CA Identity Manager Identity Delivers IAM To, For & From the Cloud

August 2, 2010

The new CA Identity Manager capabilities extend identity management to cloud applications; it highlights how a customer has leveraged the CA SiteMinder portfolio to control access to its SaaS applications; and it features how CA Technologies is providing IAM as a service from the cloud. It also includes technology integration to streamline Identity Governance processes, and help ensure security policies are followed, and access and entitlements are appropriately granted and certified.

“Our goal is to help organizations leverage the business value of cloud computing as part of their broader, dynamic IT service supply chain. From a security and IAM perspective, we have a three-pronged approach to executing that strategy,” said Bill Mann, senior vice president of Strategy for CA Technologies Security business. “We enable enterprises to extend their existing on-premise IAM systems to encompass cloud applications and services. We provide IAM for cloud providers to secure their services – whether private, public, or hybrid; and we enable IAM services from the cloud.”

Identity and Access Management To, For and From the Cloud

To the cloud: Regardless of whether an application resides within the enterprise or is hosted in the cloud, managing the identities and controlling the access of users to key resources is a critical function for IT organizations that face increasing pressure to cut operating costs while still enabling compliance and productivity. CA Technologies is focused on delivering a single identity management system to manage identities for applications internal to the enterprise and external in the cloud.
CA Identity Manager now supports user provisioning to Google Apps,Google's suite of communication and collaboration tools which includes Gmail and Google Docs, available to businesses, schools, governments and non-profits. Organizations now can automate identity management functions, such as role-based user provisioning and de-provisioning, and self-service access requests, to deliver a single, automated system for managing identities for Google Apps in the cloud, as well as existing in-house applications.
"Large businesses are adopting cloud computing at an increasingly rapid pace, and CA Identity Manager helps them more easily deploy and manage user access to cloud-based applications like Google Apps in an automated and centralized way," said, Scott McMullan, Google Apps partner lead.
This support for Google Apps follows the release in March of a similar capability for salesforce.com’s enterprise cloud computing platform, Force.com, and applications including Sales Cloud 2, Service Cloud 2 and Salesforce Chatter.
“Customers are experiencing massive success with cloud computing and want to extend its benefits to every employee,” said Kendall Collins, chief marketing officer, salesforce.com. “Our work with CA Technologies will help accelerate that adoption by giving customers an efficient way to manage user access and identity in the cloud.”
The new capabilities added to CA Identity Manager for Google Apps and salesforce.com’s enterprise cloud computing offerings are available today. The technology is part of the base code for CA Identity Manager and is available at no additional charge to existing CA Identity Manager customers.
“The train has left the station. Organizations are migrating business-critical applications to the cloud, and efficient identity lifecycle management is mandatory,” said Mark Diodati, research director, Gartner. “Until there are viable and sufficiently-adopted industry standards, successful identity management vendors will need to deliver an integrated and productive solution to manage cloud-based identities.”
For the cloud: Existing IAM solutions from CA Technologies help control users, their access and how they can use information in private, public or hybrid cloud environments. They help deliver the same level of security found within the enterprise addressing needs that include virtualization security, compliance, policy management and more.
MEDecision uses CA SiteMinder, CA Federation Manager and CA SOA Security Manager to control access to its SaaS-based health management applications, including Alineo, a collaborative healthcare management platform for delivering outcome-driven case, disease and utilization management, and Nexalign, MEDecision’s collaborative healthcare decision support service that fosters better payer-patient-physician interactions.
“HIPAA compliance affects what we do every day in support of providing a simple and smart way for our customers to harness the power of knowledge, and to enable the best clinical decisions and improve health outcomes,” said Chris Sharp, director of application development, MEDecision. “The CA SiteMinder portfolio is a critical part of our Web security platform, enabling flexible, but secure access.”
From the cloud: Understanding that some organizations are interested in using a cloud-based service, CA Technologies is working with partners to deliver IAM as a fully managed service that helps strengthen, streamline and simplify how organizations approach identifying, authenticating and granting secure access to on premise and cloud applications and services.

As CA Technologies continues to extend its IAM support to include cloud-based applications, it brings new benefits for organizations. For example, CA Role & Compliance Manager can certify user access for both on-premise and cloud applications which helps meet audit requirements.

Taking that a step further, new integration between CA Role & Compliance Manager and CA Enterprise Log Manager can simplify meeting compliance and audit requirements by streamlining Identity Governance processes to help ensure security policies are followed, and access and entitlements are appropriately granted and certified for both on premise and cloud applications.

The integration provides managers with intelligence and context to improve decision making during identity governance processes. Together, CA Role & Compliance Manager and CA Enterprise Log Manager provide a holistic view of user access - highlighting potential policy violations - and a history of how frequently the user accessed the resource or data. CA Enterprise Log Manager provides the access history to help determine if access rights should be terminated. Although access may seem legitimate based on role, if a user hasn’t accessed the resource in many months, the entitlement may not be necessary or appropriate.