Probably the best part of my job as CTO of Layer 7 Technologies is having the opportunity to spend time with our customers. They challenge my assumptions, push me for commitments and take me to task for any issues -  but they also flatter the whole Layer 7 team for the many things we do right as a company. And for every good idea I think I have, I probably get two or three great ones out of each and every meeting with the people who use SecureSpan to solve real problems on a daily basis.

All of that is good but I’ve learned that if you add skiing into the mix, it becomes even better. Layer 7 is fortunate to have an excellent partnership with IPT, a very successful IT services company out of Zug, Switzerland. Each year, IPT holds a customer meeting up in Gstaad, which I think surely gives them an unfair advantage over their competitors in countries less naturally blessed. I finally managed to draw the long straw in our company and was able to join my colleagues from IPT at their annual event this January.

Growing up in Vancouver, with Whistler practically looming in my backyard, I learned to ski early and ski well. Or so I thought, until I had to try to keep up with a crew of Swiss who surely were born with skis on their feet. But being challenged is always good and I can say the same for what I learned from my Swiss friends about technology and its impact on the local market.

The Swiss IT market is much more diverse than people from outside of it may think. Yes, there are the famous banks but it is also an interesting microcosm of the greater European market — albeit run with a natural attention to detail and extraordinary efficiency. It’s the different local challenges that shape technology needs and lead to different emphasis.

SOA and Web services are very mature and indeed are pushed to their limits but the API market is still in its very early stages. The informal, wild west character of RESTful services doesn’t seem to resonate in the corridors of power in Zurich. Cloud appears in patches but it is hampered by very real privacy concerns and this, of course, represents a great opportunity. Secure private Clouds are made for this place.

I always find Switzerland very compelling and difficult to leave. Perhaps it’s the miniscule drop of Swiss ancestry I can claim. But more likely it’s just that I think the Swiss have got this life thing all worked out.

Looking forward to going back.

Increasingly, enterprise IT is characterized by SaaS, Cloud, SOA and all sorts of other technologies that bridge organizational boundaries and – consequently – identity domains. When users from various domains have diverse collections of credentials for systems spanning the extended enterprise and Cloud, management and security concerns inevitably arise.

Identity federation is the key to addressing these concerns. A lot of people assume identity federation is the same thing as Single Sign-On (SSO), where a single identity is used to authenticate a user across multiple services, applications and platforms. In fact, SSO is just one piece of the identity federation puzzle, albeit an important one.

Our new white paper, Federated Identity & Single Sign-On Using Layer 7, examines all the key pieces of this puzzle. It takes a detailed overview of the technologies that can be used to merge separate “identity silos” into a centralized, authoritative identity store (SAML, STS, OAuth etc.) It also explains how our products can be used to implement these technologies.

For more information, read Federated Identity & Single Sign-On Using Layer 7

These are exciting times to be working with technologies like mobile and Cloud. In fact, here at Layer 7, 2011 was absolutely the most exciting year ever. Since this time last year, we’ve expanded our product range, been awarded groundbreaking security specifications, gained recognition from leading analyst firms and significantly expanded our customer base.

Specifically, some of the highlights of the year were:

• Gaining recognition from industry experts including Forrester, Gartner and Deloitte
• Being the first vendor in our category to achieve key federal security specifications
• Launching the first fully comprehensive product suite for API management

As we expanded our product range to meet demand for API management, Cloud integration and mobile security, our customer base grew more than 40%, with notable new customers including Adobe, Best Buy, General Motors and MasterCard. At the same time, our staff grew by more than 70 percent – and we’re all looking forward to finding out what 2012 has in store!

For more information, read the press release:
Layer 7 Technologies Announces Record Revenue Growth in 2011

The ongoing explosion in the amount of online information generated by enterprises has created a need for open, distributed access – a way to get at online content that doesn’t require private user credentials to flow freely over the Internet. The OAuth specification has rapidly emerged as the key standard that enables this kind of delegated access.

At Layer 7, we’ve responded with the creation of our OAuth Toolkit, as well as a series of tutorial videos that explain how enterprises can use the Toolkit to simplify OAuth implementation. Now, in response to the overwhelmingly positive response we’ve received to these tutorials, we’ve decided to give them their own section on our Web site.

This section features all of Francois Lascelles’ popular OAuth 2.0 with Layer 7 Gateways series, with expanded notes and commentary. It also includes one or two of my own tutorials. Over time we’ll be adding demonstrations of how Layer 7 enables connectivity to commonly used OAuth implementations at various social and business networks, including Twitter and LinkedIn.

Last week, I posted a video tutorial demonstrating how Layer 7’s OAuth Toolkit makes it possible to use a SecureSpan or CloudSpan Gateway as an OAuth 1.0/1.0a Server and Client. Today, I’m going to follow that up with a tutorial on how a Layer 7 OAuth implementation can be modified to support custom requirements.

The tutorial demonstrates this thorough the addition of a new parameter, which is extracted from transaction metadata and then used to tweak the implementation. Specifically, I create a policy in which the authorization token’s lifespan is shortened if the user comes in from the browser of a mobile device.

The scenarios I’ve presented in these tutorials represent the two biggest strengths of the OAuth Toolkit – adherence to the specification when you need it and flexibility when you need that.  Our customers have taught us that every OAuth implementation is slightly different and our aim is to give them the tools they need to adapt.