Businesses, their partners, and their customers face multiple security challenges when moving to the cloud, but Microsoft is providing solutions to mitigate those concerns, the company told partners this week.
The company is planning enhancements to its channel program to make it easier for partners to develop security solutions for cloud computing.
Microsoft, which currently offers its partners the chance to qualify for the Forefront Security for Endpoints competency, in September plans to introduce the Forefront Identity Management competency, said John Thomas, director of worldwide sales for Microsoft's Enterprise Partner Group (EPG). That compentency is for partners who work with Microsoft's Forefront Identity Manager 2010, or FIM, identity management application.
The company in the third quarter also plans to introduce new Practice Accelerators for enterprise identity management with FIM and enterprise federated identity with Active Directory Federated Services, Thomas said. A Practice Accelerator is a set of reusable tools and best practices to help partners identify customer requirements, analyze needs, and deploy solutions. Partners are essential for helping build a trusted cloud platform, said Ward Ralston, director of server and cloud platform outbound marketing at Microsoft.
Cloud owners need to be able to know who is going into their clouds, Ralston told attendees of the Microsoft Worldwide Partner Conference (WPC) in Los Angeles. "That's an opportunity for you to be a trusted advisor," he said.
Microsoft is working to tie its Forefront Identity Manager 2010 application to its Azure public cloud and Office 356 cloud-based office suite as a way to ensure the integrity of cloud solutions, Ralston said.
FIM ties in with Microsoft's Active Directory to provide identity management across a company's databases in order to keep that protection up-to-date as Active Directory information changes, Ralston said. This capability is especially important given that the average organization has eight databases that need protection.
In addition to Active Directory, FIM also works with the Microsoft .NET development environment and its related Microsoft Windows Identity Foundation for development and application security, the soon-to-be-released Windows Azure AppFabric for developing secure applications for the Azure cloud, and the Org ID authentication service, Ralston said.
"I'm not sure our customers realize this," he said.
Microsoft is currently working on a new version, Forefront Identity Manager 2010 R2, which Ralston said is slated to be released in the near future.
New planned features include policy and workflow help to control access to services, two-factor authentication and managed Smart Cards to allow on-premises end-user password reset capability, and increased management, including the ability to automatically create users and groups and add security portals, he said.
"The whole goal here is to ensure the security on on-premises," he said.
Microsoft is also working to integrate a number of services to increase security in cloud environments, Ralston said.
These include integrating Office 365 and Microsoft's Intune centralized PC management application, Windows Server with FIM, Windows Azure and Windows SQL Azure for public clouds, and Windows Server with System Center for managing physical and virtual environments to build Infrastructure-as-a-Service (IaaS) platforms.