Clouds are BrewingA lot of companies 'doing more with less' have adopted cloud strategies where only on-premise systems used to live. At first - 10 years ago - I was against moving things to someone else to host/serve. Why would I want to give up control of a system or service - the hardware, the software, the management and configuration, not to mention the customization.
My first foray into cloud services was Online Exchange - this pre-dates Office 365 by about 3 years. At first, the thought of me allowing my Sys Admin skills in managing a mail system going stagnant was horrifying. But then the ease of managing a system as complex as Exchange, yet offloading all the technical bluster to a 3rd party was exactly what I needed at this new job I was starting.
Gone were the worries about disaster recovery or day-to-day maintenance that Exchange systems love to produce. If there was a problem, I engaged that 3rd party to find the solution - they became my 1st level of technical support for issues. I could learn to like this. It was providing me more freedom to grow into other areas and focus on the company and not the tools.
Fast forward 10 years and now a lot of companies are adopting a cloud strategy or culture (cloud culture). It allows the offloading of otherwise critical systems that would require multiple administrators to manage/run. My exchange system today consumes over 3.3 TB with 375 active e-mail accounts. It services a global community of sales, services and support folks and remains very accessible and has an up-time around 99.99%. To run that same system on premise, would take a lot of hardware, dedicated storage area network, with replication to a hot site some place, not to mention a full time admin if not two.
How Many Passwords?Now we come to the crux of the article - and that is the disparate nature of cloud systems/services. This new urban sprawled compute environment has one glaring issue. Each system usually has its own set of logins - ways to authenticate and/or password systems specific to that resource. That is until companies like OneLogin or OKTA came around to help extend a single authentication schema that could be used across multiple different platforms, including Atlassian, O365, Salesforce and online ERP systems like Netsuite or Dynamics 365. Again - looking at doing more for our company but with less manpower to do it with. Instead of several different logins I have to remember and onboarding processes, I can now relay upon a single provider to assist with authentication and provisioning of these different systems.
Virtana uses OKTA. They are a very robust provider of authentication services, ranging not only from the actual SAML Authentication process, but multi-factor authentication, automated provisioning/deprovisioning services that ensure the mitigation of user errors.
Fast forward to today and we have deployed this single solution (OKTA) in over 20 different services my team provides for our company. Couple this with employment of multi-factor authentication with rotating keys or SMS verification and we have a fairly robust and stable authentication mechanism.
Now when we are tasked with bringing online a new system (SurveyMonkey or Monday), we first look for the SAML integration points and how we can continue to leverage our single sign on system.