Single sign-on is becoming something of a `must have’ for most cloud services, for without it individual users might find they spend more of their working lives signing in to multiple services than they do actually using them. And the more applications and services available to any user, the worse it gets.
For those businesses that use Microsoft applications in the cloud, this can sometime be a particular problem, if only because there are so many applications available to them. If those users are then dealing extremely security-conscious organisations, such as branches of the US Federal Government, getting single sign-on right is going to be, at the least, `helpful’.
This is the target that Xceedium, a Houston-based provider ofprivileged identity management for hybrid-cloud environments, is pitching at. It has decided to add protection for Microsoft applications to its Xsuite identity management product. This now covers Microsoft online services, including Office 365, Exchange, Lync, and SharePoint, and the extension to the platform secures and audits all privileged access to Microsoft online services.
The additional protection for Microsoft online services complements Xsuite’s existing hybrid-cloud security and compliance capabilities. This federates privileged access and provides secure single sign-on to web applications and IT infrastructure running on premise or in the cloud. It enables organisations to enforce fine-grained access controls and to monitor, record, and audit everything privileged users do – regardless of where systems reside.
It combines a set of privileged user controls with unified policy management and enforcement that improve security and streamline compliance tasks. For example, Xsuite enables US federal government and commercial customers to comply with new “insider threat” requirements found in security and privacy mandates such as FISMA, PCI-DSS, and NERC-CIP.
The Microsoft-enabled version of Xsuite offers multi-factor authentication for all access to Microsoft online services – including logical (PIV/CAC) smartcard access to US federal agency systems as required under HSPD-12. IT also include separation of duties for administrative access to Microsoft online services such as Office 365, Exchange, Lync, and SharePoint, and single sign-on to Microsoft online services using federated Active Directory or LDAP credentials. This includes SSO access from multiple Windows, Mac and Unix clients.
The system records privileged user sessions – for comprehensive audit and forensics and to simplify compliance procedures, and can enforce and proxy privileged access to Microsoft online services if that is required.
“Since our initial push into the cloud over two years ago, we continue to address our customer’s rapidly evolving cloud security requirements,” said Glenn Hazard, Chief Executive Officer, Xceedium. “We are delighted to be working with Microsoft to extend Xsuite’s federated identity and privileged user security capabilities to Microsoft online services. This announcement underpins our commitment to delivering a ‘Next Generation’ privileged identity management platform addressing our customers’ security and compliance needs as they transition to new hybrid-cloud enterprises.”