Security Experts:

Salesforce Promises "Facebook-like" Identity Service for Enterprises

Salesforce.com unveiled a new identity management to bring "Facebook-like" identity platform to the enterprise.

Identity offers federation and user provisioning to customers that can be used across all Salesforce products, third-party cloud services, and mobile applications, the company announced Wednesday at its Dreamforce conference in San Francisco. Enterprises will be able to implement single-sign-on across multiple sites to reduce the number of usernames and passwords, much like the way Facebook offers a single login scheme for sites in its ecosystem, according to Salesforce.

Salesforce IdentitySalesforce Identity will be pre-integrated across many services, so users can easily access external applications with the Salesforce credentials. IT administrators will be able to centrally manage all every cloud service and applications being used within the enterprise within Salesforce. They will also be able to provision users from within the cloud service.

The new service, first discussed by Salesforce CEO Marc Benioff at Disrupt San Francisco a little over a week ago, is intended to be a "single, social, trusted identity service across all enterprise" applications, the company said.

Identity will also be able to grab relevant data from the external cloud and mobile applications in a single feed and push it into Chatter, the social networking platform from Salesforce.

"By delivering identity services that are woven into business apps, customers no longer have to manage identity in isolation and users are free from creating unique log-ins for the growing list of business apps they use," said Ian Glazer, research vice president at Gartner.

Salesforce.com isn't thinking about identity in isolation, or deploying identity in isolation, Glazer wrote in the Gartner blog on Wednesday. Salesforce.com is offering identity services within the context of PaaS, making it easier to work with. Identity and access management need to be delivered as part of something business and IT as a whole cares about to be successful, Glazer said.

"Become a Salesforce customer and you get identity, not as a side dish added in for free, but something baked right into the applications," Glazer said.

Identity management services that offer single-sign-on across multiple services has several players in the space, including Okta and Ping Identity. Both have staked their claim on making it easier for enterprises to link multiple cloud applications with a single password.

Salesforce.com took the standards-based approach for Identity, supporting SAML 1.1 and 2.0, OAuth, OpenOD Connect, and SCIM for authentication. This will make integrating Salesforce Identity to on-premise identity infrastructure and other bridge platforms "far easier," Glazer said.

"Companies can now deliver a single identity within the context of every business app – a big win for both business users and IT administrators," Glazer said.

Salesforce Identity is scheduled for general availability next year and pricing will be announced at that time, according to Salesforce.

Fahmida Y. Rashid is a contributing writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.