Identity Management: Get Your Head out of the Cloud

Kelly Strain

cloud

Stormpath customers are experiencing first hand the repercussions of using a multi-tenant cloud hosted API. The company was acquired and users have to get data out, fast. By 8/17/2017 to be exact.

A recent article by ProgrammableWeb discusses the dangers of using third-party APIs, however they fail to mention ways to avoid this danger. The answer is not to stop using cloud APIs, nor is it to only select API’s from tech giants like Amazon, Google or Microsoft. Before choosing your identity and user management provider consider the deployment options.

On-Premise

Despite increasing cloud popularity, many companies still prefer (or require) an on-premise solutions.

Regulatory Requirements

Certain organizations face regulatory requirements that demand an on-premise solution. Regulatory controls and legal requirements vary depending on the industry, but many companies fall into this category. A third-party cloud vendor may not fit the compliance requirements for a particular organization within the finance or pharmaceutical sector.

Control

An on-premise solution can insulate you from issues Stormpath customers are now faced with. By installing the software on your servers (real or cloud-based) you gain control over:

  • User data
  • Access
  • Security
  • Upgrades

If the company shuts down or is acquired, you can likely continue using software since it is running on your servers. If this is not the case, the user data is yours and can easily be removed at your discretion.

Cloud

How do you protect your data? How do you ensure that you are the only one seeing your user data?

Multi-Tenant vs. Single-Tenant

Multi-tenant is an architecture where multiple companies store their data within the same instance. With single-tenant, each company has their own individual instance. With a single-tenant solution you receive maximum privacy. The risk of another business accidentally receiving data that doesn’t belong to them is eliminated. Each customer’s user data is separate and secure.

When considering cloud solutions, it is always important to prepare for the worst-case scenario. You should think about how you will get your data out of the cloud, before you ever put it in there.  In the event of an API shutdown, data recovery is much easier when each customer’s data is isolated in a single-tenant cloud.

Flexible Hosting (with a pitch)

Passport offers on-premise or single tenant cloud hosting. With these options, you have the ability to choose which deployment best meets your business or application needs. In addition, you have the flexibility to change your mind down the road.

Start Migrating from Stormpath to Passport today. Or sign up for a free Passport trial.

Stormpath has been acquired by Okta

Kelly Strain

stormpath

What we know

Stormpath has been acquired by Okta.

  • The Stormpath APIs will remain in service until August 17, 2017 at noon PST. On that date and time, Stormpath APIs will be shut down.
  • The Stormpath SDKs will be in maintenance mode until August 17, 2017 when they will be decommissioned.
  • Stormpath users will be able to migrate their data into Okta, and may also export their Stormpath data to use as desired.

Current Stormpath users must migrate – whether it be to Okta or a different provider altogether. We understand this is a challenge, a challenge you most likely did not see coming in the near future.

You have 6 months to choose a provider that best meets your business needs, export existing users and be up and running with minimal end user disruption. We are here to help. Continue reading

Meetup: Authentication as a Microservice 

Kelly Strain

meetup-authentication

Inversoft’s founder and CEO, Brian Pontarelli, will be speaking on Authentication as a Micro-Service at Code Talent.

Authentication is a core piece of many applications. However, it has traditionally been handled in a monolithic manner. Moving to micro-services means that applications now need to decouple authentication, user management and user data.

What we’ll cover at the meetup:

  • Most common pitfalls of authentication and authorization as a microservice
  • How to break apart your architecture and build services for user management features
  • Portable user identity tokens

Continue reading

Inversoft Named One of the 2016 Hottest Denver Companies!

Kelly Strain

Inversoft has been named a winner of Owler’s 2016 HOT in Denver Award!

Hot in Denver

Each year, Owler recognizes the top trending companies in cities around the world. They filtered through over 15 million companies to find the most award-worthy businesses across 600 cities worldwide. Recipients are chosen based on several different metrics, including number of followers on Owler, insights collected from the community, social media followers, and blog posts over the past year.

“We’ve sorted through our database of millions of contributions from our community and landed on the top trending companies from around the world,” said Jim Fowler, CEO at Owler. “Being Hot In 2016 is an accomplishment to be proud of.”

Our team is exceedingly proud to be named Hot in Denver and represent our strong Denver tech community.

Continue reading

Fake News. What’s really B.S. and how do we get rid of it?

Kelly Strain

fake news

If you have been on the internet this week you are aware of the fake news crisis spiralling out of control. But just in case you missed it, recent headlines read something like this: Facebook is being blamed for Trump’s election, Google and Facebook Take Aim at Fake News Sites, Facebook’s fake news crisis deepens.

With great power comes great responsibility

Facebook has over 1 billion active users who utilize the platform to post, share and comment on news. When Facebook was accused of influencing the election, Zuckerberg was quick to say that was a “pretty crazy idea.” Is it really that crazy? Facebook has become a catalyst for the spread of fake news given the ease of it’s “share” button. Regardless, fake news isn’t going away anytime soon, it will likely worsen and while Facebook has taken steps to limit the sites’ use of their ad networks, there has been no push to eliminate fake news from the News Feed.

This daunting issue is not Facebook’s alone. Any platform that allows user generated content would be wise to get out ahead of this growing problem in order to prevent this spam and protect their brand.  Continue reading