Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

7/28/2010
10:26 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symplified Unveils Enhancements To Identity And Access Management Platform

Solution spans both cloud and on-premise user stores

SAN DIEGO, California, Burton Group Catalyst Conference, July 28, 2010 – Symplified, the Cloud security company, today announced a new provisioning fabric for its SinglePoint identity and access management (IAM) solution. These new capabilities – Symplified Sync™, Symplified Identity Vault™ and the SinglePoint Virtual Directory™ – provide centralized, one-to-many capabilities for managing and synchronizing user identities regardless of whether they reside in on-premises IT infrastructures or cloud applications. In addition, the Symplified Identity Vault™ for Google and Salesforce.com transforms these two cloud applications into a cloud directory service for managing user accounts and serving as an authentication mechanism for other applications.

“Cloud computing is forcing a major disruption in identity management, since hosted applications are outside the reach of on-premises identity and access management systems,” said Scott Crawford, Managing Research Director, Security & Risk Management for Enterprise Management Associates (EMA) a leading industry analyst and consulting firm. “Companies with existing directory infrastructures like Active Directory want to ease the adoption of cloud computing if they can do so safely, avoiding additional expense and management burdens wherever possible. Meanwhile, smaller firms that rely on cloud-based resources to run their business are looking for a way to centralize and streamline access management and user account administration. Symplified addresses both of these requirements with their new provisioning capabilities.”

Virtual Directory Spans Enterprise and Cloud Identities

To enable organizations to query multiple identity silos in order to centrally enforce access management policies for all applications, the SinglePoint Virtual Directory unifies on-premises and cloud user repositories. The SinglePoint Virtual Directory provides normalization, attribute mapping, data transformation and support for a wide range of LDAP and RDBMS systems as well as cloud services. For example, this capability would allow a company to enforce access control policies for a web portal of applications using Active Directory for employees, Sun LDAP for partners, and Salesforce.com for customers and prospects. This core integration technology provided by the SinglePoint platform eliminates the need to:

1. Migrate or consolidate existing user stores 2. Write customized code for data exchange between repositories 3. Change underlying schemas to provide a normalized role model across silos

“The one-to-one approach to identity management and user provisioning already places a heavy burden on IT departments within the enterprise network, but it totally breaks down when cloud applications are introduced,” said Eric Olden, Founder and CEO of Symplified. “The new provisioning fabric we have built into SinglePoint provides a one-to-many management model. By integrating with on-premises directories and co-opting cloud application infrastructures like Google and Salesforce.com for identity management we are improving security, user convenience through single sign-on, and eliminating huge management costs associated with user provisioning. We have also introduced the first in-the-cloud alternative to Microsoft Active Directory which enables organizations to cloud-source more of their IT infrastructure, save money and increase service levels.”

Syncing Identities between the Cloud and Active Directory

For organizations that use Microsoft Active Directory, Symplified Sync provides synchronization of user account information, including migration, provisioning, updates, and de-provisioning, for cloud applications. Initially, Google and Salesforce.com are supported, with additional cloud applications to be added over time. Symplified Sync maps user attributes from Microsoft Active Directory to the target application according to established access control policies. Administrators can create, modify or retire accounts once in Microsoft Active Directory and changes are automatically propagated in the cloud application.

Identity Vault Moves Identities and Directories Securely to the Cloud

For companies that rely primarily on cloud applications, lack an on-premises directory infrastructure, or want to move their on-premises directory to the cloud, Symplified Identity Vault™ provides a cloud directory service to securely host identities. Identity Vault sits between the Salesforce.com and Google applications and enables organizations to use these internet-scale and highly available infrastructures as user directories. It eliminates the need for on-premises directory infrastructure with its heavy, complex architecture and ongoing operational expense.

Similarly, Symplified Identity Vault can be used to eliminate identity repository sprawl in the cloud. For example, Symplified Identity Vault can be used to support a partner or customer portal. Instead of creating a standalone user store for the portal, partners/customers can authenticate against the Salesforce.com database which would be used to verify their credentials and grant/deny access requests. Using Symplified Sync in combination with Symplified Identity Vaults provides a simple and rapid way to migrate from on-premises Active Directory infrastructures to cloud-based directories. This solution can be can also be implemented in a hybrid state to support both Active Directory and cloud directories for controlled and gradual migrations.

Availability

Symplified Virtual Directory, Symplified Sync, and Symplified Identity Vault are available immediately from Symplified and on Amazon EC2 via the Symplified Trust Cloud. Monthly subscription pricing is based per user per application.

About Symplified | The Cloud Security Company

Symplified provides the Trust Fabric of the Cloud by enabling companies to extend and enforce identity and access management policies on cloud applications. SinglePoint is available as an on-premises or completely hosted solution, and uses a proven proxy architecture that works without agents or custom code to speed deployment and cut management costs by as much as 80 percent. Symplified Trust Cloud is the only identity and access management solution woven into the fabric of the Amazon EC2 platform and capable of delivering cloud security services on a massively scalable and global basis. Symplified’s management team created Web access management, provisioning, and federation pioneer Securant and the ClearTrust product, which was acquired by RSA Security for $140 million. The company is backed by leading venture capital firms Granite Ventures and Allegis Capital. Symplified is headquartered in Boulder, Colo., with offices in Palo Alto, Calif. Visit us on the Web at www.symplified.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.