords and logins, I need to mention that Conformity just introduced a new product, ConformityConnect, that is designed to be a simple to use, simple to deploy, and simple to administer way of securely managing the plethora of logins that we face every day at work.  If you find yourself drowning in passwords, this might be the life saver you’ve been looking for. It also lays a foundation for addressing some of the other issues I raised above. Sometimes the best policy is to trust no one but yourself

You can try ConformityConnect out for free by clicking HERE.

VeriSign’s New Cloud Identity Initiative

April 21, 2010

We’re very excited today about the VeriSign announcement of a new industry collaboration (which includes Conformity) to build trusted online identity solutions that will help accelerate SaaS and cloud adoption.   In conjunction with the initiative, we’re working with VeriSign as well as Ping Identity, Qualys and TriCipher to establish a blueprint for achieving identity trust by combining technologies and services with proven policies and certification programs.   The effort spans the major requirements for achieving identity trust, including

  • Strong mutual identification
  • Provisioning
  • Federation
  • Vulnerability and Compliance Management

We totally agree with Nico Popp, vice president of product development at VeriSign when he says “Trust won’t happen if users worry their identities are vulnerable, or if they’re unsure whether the cloud-based service they’re accessing is legitimate.  That makes identity trust the essential ingredient for cloud migration – and an industry imperative for SaaS providers.”

Read the full announcement here >>