Cloud Access Security

Subscribe to Cloud Access Security: eMailAlertsEmail Alerts
Get Cloud Access Security via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Platinum Group of Companies – a financial services customer wanted to bring Facebook like collaboration and took the route of becoming a Social Enterprise rolling out Salesforce Chatter for all its employees to begin with. Thom Vandenberg, the IT Project Manager, responsible for this strategic project, quickly realized that single sign-on (SSO) of the users into Salesforce Chatter was the key requirement to increase the adoption rate of this application and making this project successful. He also wanted to ensure that the new application adhered to PCI-DSS compliance regulations of strongly authenticating the user. Vandenberg came out with a RFP listing the requirements.


  1.  Desktop to Salesforce Chatter SSO – Once the user logs in to their desktop (Ctrl-Alt-Del), they should be able to click a shortcut on their desktop, which should not only launch the Salesforce Chatter application in the browser, but also single sign-on (SSO) the user into it.
  2. 2-factor authentication into Chatter – To meet PCI-DSS requirements, for certain scenarios, the user would be required to strongly authenticate into Chatter by entering a One Time Password (OTP).
  3. Auto user de-provisioning – When a user leaves the company, their user account in Active Directory is deleted. This event should automatically disable user’s account in Salesforce Chatter to ensure compliance.

The team at Platinum group went through an evaluation process of build Vs buy and decided to go with a commercial product that fills its needs. They went through an extensive vendor selection process, and finally chose Intel Expressway Cloud Access 360 (ECA360). They deployed the solution in production within couple of weeks and already seeing increased usage of Chatter getting closer to their dream of transforming into a Social Enterprise.

How did Intel Cloud Access 360 fill their requirements?

  1. Desktop to Salesforce Chatter SSO – Cloud Access 360 performed SSO at both ends. On the desktop side, it detected the user session integrating with Microsoft Active Directory using Integrated Windows Authentication (IWA). On the Salesforce Chatter side, it used SAML based Federation to SSO the user into Chatter.
  2. 2-factor authentication into Chatter – Cloud Access 360 bundles a soft-token based OTP that the users can self-enroll providing secure access at low cost in a self-service way.
  3. Auto user de-provisioning – Cloud Access 360 bundles a provisioning module that listens on to Active Directory events such as Add/Delete/Modify users, and take actions of provisioning/de-provisioning/sync’ing user profile changes into the Salesforce Chatter application.

We expect many companies to adopt social aspects for improved productivity and transparency, and transform themselves into Social Enterprises of the future, and are happy to help them get there.

For more information: Visit www.intel.com/go/identity

Read the original blog entry...

More Stories By Cloud Access Security

This blog has some of our best blog posts about how Intel is enabling trusted client to cloud access.