Security Basics mailing list archives

How to securely leverage Microsoft AD for Outsourcing and third party systems authentication.

From: "Serge Vondandamo" <serge.vondandamo () wanadoo fr>
Date: Thu, 11 May 2006 05:41:00 +0200

Hello,

I am trying to define how to leverage Microsoft AD for authentication when
dealing with third party systems and outsourcing. Security concerns and
recommendations are welcome.

Basically, I am focusing on the following points:

1. Hosted applications (third party systems): how to integrate those apps
authentication methods to my internal AD infra and allow my users to use
their AD credentials (SSO) for accessing those apps?

a. Can MS AD speak with third party authentication systems in a secured
manner? How this can be achieved? 

b. Security concerns? What are the recommendations for dealing with those
concerns?

c. what are the industry Best Practices?


2. Outsourcing: when outsourcing part of my systems, how and what to do in
order to allow my users to continue using their AD credentials and access
the outsourced systems (External networks)in a secured manner?

a. Obviously there are numbers of security concerns but what to do if, this
is business requirement and a MUST to do item?

b. what are the industry best practices?

Any thoughts, ideas or concerns are welcome.

Thank you for contribution.

Best regards,
Serge Vondandamo, CISSP, CCNA

Current thread:

Reporting Tools Jaffry, Imran (May 08)
- Re: Reporting Tools Jason Muskat (May 09)
- Re: Reporting Tools Saqib Ali (May 09)
- <Possible follow-ups>
- RE: Reporting Tools Ruiz, Rolando (May 09)
  - Re: Reporting Tools Ozan Ozkara (May 11)
- RE: Reporting Tools Caleb Stephenson (May 09)
- RE: Reporting Tools Eggleston, Mark (May 09)
- Re: Reporting Tools Spencer Hall (May 09)
- RE: Reporting Tools RAMI KHANFER (May 10)
  - How to securely leverage Microsoft AD for Outsourcing and third party systems authentication. Serge Vondandamo (May 11)
- RE: Reporting Tools Sarbjit Singh Gill (May 23)