Intel launched a cloud-based password management service on Wednesday that has been tightly integrated with Salesforce.com to give its customers an alternative to on-premise single sign-on software.
Intel released the beta version of Cloud SSO in February. It was tested by 20 companies, Vikas Jain, Intel's director of product management for cloud identity and security, said. In making the service generally available, Intel believes its ready to compete with similar products from Symantec and Symplified.
Cloud SSO provides companies with an online console for selecting the application services that will be made available to each employee. The product has connectors to roughly 50 software-as-a-service (SaaS) accounts. It also comes with a mobile app for issuing onetime passwords for people using an Android or Apple iOS smartphone or tablet.
For customers that want to integrate Cloud SSO with on-premise identity repositories, such as Active Directory and LDAP, Intel provides a component called an "identity bridge," which is deployed on customers' on-premise servers, Jain says. "It connects the enterprise directory with the Intel Cloud SSO service, and all authentication is done against that enterprise repository."
Intel is running Cloud SSO on Force.com, Salesforce.com's platform-as-a-service (PaaS), which third-party developers can use to run their own cloud services. The Intel service, which is listed on Salesforce.com's AppExchange, has been tightly integrated with Salesforce.com applications, Jain said.
Among the companies that tested Cloud SSO with Salesforce.com is Senior Service America, a nonprofit that provides grant money to organizations offering job training for low-income people 55 or older. SSAI uses Salesforce.com to manage dozens of nonprofits receiving money.
SSAI plans to use Cloud SSO to give employees access to other online services after signing in to Salesforce.com. First will be online timesheets through payroll service provider ADP, followed by file-sharing apps from Google or Box, Kamal Elharam, director of SSAI's Information Systems & Technology Department, said.
Employees logging in to Salesforce.com will see a screen with the icons of available apps. Clicking on the app will send the employee to the service after Cloud SSO handles the authentication in the background.
SSAI is a customer of Intel's on-premise single sign-on product, called Expressway Cloud Access 360 The nonprofit decided last June to adopt as many cloud computing services as possible to reduce hardware and software licensing and management costs.
Elharam is hoping to eventually add client organizations to Cloud SSO, so they too can sign on to Salesforce.com and from there go to any application. "Everybody will be logged in through one, single login and from there we can actually control which app they have access to," Elharam said.
Besides integration with Salesforce, Intel has linked Cloud SSO to its own chip-based Identity Protection Technology found in its latest Core processor. The connection eliminates the need for the user to type in the onetime password generated by Cloud SSO when accessing online services, because the cryptographic key stored in the chip authenticates the PC being used.
"You get a hardware assisted second-factor authentication, which is more seamless than having to see a one-time password and typing it into a browser," Jain said.
Cloud SSO has a starting price of $5 per user month, which includes an unlimited number of applications and 24-hour support. Volume discounts are available.
Read more about application security in CSOonline's Application Security section.