by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : June 2015
12 GCN JUNE 2015 • GCN.COM IDENTITY MANAGEMENT has been a major focus in security for a long time. In the federal government, that focus stretches at least as far back as the imple- mentation of Homeland Security Presidential Direc- tive 12 in 2005. The Obama administra- tion ratcheted the effort higher in 2012 when it released the National Strat- egy for Trusted Identities in Cyberspace. Strong identity solutions have become even more vital after a rash of high- profile breaches of both public- and private-sector sites last year. An executive order from President Barack Obama, released late last year, re- quires agencies to cut down on identity-related crimes by issuing credentials with stronger security. Identity management will increase in importance when agencies finally start moving more of their IT activities to the cloud. Criti- cal data will stay behind agency firewalls in private clouds, but other services and applications will mi- grate to public clouds. “Extending an organiza- tion’s identity services into the cloud is a necessary prerequisite for strategic use of on-demand comput- ing resources,” according to the Cloud Security Alliance. However, agencies are tightly wedded to their onsite identity and ac- cess management (IAM) systems, which generally use Active Directory and Lightweight Directory Ac- cess Protocol and over time have become shaped by agencies’ individual policies and specific needs. What’s needed is federated identity management for hybrid clouds, which would allow agencies to extend those AD/LDAP systems into the cloud. Cue the rise of identity as a service (IDaaS). The term covers a number of ser- vices needed for an identity ecosystem, such as policy enforcement points, policy decision points, policy access points and related services. Cloud providers such as Microsoft and Amazon already offer cloud-based directories that sync with on-premise systems. Given that cloud computing is projected to become the bulk of IT investments by 2016, Gartner expects full- blown IDaaS to make up a quarter of the total IAM market in 2015, versus just 4 percent in 2011. That change is driving development of new, cloud- based identity solutions. Centrify, for example, already has a fair number of government agencies as customers for its cloud- savvy identity management product, but it recently launched its Centrify Privi- lege Service, which officials claim is the first purely cloud-based, privileged identity management solution. Privileged accounts in particular have become a favorite target of cyberat- tacks because they allow bad guys almost unlimited freedom to roam across an organization’s systems and steal data or disrupt operations. Centrify said its new service offers a way to man- age and secure privileged accounts that legacy IAM cannot do in hybrid IT environments. However, the company does not expect it to be an easy sell in government. Although fears about the security of cloud solutions are easing and budget pressures make the cloud an increasingly attractive solution, agencies are still hesitant to give up key as- sets to the cloud. Centrify’s chief marketing officer, Mark Weiner, said that so far, several agencies have begun playing with CPS to see what it might do for them. Parallel to the growing demand for IDaaS is the use of the phrase “identity is the new perimeter” to describe the brave new world of IT. Again, the phrase has been in circulation for years, but as mobile devices proliferate and the cloud becomes the primary way of delivering apps and ser- vices, the former hard edge of the network is becoming much fuzzier. Single logons that grant users access across soft- edged enterprises will become ubiquitous as agen- cies work toward business efficiency. Making sure the identities used for that ac- cess stay secure will be the key. • The new perimeter and the rise of IDaaS BY BRIAN ROBINSON CYBEREYE Identity management will increase in importance when agencies finally start moving more of their IT activities to the cloud. 0615gcn_012.indd 12 6/4/15 10:28 AM