One of the biggest problems with the consumerization of IT is scale: There are so many devices, apps and cloud services that IT could never keep up with them all.
Identity management offers a way around this problem, by letting IT focus on users, but the same problem lurks on the horizon: So many vendors are getting into Identity as a Service (IDaaS) that it's hard for IT to keep up.
With that in mind, let's take a look at different IDaaS tools and approaches and what they can do, can't do and could do in the future:
VMware and Citrix Systems make identity management part of their broader application delivery and management strategies. VMware's Horizon Application Manager ties into Active Directory (AD) to control which users can access which apps on which devices, and Citrix's CloudGateway 2 uses AD to support single sign-on (SSO) for application access via Citrix Receiver.
Microsoft, the company behind AD, is of course in on this market as well. Windows Azure Active Directory lets IT control access to Office 365 and apps hosted on Azure, but it's hard not to see this service's potential if Microsoft extends it to other types of applications. As Bromium's Tal Klein wrote on Twitter this week, "If I were Citrix or VMware and saw something like this on the MS roadmap ... I'd give up my Cloud Gateway/Horizon plans."
One vendor that's not enamored by all this focus on AD is Intel, whose CTO Andy Thurai said last week, "Active Directory is no longer sufficient for managing identity." (And nearly half of our readers agreed with him.) Intel now has its own IDaaS offering, Cloud SSO, but it only authenticates to various cloud apps and requires a separate client for AD integration.
And finally, like most technology markets these days, identity management is being consumerized. Take Google, for example: Your Gmail address now gets you access to productivity apps (Google Docs), a social network (Google+), a phone number (Google Voice), your mobile apps (on Android) and much more. Then there's Facebook's social plugins and Twitter's APIs, which let you log in to any number of third-party sites and services. Employees may use these identities for work tasks -- Gmail forwarding, corporate Twitter accounts, etc. -- and IT may want some oversight.
Microsoft's Access Control Service already integrates with Google, Facebook, Windows Live ID and Yahoo, and you can bet other IDaaS offerings will follow suit. The goal of identity management is to help IT get a handle on consumerization, but if a service doesn't touch all aspects of a user's work identity, it will only create more of a mess.