Channeling the Cloud

Microsoft, Others Eyeing Cloud-Based ID Management

The burgeoning "ID Management as a Service" market represents an important opportunity for IT solutions providers.

The numerous shops running Windows Server and Exchange have relied on Active Directory to manage employee credentials and access control for well more than a decade, but managing authentication is becoming more complex.

It's becoming increasingly common for employees to use their personal devices and systems for work-related purposes. Likewise, the proliferation of cloud storage and Software-as-a-Service (SaaS) applications is taking a good amount of control from businesses and creating huge risks from a security and data loss perspective. The need to make it easier to manage end-user systems is why managed services providers (MSPs) delivering remote monitoring and management services are thriving.

For those who don't want to use MSPs, the market for enterprise mobility management (EMM) is flourishing, too, but it is also consolidating. VMware snapped up AirWatch last year for $1.54 billion, IBM bought Fiberlink and BlackBerry added to its own mobile device management (MDM) offerings last month by acquiring Good Technology.

All of these companies see a huge opportunity in managing mobile devices, and many see federated identity management as core to ensuring that access to all systems can be granted and revoked in a unified and simple way.

That's why Microsoft COO Kevin Turner at the recent Worldwide Partner Conference in Orlando identified the company's own Enterprise Mobility Suite (which includes Azure Active Directory [or Azure AD], Intune and Azure Rights Management) as one of its next $1 billion products. Active Directory is used by 90 percent of enterprises to manage access controls and authentication to networks. Successfully bringing Active Directory from on-premises Windows Servers and Exchange over to Azure AD is a priority for Microsoft. Though Azure AD is the underlying directory for Office 365, keeping all those user identities in the Microsoft platform isn't a slam dunk, as reported in the October 2015 cover story in sister publication Redmond magazine.

The new VMware Identity Manager is now coming to AirWatch, and a slew of Identity Management-as-a-Service (IDMaaS) vendors believe they have offerings that can be a better source of single sign-on than Azure AD, either by overlaying it or, in a handful of cases, supplanting it.

The market for EMM and IDMaaS is still relatively young. There are still many IDMaaS providers including Centrify, Okta, OneLogin, Ping Identity and Sailpoint that tout their independence from the larger players. Most predict there'll be a shakeout. Just as some MDM vendors have added IDMaaS capabilities, IDMaaS providers are adding MDM features. Microsoft argues that with its EMS service -- and Azure AD Premium in particular -- organizations shouldn't need any of those solutions.

There are 14 million EMS customers as of July, for which most subscriptions were sold directly to large enterprises, according to Alex Simmons, Microsoft's senior director for Active Directory. But Simmons said Microsoft opened up distribution to partners in April, though the feature-set of EMS is still targeted at organizations with at least 500 employees.

Whether you favor Microsoft's EMS or third-party alternatives for your clients, IDMaaS represents an important opportunity for IT solutions providers.

More Columns by Jeff Schwartz:

About the Author

Jeffrey Schwartz is editor of Redmond magazine and also covers cloud computing for Virtualization Review's Cloud Report. In addition, he writes the Channeling the Cloud column for Redmond Channel Partner. Follow him on Twitter @JeffreySchwartz.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.