In the 1980s and 1990s the Local Area Network (LAN) powered business applications that were not yet mission critical, served a well defined set of users, and were available only behind the company firewall.

As SaaS adoption accelerated in the 2000’s IT began transforming from managing applications and data residing within the castle or firewall, to managing services subscribed to and accessed from the cloud. As a result, the Local Area Network of the 90’s has given way to the Cloud Services Network of today.

Unlike a LAN, a Cloud Services Network powers a federated collection of on demand services, provided by a variety of vendors, for a set of highly distributed users, and all in a business environment where IT services are mission-critical systems that must be available from anywhere at any time.

“Cloud First” IT organizations must re-think their approach to adopting, deploying, securing and managing services in their Cloud Services Network and what the impact is to IT, end-users, and the business.

The on-demand applications and services that make up a Cloud Services Network enable companies to rapidly deploy powerful capabilities to a broad set of users at very low costs, but this very accessibility introduces a new set of challenges.

Controlling User Access

Controlling who is granted access to which applications and data becomes a real challenge when users can get access from any browser, at any time, from any place. This situation is exacerbated with SaaS as IT is often not involved in the purchasing process and business users tend to prioritize immediate business needs ahead of those of information security.

Password Fatigue

Every SaaS application has different password requirements and expiration cycles. So, multiply the variety of password requirements by the password reset timing variations and you have productivity loss and frustrated users trying to reset, remember, and manage these constantly changing passwords and URLs across a set of applications. This “password fatigue” results in increased security risk as users resort to using obvious or reused passwords written down on Post-It notes or saved in Excel spreadsheets.

Collaborative Administration

Each new cloud application has a unique user administration model and management of the application is typically shared between IT and the responsible business unit.

As new applications are added to the Cloud Services Network, IT needs one consistent way to manage a common set of administrative tasks such as user and access management across multiple applications, while still providing the business unit with the oversight and control of the application they need to keep their employees productive.

Directory Integration

SaaS applications were developed with their own user directories so that they could adequately control direct access to their service. In the majority of enterprises, Microsoft’s Active Directory (AD) is the user directory that governs access to core IT systems behind the firewall.

In a Cloud Services Network, independent user directories cause complication and pain — for both IT and end users. Users have to remember passwords for their Windows network, and each SaaS app. IT has to manage user accounts in Active Directory, the SaaS applications, and is challenged with mapping AD users to the corresponding accounts in the SaaS applications.

IT needs a single integration with Active Directory that is synchronized and federated with all of the SaaS applications in their Cloud Services Network.

Tracking Utilization and Compliance

Cloud computing and SaaS applications have fundamentally changed the role IT serves within the business. In order to move into a more proactive relationship with the business, IT needs to deliver value above and beyond integrating and managing systems after they are purchased.

To ensure the best ROI for the business, IT must develop a real understanding of actual SaaS usage and utilization as it compares to the level of usage the business is currently subscribed to.

In addition, with increasing regulatory scrutiny, it’s critical that IT is able to meet their compliance pressures and constantly monitor which end-users have access to which SaaS systems and with what privileges.

Okta was founded to develop and deliver enterprises the capabilities they need to manage the transition to a cloud first infrastructure — something that we believe is foundational to the future of corporate IT.

Even companies that are using just one or two cloud applications need to start thinking about their networks in new ways. They need to start moving beyond the behind-the-firewall focus, leveraging legacy domain controllers, directories, firewalls and vpn technologies.

Enterprises that have moved beyond initial SaaS deployments and into broad cloud application adoption also require a solution to help them adopt, deploy, secure and manage these services. That solution should itself be built from the ground up as a highly reliable, scalable, secure, on-demand service.

Okta is that service.

Our initial offering is an on-demand identity and access management service that enables enterprises to accelerate the secure adoption of their web based applications, both in the cloud and behind the firewall. A complete, turn-key solution, it addresses the needs of IT, end-users, and business leaders across the company providing:

• Users: single sign-on across all of their applications
• IT: secure, integrated user management across people and applications
• Executives: reporting and analytics to help maximize ROI and minimize risk

Managing identities across SaaS applications is a big problem for IT organizations that are adopting cloud apps today and one we are excited to solve. What excites us even more is listening to those customers and together defining and building the core set of on-demand services that will unlock the potential of the cloud for enterprises everywhere.