Hello, I am trying to define how to leverage Microsoft AD for authentication when dealing with third party systems and outsourcing. Security concerns and recommendations are welcome.
Basically, I am focusing on the following points: 1. Hosted applications (third party systems): how to integrate those apps authentication methods to my internal AD infra and allow my users to use their AD credentials (SSO) for accessing those apps? a. Can MS AD speak with third party authentication systems in a secured manner? How this can be achieved? b. Security concerns? What are the recommendations for dealing with those concerns? c. what are the industry Best Practices? 2. Outsourcing: when outsourcing part of my systems, how and what to do in order to allow my users to continue using their AD credentials and access the outsourced systems (External networks)in a secured manner? a. Obviously there are numbers of security concerns but what to do if, this is business requirement and a MUST to do item? b. what are the industry best practices? Any thoughts, ideas or concerns are welcome. Thank you for contribution. Best regards, Serge Vondandamo, CISSP, CCNA --------------------------------------------------------------------------- ---------------------------------------------------------------------------
