Not only since the discussions about the GDPR last year, security and data protection have returned to the attention of both companies and users. Following the trend to move as much as possible to the cloud, there are now again conflicting approaches: The “unclouding”, that is the return from the cloud to on-premise solutions on the one hand or the operation of own systems in IaaS environments (Infrastructure as a Service) on the other.
In the following, I will briefly examine the advantages and disadvantages of these approaches and show how users can operate IT services securely and, most importantly, at their own command. Naturally, the services which users can integrate into their environment from the Univention App Center play an essential role for us.
The Advantages and Disadvantages of SaaS
SaaS (Software as a Service) means that an external service provider offers software along with the required IT infrastructure; the access usually happens via web browser. The advantages for customers are obvious: they save on acquisition and operating costs and do not have to employ qualified IT personnel, who are currently difficult to recruit anyway.
There are, however, also disadvantages to this model – first and foremost a dependency on the service provider and its price model. The data is stored on the servers of the SaaS provider, i.e. in the cloud. As a customer, you have to trust the service provider to handle the data responsibly and that the service remains available in the long term. Ultimately, none of this can really be controlled, and in which data center a service is running is also decided by the SaaS service provider. How do they say again? “There’s no cloud, there’s just other people’s computers.”
The Alternative: Hybrid Environments
Not everything is always just black or white, bad or good – often the solution is in the middle, as is the case with your own cloud strategy. A mixed environment consisting of on-premise infrastructure, private and public cloud combines the advantages of both worlds. The hybrid cloud allows compliance with data protection requirements while maintaining flexibility with publicly accessible cloud applications.
Univention Corporate Server (UCS) provides a centralized identity management and thus integrates cloud services as well as applications of an existing on-premise infrastructure. This makes the system the ideal starting point for a hybrid environment in which you decide which applications run on-premise and which run in the cloud. The management takes place centrally in the Univention Management Console (UMC).
Thus, with UCS you not only have full control over data and processes, but you can also migrate your data from one cloud service to another. This makes you independent of specific vendors. In the Univention App Center there are many apps and connectors available, which you install with a mouse click and then configure conveniently via the Management Console. In this blog article, we present services and applications from our App Center with which “unclouding” becomes successful.
Identity Management and Web Single Sign-on
Microsoft’s cloud-based identity and access management service is called Azure Active Directory (Azure AD). Google’s G Suite also has integrated user and role management. Azure AD and G Suite can be used as identity providers in many other SaaS solutions, with Microsoft focusing more on IdM and Google on applications. Another vendor in this area is Okta. The American company offers a pure IdM with additional services such as SSO (single sign-on).
In the case of Azure AD and G Suite, UCS can take over the identity management upstream. The Microsoft Office 365 Connector provides UCS-managed users with access to Microsoft Office 365 features or associated Microsoft Office Desktop Software licenses. The G Suite Connector provides convenient SSO access to Gmail, Google Docs, Google Drive and Google Calendar for UCS users. Major advantage of the solution with UCS: user identities with information such as real names, passwords and additional details remain with UCS as identity provider and only mandatory information is transferred to the services of Microsoft or Google…… Continue reading the full blog article ….
For more information on Univention please see our web site and contact CustomTech (email info@customtech.com.au or call) to arrange a FREE evaluation and discuss your needs.
(This article is based on the original article by Nico Gulden on the Univention site).