Cloud Computing

Clouds

 

Many companies today are considering how to move IT - services to the Cloud. The attractiveness of cost and availability is very tempting! For most mature organizations, however, the move to the Cloud will be gradual and cautious. One of the concerns regarding Cloud computing is security. One of the questions is: How can we ensure that we maintain the same demands for password policies in the cloud as we have on-site?

  • A majority of large organizations have password policies like:
  • Minimum number of characters
  •  Complexity of characters
  • Limitations on reuse of passwords (different from the last 13 passwords)
  • Maximum duration typically 3 months
 
Other demands can be placed on the choice of passwords. It is obvious that if an organization decides to move systems and applications to the Cloud, then these requirements cannot be reduced! If anything then the risk for hostile attempts to enter into the applications will be higher, and your protection therefore can’t be lower.
 
 
It is today very limited what kind of password security policies can be applied to user passwords in the Cloud. It is not common today that IT-security managers can implement the same kind of password policies for Clouds as they do for their in-house systems. This will slow or prevent the migration to the Cloud in spite of the strong financial arguments for the Cloud based solutions.
 
 
One suggestion is to integrate the Cloud application’s password into your in-house password model. With FastPass you can synchronize passwords from Active Directory to the user’s password in the cloud. This ensures you that your password policy for the AD also will govern your password in the Cloud as they will be identical.
 
If you have concerns about the password security in the Cloud, then you probably don’t want to have your users’ AD passwords outside your own systems. You can then require from your users that all password changes to the Cloud systems must be done through FastPass Selective password reset. In FastPass you can define password policies for the cloud applications, which users must comply to.
 
 FastPass today offers standard connector for Google applications like Gmail. The solution is intended for companies who make their own corporate domain in Google apps, and control it by their own administrator. When you in FastPass then connect the AD-user to the Google-userid you can decide if you want password synchronization or selective password reset. Link to FastPass Google password reset
 

For other Cloud applications you can use FastPass generic connectors to synchronize to Cloud applications or you can contact FastPass to get a quote for the development of a specialized connector