Cloud based application are going mainstream and challenging desktop applications. As heard from Merit Medical on this week’s Peer Incite call, Web-based applications have a compelling cost and collaboration value. And Security-as-a-Service, otherwise known as managed security services, are growing in popularity and use at a pace equal to that of other Cloud apps - using security services in the Cloud to secure important workloads in the Cloud.
The opportunity for vendors in the Cloud ecosystem is to provide security, access control, and management. Those that can support open APIs and standards such as SAML (Security Assertion Markup Language) from OASIS – which allows for Web-based single-sign-on (SSO) – will increase the adoption of this trend. However, today only about 10% of SaaS based offerings support SAML, with the balance relying on SSL over HTTP as the method of transporting user and service authentication and authorization information between the client and the services. SPML, also from OASIS, for service provisioning over the Web, has had an even lower take-up since its introduction five years ago. The Wikibon community believes that what is today a bunch of acronyms and buzzwords will become fundamental components of service-based offerings. As the ecosystem matures, application management, data protection, and archiving offerings are all candidates to move to the Cloud.
Action Item: Cloud-based solutions are here to stay. Practitioners should pursue options that extend internal SSO to Web-based offerings that allow the increasingly mobile workforce to collaborate. Vendors should focus on ease of use for management consoles and solutions that provide automation for authentication and authorization.