Beyond Office 365: Building a Global SaaS Identity Strategy


If you are considering deploying Microsoft Office 365, you’re probably thinking about the challenges of managing user identities in the cloud. For many organizations, Office 365 represents their first “official” SaaS application and will likely pave the way for larger SaaS investments down the road.If you haven’t already, now is the time to think about the systems you need to support a global SaaS identity strategy.

A global SaaS identity strategy has two key components: authentication – or the process of confirming that users are who they say they are – and authorization – or determining what users are allowed to do after they log in. Put another way, you might have a valid passport (authentication), but you can’t board a flight without a ticket (authorization).

As more SaaS apps find their way into the workplace, the more authentication and authorization challenges you will face. Without an overarching strategy, you’ll need to address these challenges with every new SaaS provider – hardly a recipe for success. Here are five drivers that prompt many organizations to think beyond Office 365 and create a global SaaS identity strategy:

  • Cost reduction. Handling identity on an individual basis with each SaaS app is complex, time-consuming and costly. A global identity strategy not only prevents costly data leakage but also lets you quickly and securely deploy new SaaS apps across your organization.
  • User productivity. A centralized identity strategy allows end users to quickly access apps without remembering multiple passwords. They simply log in via Active Directory (AD) using their standard network login. Single sign-on can be a boon to SaaS management because it encourages lines of business to engage with IT to make sure their SaaS apps are accessible in the same fashion.
  • Security and compliance. If you deploy multiple SaaS apps, it’s critical to know which apps are being used and by whom. This insight allows you to validate that the right users have access to the right apps (and that you’re not paying for applications people aren’t using). This information also helps you remain compliant, since tight access controls prevent sensitive data from falling into the wrong hands.
  • Managing external identities. Allowing customers and partners to access web applications and portals such as CRM or SharePoint has many benefits. But trying to manage a separate set of credentials for external users and governing access to these various web applications can quickly become complex and cumbersome.

In developing your global SaaS identity strategy, consider all external users and determine what information they should be allowed to access. Since external users typically aren’t in your AD, IT must find a way to authenticate before you share your data. Google ID, Facebook and Windows Live ID are three public identity providers that can be used to authenticate external users. With a solution like Softchoice Cloud, it becomes possible to combine external users who are authenticating in this way with internal users who authenticate with AD.

  • Mobile Identity quickly becomes a challenge as organizations embrace the ‘consumerization’ of IT for their users and look to connect to customers and partners in new ways.  Secure mobile authentication and application access should be a key consideration in any SaaS identity strategy

A recent Softchoice study found that 55% of users run SaaS applications on their corporate devices.

By design, SaaS applications are simple for people to acquire and use. This makes your users’ lives easier, but those same applications could also cause compliance issues or expose important company data. Given this evolving landscape, identity management is no longer just about Office 365. It needs to be about your SaaS strategy for the next three to five years.

Related Posts

About Mack Ratcliffe

Mack is Softchoice's SaaS Practice Lead. He is responsible for setting technical strategy and direction for Softchoice’s SaaS business and developing managed services for Microsoft Office 365 and Azure platforms. For fun, Mack enjoys traveling, live music, golfing, snowboarding, and surfing in Southern California.