• United States



Contributing Writer

Will Google Tip the Scale Toward OpenID?

Mar 16, 20102 mins
Cisco SystemsData and Information SecurityMicrosoft

Google support for OpenID in its Apps Marketplace may be a tipping point

Last week, Google announced that it will support OpenID as a Single Sign-On (SSO) and identity standard in its Apps Marketplace. For the most part, this announcement flew under the radar of most people but it may be far more significant than a simple technology integration play for several reasons:1. OpenID is an industry standard with good but not great support. With Google’s muscle, OpenID may be more widely embraced by other cloud and SaaS providers. 2. OpenID has other user benefits besides SSO. With OpenID, a user can choose which personal information they choose to share. This can help users protect private data.3. OpenID can can provide SSO for the Internet. Google could become an identity broker or leave it to others like PingIdentity to do so. As a result, I can log-on once, go to secure sites, and rely on my identity broker to log me in. This eases log-on for users, eliminates the need to manage and secure multiple passwords, and bolsters security. There are other standard and open source identity efforts like Project Higgins (backed by IBM and Novell) and Microsoft’s recently announced U-Prove technology. Now that Google is on board with OpenID, I hope we can start to merge these efforts and get the most out of each.Internet identity is broken right now and we need a solution. Kudos to Google for recognizing this and supporting OpenID, an industry standard, rather than sending users down yet another proprietary path.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author