Follow me on Twitter @AntonioMaio2

Wednesday, April 22, 2015

SharePoint Fest Washington DC: Synchronizing and Managing Identities between AD On Prem and SharePoint Online

Thanks to everyone that attended my session on April 10 at SharePoint Fest Washington DC.  This session focused on synchronizing and managing identities between Active Directory on premise and SharePoint Online.  This is your base case for a hybrid SharePoint deployment.  This post will provide the presentation shown during the session and some of the information discussed.  I've done some research into some of the great questions that were raised during the session, and my very next post here will deal with those questions.

Some of the most sensitive information in our organizations are our identities - the identities of our employees, our partners and of our clients. With the multitude of online services available and the constant public reports about massive identity thefts, businesses are becoming increasingly concerned with protecting the identities that they manage and the identity information that they store. However, how do you effectively product sensitive identity information when moving a collaboration platform like SharePoint to a cloud provider like Office 365? This can present interesting challenges for how we manage those identities - challenges like single sign on, storing sensitive identity information and identity synchronization. In this session we'll explore some these challenges and provide a detailed walk-through of the capabilities and technologies that Microsoft has built to effectively solve these challenges. These technologies will include Active Directory synchronization to Office 365 as well as federation to provide single sign on.

The full presentation deck can be found here:

The overall benefits of synchronizing on premise identities with Office 365 are:
  • Reduced administration costs - Leveraging your already existing on-premises user and group accounts, eliminates the need to manually manage them in your Azure AD, which removes a costly manual operation from your budget
  • Improved productivity - By automating the process of synchronizing user and group accounts, you can significantly reduce the amount of time it takes to make cloud based services accessible for your employees.
  • Increased security - Automated provisioning and de-provisioning of user and group accounts ensures that only those physical entities have access to your corporate assets that really require it as long as they need it.

Please reach out to me if you have any questions related to this process. Enjoy.

    No comments:

    Post a Comment