There’s no denying that applications that run in a cloud environment are quickly becoming must-haves for big businesses, but how do you get these apps integrated with your internal security?

There are many ways a customer can integrate Office 365 with their environment, and each method has advantages and disadvantages. The benefit of using Okta is that you can achieve much more with less effort, as well as providing your business or clients with better security.

A cloud identity platform like Okta provides the security you need by integrating your Active Directory Identity Store as the primary authority for users. In practice, leveraging Okta for authentication and integrating Office 365 with their service provides authorization only to the people that need to access the application. Security made simple.

But before we dive into the details of the Okta solution, let’s take a look at some other common solutions that Microsoft makes available with Office 365.

Office 365 provides multiple options to handle user accounts:
– Microsoft Online IDs
– Microsoft Online IDs + DirSync
– Federated IDs + DirSync

Microsoft Online ID is the standard sign-in experience, and is the default and most straight-forward as well. In this scenario, your business would create and manage accounts through the Microsoft Office 365 portal. You would also use the password policies defined in the Azure Active Directory. Leveraging this option could cause an increase in management overhead of user accounts due to the separation from a central authority, such as an internal Active Directory that’s already configured.

There are obvious drawbacks of maintaining a separate user repository through the standard Office 365 configuration, so that’s why Microsoft provides a separate directory synchronization application called DirSynch (see Figure 1). This provides account synchronization from your internal Active Directory to the Office 365 solution. In the end, this helps ease the management of user account directories.

Finally, the third option is to integrate Office 365 with a federated solution, like Okta (see figure 2) or ADFS (see figure 1), for single sign-on of user accounts. This feature was just released this year and will benefit your company if you are using an Identity Provider such as Okta. The Okta solution can be deployed without the footprint of ADFS and can provide account synchronization, federation, and the use of authentication / authorization methods that enable a single sign-on experience for your corporation. The setup for this configuration requires a little more planning in order to complete a successful integration, but it pays off in the long run.

When you look at options for single sign-on, there’s many to choose from. That’s where good planning and design on topics such as user store design, user account groups, and user account life cycle help streamline this process. Federated providers such as Okta or Microsoft ADFS can simplify or complicate the design, so it’s usually a matter of determining which solution fits your needs better.

ICSynergy’s deep technical knowledge upholds best practices with many IAM vendors. We partner with our clients and our software partners, often recommending new functionality that rapidly becomes incorporated in the IAM platform. Common benefits of an IAM solution that we can help your business gain are:
– Security
– Ease of management
– Compliancy and audits
– Single Sign-On (one user account to access all services)

Do you have IAM questions or problems? Not enough time or resources to create a solution? We’d love to hear from you and start on your custom IAM solution today. There’s several different ways to get in touch with us, so pick your favorite and let’s start solving problems today.