Pure SaaS Identity Management

Somewhat unrelated to Brightcove, I wanted to quickly note an announcement yesterday from rapidly growing software company PingIdentity (disclosure:  I am a board member of PingID). 

The company announced a partnership with Google wherein Google Apps can now be used as a primary identity to authenticate into dozens of other SaaS applications, all through yet another SaaS application, PingConnect.

For decades, we've thought of our primary work identity as being tied to our corporate networks and PCs.  But as email, file sharing, collaboration, and nearly every facet of business automation and online publishing move into the cloud, it turns out that cloud/saas applications are better at hosting and managing many of these systems.  Identity management is next.

How does this work?

Basically, using industry standards such as SAML, PingConnect operates a sort of secure, hosted, identity-switch that connects an Identity Provider (such as Google Apps) with service providers (SaaS applications like Salesforce.com and SuccessFactors), who then rely on the identities authenticated by the identity provider.  All of this happens in the cloud.

If a new employee starts to work at a company using such a system, they are automatically provisioned and authenticated into all of the 'trusted applications'.  Likewise, if they leave, the company just shuts off their Google Apps account, and they can no longer access any of these external hosted applications.

It's cool and exciting to see PingID bring forward what was a very early vision for the company.  Congrats Andre and team.