I’ve learned a lot about new technology matter as VP of product management for eXpresso. Of particular value to me has been gaining a deep understanding of the peripheral services a SaaS vendor needs to incorporate in order to arrive at the whole product, for example managed hosting, payment processing, analytics, etc. Recently I have been delving into the area of Internet Single-Sign-On (SSO). This is something every SaaS provider should have an action plan for as early on as possible,
especially if the service being offered is business-focused.
Having a standards-based implementation for enabling SSO for partners and customers can accelerate the adoption and increase the revenue potential of your service. There are a number of “standards” making their rounds currently, but the ones that seem to becoming established are SAML and OpenID for SSO and OAuth for API authorization. There are a variety of commercial off-the-shelf products available to help SaaS vendors become compliant with these standards – on the service end as well as on the consumer/identity end (for enabling SaaS customers to become compliant). Some products and services in this domain that I have become familiar with are:
myOneLogin Federation for identity federation, and myOneLogin Secure SSO for End-user Internet SSO. I recently blogged about my discovery of myOneLogin.
There’s another category of web technologies that aggregate access to web apps onto a webtop that use these authentication/authorization standards and technologies. I have become familiar with (and really like) Symantec’s GoEveryWhere offering. Symantec licensed technology from TriCipher to achieve the SSO component of their offering. We had a partnership with them at eXpresso and I wrote about it in this blog posting.
Posts
No comments:
Post a Comment