Page does not exist at path /content/ping/en/company/blog/authors/john-fitzergerald
So you've decided to take the plunge into a cloud-based system like Microsoft's Office 365 for email, instant messaging and collaboration. You're not alone.
Companies large and small, domestic and international have warmed up to the idea of a cloud-based environment. Today, Office 365 is Microsoft's fastest growing commercial product ever, and adoption shows no sign of slowing. The company's cloud revenue (which included Azure and Dynamics CRM as well as Office 365) grew 128 percent in the last quarter of 2014 compared to the same period the previous year, and the number of Office 365 commercial seats in use nearly doubled by the beginning of 2015.
But before diving into an Office 365 implementation, consider this security reality check: Adoption of Microsoft Office 365 can create IAM challenges according to research firm Gartner. A key part of making those applications work is providing the ability to seamlessly use your existing identity systems to authenticate to Office 365 and other Software as a Service (SaaS) applications. Identity integration can be complex. Here are five things to consider when moving to Office 365.
1. You still need a federated single sign-on tool.
Microsoft recommends that users synchronize their on-site Active Directory to its Azure Active Directory without implementing federated SSO -- if it meets your needs, according to Gartner. This is usually fine for most small to midsized businesses, but it might not be right for all SMBs or larger organizations. Microsoft says about 36% of daily authentications use SSO provided either by ADFS or another federation tool.
This is made easier because Office 365 uses widely adopted industry standards for federation and SSO supported by hundreds of identity providers (like Ping) and service providers.
2. Planning for Office 365 and its IAM requirements should stay in lock step.
When businesses consider moving to Office 365, the associated IAM requirements are usually not top of mind. This can leave project managers scrambling. IAM projects can take longer to complete than others because of strict data requirements and time required to move users, to name a few hurdles. Sequencing and timing of steps for both Office 365 and IAM steps is critical. Communication with the IAM team will help keep things running smoothly.
3. Office 365 doesn't include all the security features your business might need.
Microsoft has several security features in the works that haven't been rolled out yet, such as API access to Office 365 logs and data loss prevention capabilities. Gartner says that although Microsoft has increased its number of options for security capabilities, this doesn't mean that ADFS and Azure AD currently provide the right solutions for all organizations.
So what should you do in the meantime? Microsoft sponsors the "Works with Office 365" Identity Program, a set of scenarios, test plans and automated testing tools to confirm compatibility between Office 365 and third party identity providers, with final verification from a Microsoft engineer who personally confirms the IDP functionality. (Ping has qualified for all defined scenarios with no exceptions.)
4. Access to applications may become too easy for mobile users.
Office 365 gives users access to company applications on their mobile devices, so project managers must consider how to authorize users and authenticate devices. Also, check with your compliance officer early in the process to make sure both parties agree on the necessary steps to ensure data security.
5. Expect a faster pace of product improvements.
Microsoft is pulling out all the stops on new capabilities releases with Azure AD. Expect new features to be pre announced and previewed every few weeks, Gartner says. Project leaders will have to stay on their toes, as desired features may become available midway through the project. But if you're waiting for a feature, and an existing product is well suited for your needs, then go with it.
For many organizations, Office 365 may be the first experience they will have with cloud identity integration. Microsoft provides a number of options, and these solutions are often a good starting point, but they might not be able to accommodate moderately complex integration scenarios. When it comes to identity integration, chart your own course and choose the best solutions for your needs.