This should be the last newsletter to cover events at last month's European Identity Conference. I say "should be" because I think I've finally learned not to ever say "final" again.
I usually try to spend some time with Novell Distinguished Engineer Dale Olds at the conference. This year, though, I only managed a brief nod (at a beer hall) and a quick word while we passed in the hall. I even managed to miss Dale's keynote address. I've known Dale since his early work on Novell's directory products, and my early work writing about directories -- that's 15 years of meeting at conferences (and beer halls). He has a keen insight into the directory and identity space that only long experience can create.
In Munich, his topic was "Follow the Money: How Cloud Providers' Business Needs Drive Enterprise Identity & Security." The key point Dale made, in my mind, was: "Cloud services are pushing enterprises to emphasize identity based security rather than network security." While I hate the sound of the old 90s phrase, this does really identify a paradigm shift in security.
10 things we love/hate about cloud automation tools
You can download Dale's presentation at http://virtualsoul.org/stuff/EIC_Follow_the_Money.pdf.
Olds sees the emergence of identity-as-a-service (IdaaS) as the catalyst: "Cloud providers are increasingly offering identity services -- and becoming identity providers. Identity services provide much needed security, and stickiness. Application marketplaces are a powerful paradigm growing around identity provider hubs."
Dale concluded by noting:
"For years, we have been working on standardizing, implementing, and deploying the identity provider model -- which separates the sources of authentication and identity information from services that use identity information. It is clearly a better model for humans than separate accounts in every service. However, as Jeff Bohren succinctly said, 'Change is hard. Passwords are easy.' More than ever I see trends in cloud computing that are finally providing the business model and incentives for enterprises, SaaS vendors, and cloud providers to move to the identity provider model."
The cloud is a reality. Cloud-based computing is a reality. Platform-as-a-service, application-as-a-service and, yes, identity-as-a-service will soon be as pervasive as client-server computing became in the last century. This will mean fundamental changes in the ways we think about identity and security. Get on that train, or be left at the station.