Visibility into who did what enables the enterprise to determine what kind of activities went on in the past and identify compliance and regulatory issues. Beyond identity authentication, open standards are also key for enabling such visibility and security intelligence – analyzing big data to analyze user activities, recognize attacks and anomalies in real time.

However, identifying threats relies on log and event information – for example, which user is doing what, when and from where – which often spans across enterprise and cloud providers. When it comes to interoperability with hybrid clouds, every vendor or cloud provider has their own way to do logs and currently no standard to exchange log information exists.


Open cloud standards have the potential to change that. With interoperable standards, we could communicate across vendors about suspicious activity and what a suspect user is up to – an API driven approach to collect logs that providers can subscribe and feed information to. This is the kind of security innovation that open standards could make a reality, but simply isn’t feasible in proprietary cloud model.

There is more work to be done, but if we continue to embrace standards, the open cloud ecosystem builds out, innovation is enabled, and security improves as the benefits for user identity, authentication and security intelligence are realized.