Wednesday, September 02, 2009

Identity Services, SaaS, and Another Matt

Matt Gardiner over at the CA blog makes some interest points regarding identity services and SaaS. (I'm a new reader of Matt's blog, and want to personally thank him for adding yet another Matt to the list of identity bloggers I have to keep up with. What's up with identity bloggers and the name 'Matt' anyhoo?)

Matt questions the value/feasibility of providing identity services in a Software-as-a-Service format, since there's a difference between apps and infrastructure. Infrastructure, he argues, must be "appropriately integrated into the enterprise premises and processes". He continues to argue that identity services in a SaaS format can't ignore on-premise apps in favor of identities in the cloud, and mentions the traditional concerns around "outsourcing" compliance and security.

Ironically, I had an interesting conversation just yesterday with an industry colleague regarding the exact issues mentioned by Matt, where he presented some new emerging paradigms in the 'Identity as a Service' world, including what he dubbed "Enterprise Looking In" and "Enterprise Looking Out" (more on this in future posts). Here are a few questions/direction for the conversation (more questions than direction)...

  • Let's nail down the definition of 'identity services'. If not for the industry at large, at least for this conversation at hand. In my opinion, a lot hinges on that.
  • Is the notion of 'Identity Services' in a SaaS format an either-or paradigm for on- and off-premise apps?
  • Can technology help blur the internal vs. external line? Does this lead to a new category of infrastructure?
Matt does acknowledge that he sees the opportunity for some areas of identity to be outsourced. Perhaps this conversation could help clarify what areas in specific...

No comments: