Cloud computing gives universities expanded identity management options.
The IT industry has debated the role of cloud computing ad nauseam. Over the past few years, two armed camps have emerged arguing the perceived benefits and risks of deploying business processes in the cloud.
I’m here to proclaim that the debate is over. While on-premise computing will always serve a function for many organizations, cloud computing has become a viable, secure, and efficient way of managing technology processes that are critical to running an effective business.
This holds true for the world of higher education. At Fischer, we have worked with several major universities to deploy identity management systems via cloud computing. But first, we had to overcome several misconceptions and dispel certain myths about cloud computing among our IT brethren.
This article will explore the nature of each myth and attempt to set the record straight about operating in the cloud. Hence, if you still have doubts or concerns or want to measure fact versus fiction, I invite you to read on.
Myth versus reality
Let’s consider some of the most common myths:
Myth #1: Identity management in the cloud is less secure
Quite the opposite. The cloud is often more secure and, in most cases, offers a more reliable and more scalable facility for higher education institutions. Most information is encrypted in the cloud, whereas when solutions are deployed on-premise, it is not uncommon for sensitive information to remain unencrypted, like administrative credentials coded into scripts or configuration files, and personally-identifiable information.
Myth #2: You have to dramatically change infrastructure to accommodate identity management in the cloud
No infrastructure changes are necessary for a university to take advantage of cloud-based identity management (IdM) services. Integration with existing IT systems can be accomplished seamlessly as if the IdM solution were running on-premise.
Myth #3: Identity management solutions don’t provide security and management of cloud-based applications
While this may be true for some IdM solutions, the right solutions use the same processes and procedures to securely manage cloud-based applications while also managing on-premise applications. They also provide the same abilities to audit, control, and report compliance-related aspects, such as who has access to each resource, eliminating orphan accounts, etc.
Myth #4: Cloud-based identity management solutions are less capable than on-premise solutions
Cloud-based IdM solutions don’t have to be different from on-premise solutions and can deliver the same functionality. However, cloud-based IdM solutions have a business driver making them different. The hosting provider will want to drive down the cost of hosting to take advantage of hardware/software/technical resource consolidation. In order to do so, IdM solutions running in the cloud must have a better design and they must be easier to maintain.
Understanding the myths without an education on the actual risks will not protect any university from security threats that continue to exist. While transitioning to the cloud does not present any unique risks to sensitive university data that do not already exist in an on-premise environment, some common pitfalls include:
Risk #1: Inadequate access control policies
Failure to clearly articulate and enforce department and university-wide IT security policies and procedures creates both internal and external confusion, which can lead to ongoing threats and vulnerabilities.
Risk #2: Lack of education
When students, faculty, and staff are not educated on the “do’s and don’ts” of IT security, they are less likely to take the proper steps to secure their own information. For a CIO and his/her IT department, an uneducated user base can quickly become the university’s worst enemy.
Risk #3: Insider threat
Most data breaches are the result of an internal user (i.e. student, faculty, etc.) with access to sensitive information who unwittingly acts as an accomplice or an enabler to an external threat.
Benefits and opportunities
Once we clear the hurdle of dispelling myths and addressing the potential risks, we dive into the benefits and return on investment (ROI) of transitioning an on-premise solution to the cloud. These will vary by university because it depends on the current systems and security policies already in place as well as the size of the school. However, the following are areas where a university can expect a high return:
Not only do you eliminate the cost of infrastructure, software, and space, but the cloud also reduces the need to hire additional employees to manage an on-premise solution. Software upgrades and ongoing maintenance, which can feasibly take one full-time staff equivalent, are also outsourced in the cloud.
Improve service levels across the campus community by focusing IT resources on student- and staff-facing applications such as Campus Portal and web-access programs, and improving operations.
Transitioning to the cloud often results in improved reporting and visibility into how the solution is being used. This can help IT departments stay current on identity practices, such as who uses identity services, which departments are most frequently changing passwords, and other access patterns.
Service providers are contractually bound to deliver specific results at a specified cost each month or face financial penalties, whereas internal IT departments can be distracted by competing internal projects and unforeseen issues.
Increased visibility and intelligence
Service providers can generally extract greater value from a solution due to their familiarity with the technology and motivation to increase client satisfaction levels. For example, offering detailed and targeted reports uncovers potential bottlenecks in a particular process that can be resolved with an identity management practice.
Gartner predicts a 20 percent CAGR (compound annual growth rate) increase in cloud services through 2014. That represents significant growth but it also indicates that many are still avoiding the cloud for one reason or another. This year, we need to chart a better course so the path to the cloud is well understood and easy to manage. The potential benefits to every university are simply too abundant to ignore.
Andrew Sroka is president and CEO of Fischer International, which helps organizations of all sizes choose identity management solutions.