Identity and Authentication
Identity management is the core of security in the cloud. A user’s identity determines to which resources that user has access, and the identity management system prevents unauthorized access where appropriate, protecting enterprise resources. Innovo Networks can set up multi-tenant backup storage in Microsoft Azure in just a few minutes.
At Innovo Networks, identity management is handled by Azure Active Directory, based upon the industry standard Active Directory family of products. You can use Azure Active Directory to authenticate users to cloud applications, synchronizing with and federating to an on-premises Active Directory such that enterprise users can take advantage of single sign-on (SSO) to access both on-premises and cloud applications
Using the OAuth/OpenID protocol, you can optionally turn on other forms of identity with Azure Activity Directory. For example, Azure Activity Directory supports Facebook, Google, Yahoo, and Microsoft Accounts as identity providers, and you can grant each of these varying levels of access.
In addition, you can integrate a wide variety of SaaS applications (such as SalesForce.com and many others) with Azure Active Directory. In addition, Azure Multi-Factor Authentication ensures compliance with NIST 800-63 Level 3, HIPPAA, PCI DSS, and other regulatory requirements.
Finally, Azure Active Directory supports two-factor authentication for rigorous identity management. Typically, a user first authenticates by using conventional credentials such as username/password, and then uses a physical device such as a smartphone or smartcard to complete the authentication process. You can configure Azure Active Directory to call a smartphone and request a PIN or request a badge be read, or perform a biometric authentication (for example, fingerprint).
It has been said that identity management is at the core of the cloud because this controls access to its compute and data resources. With this in mind, you should consider the following:
- Federating your on-premises Active Directory to Azure Active Directory to turn on SSO for cloud applications
- Turning on consumer authentication mechanisms for certain types of access (such as e-commerce customers) to your cloud applications
- Implementing two-factor authentication for the most rigorous authentication requirements