How to Handle Your

Adobe IDs

Deploying Adobe IDs: Which ID Option Ticks all the Boxes?

Adobe’s license program, the Value Incentive Plan (VIP), applies user IDs to deploy the software and authenticate the user. For this purpose, many companies continue to use named Adobe ID. But a closer look quickly reveals that its actual suitability is limited. The Enterprise IDs or Federated IDs are options that are available as additional, secure options. In this article, our expert provides a detailed description of the differences between the individual ID forms and the steps that are necessary to switch to an enterprise-based ID system.

The system for product activation changed along with the rollout of Adobe Creative Cloud for Teams, a package of all Adobe creative products for the desktop and numerous services as a subscription model. Each user was required to create a named Adobe ID, which unfortunately made the administration of larger license volumes an extremely time-consuming affair. It is also lacking in flexible administration levels and permissions.

Available as an additional option since October 2016, the Creative Cloud for Enterprise offers solutions that address these issues. While remaining identical to Creative Cloud for Teams in regard to the applications and services tied into its features, this iteration nevertheless offers license administrators key advantages such as the additional ID forms for software deployment.

Administration, Data Protection & Workload

But let’s return to the Adobe ID for a moment: If you want to activate a software license for an end user, the person will need to have an Adobe ID. But who creates it? The users themselves or the IT manager in the company or organization?

This question notwithstanding, there is no doubt that the ID belongs to the user, as it is entirely personalized. And it will continue to be theirs, even if they leave the company. Accordingly – in the event that IT neglects to withdraw the end user licenses in good time – it is entirely conceivable that data protection authorities will come knocking on the organization’s door. And even if the license is withdrawn, the user will continue to enjoy access to the cloud storage – forever.

Enterprise ID or Federated ID – alternatives that are available in conjunction with Creative Cloud for Enterprise – offer an effective way of dealing with these issues.

Corporate ownership, security levels and blocking mechanism: The benefits of Enterprise ID

The Enterprise ID provides companies with their own dedicated ID for the first time. Like Adobe ID, it is hosted by Adobe, but 100 percent administrated by the organization’s IT department. The first thing to do if you want to use Enterprise ID is to claim your domains with Adobe. You are then required to confirm that you own controlling rights to these domains by adding a token to the DNS. You can, of course, claim all of the domains in the event that your organization owns several.

But that’s not all. Enterprise ID also supports several security levels and password policies in order to guarantee security. For instance, you can specify that the same password security level applies to all users in your organization. Adobe supports six security levels, whereby you define the minimum number of characters, symbols and numerals, capitals and small letters, validity and the “no previous passwords” feature. There is a blocking mechanism for all accounts, which prevents access to the user’s account if the system registers several failed log-on attempts in quick succession, thus preventing brute force attacks.

Single Sign-on is a Blessing, Switching Issues Can be a Curse

Federated ID takes things a step further by supporting single sign-on (SSO) for the first time. SSO enables secure exchange of authentication information between two parties, namely the service provider (Adobe) and your identity provider (IdP). The service provider sends a request to your IdP, which attempts to authenticate the user. If this is successful, the IdP sends a response message to sign in the user.

What’s more, Adobe’s proprietary sync tool, which is included in this option, allows you to synchronize automatically with the Microsoft Active Directory, matching user groups, product deployments, permissions & co. with the Admin Console without any further ado.

You will also be able to draw on the security levels included in Enterprise ID. But whatever Adobe may be suggesting, it is still not 100 percent SSO. For instance, end users are still required to sign into the Creative Cloud products. That’s why I recommend that before switching to Federated IUD, you check whether this option actually meets your needs.

Once a domain has been registered as Federated, it takes quite a lot of effort to switch to the Enterprise ID. Let’s say your organization wants to give SSO integration a spin: In these cases I recommend that you claim a test domain that you own, provided your organization has an identity provider that includes the identities configured in this test domain. Proceeding in this way will allow you to test integration and familiarize yourself with the procedure of domain claiming and configuration. Another benefit of Federated ID is that home use permissions can be suppressed. Adobe ID allowed every end user to install for home use the applications made available by the employer for professional purposes. Although technically possible, the Adobe End User License Agreement (EULA) does not actually permit this kind of deployment, and the same applies to all other Adobe license programs as well.

If you delete a user in the Adobe Admin Console, the Enterprise ID and the Federated ID assigned to the end user’s ID will be automatically deleted as well after a few workdays, therefore preventing use of the Creative Cloud software and services.

Important Things to Consider When Switching IDs

If you have worked with Adobe ID so far and are now keen to switch to one of the two new options, please take into account the following considerations: The first step if you wish to register as an Enterprise user is to sign up as a new user that is created by the administrator in your organization. A good way of imagining this system is as a separate account that is not the same as the one you are currently using.

The data are linked to a user, and because an enterprise user counts as a new user, the design libraries, fonts, app settings, Adobe color themes and Behance portfolios are not automatically transferred to the account of the Enterprise ID or Federated ID. The data remain in the account assigned to the Adobe ID. So you simply migrate the data between the accounts if you want to access them. As things stand, unfortunately, there is no way round named authentication of the user. All the same, there are technically mature and secure options available for the authentication process. Adobe plans to establish an additional authentication method in the future, which will be largely similar with anonymous deployment. I will certainly keep you up-to-date with developments.

Adobe Creative Cloud for Enterprises

Reageer op dit artikel

Laat een reactie achter om ons te laten weten wat je van dit onderwerp vindt!

Laat een bericht achter


Tobias Hübner

Business Development Manager

Adobe and other graphic and PDF vendors

Related Articles

IBM Cloud Paks

Ontwerp en manage je end-to-end workflows optimaal met AI

Het bieden van een optimale klantervaring staat of valt met de kwaliteit van de processen in je organisatie en de onderlinge afstemming. Want slechte processen kosten veel tijd en geld en zorgen voor frustratie bij klanten én medewerkers. Als…

Zo bescherm je jouw organisatie tegen ransomware aanvallen

Zo bescherm je jouw organisatie tegen ransomware aanvallen

Ransomware is aan de orde van de dag. En we kunnen er vanuit gaan dat deze trend voorlopig nog doorzet. Begon het ooit met een aanval op persoonlijke pc’s die een slechte beveiliging kenden, inmiddels zijn (grote) organisaties steeds vaker…

Op een slimme en laagdrempelige manier automatiseren? Maak gebruik van RPA!

Op een slimme en laagdrempelige manier automatiseren? Maak gebruik van RPA!

Facturen inboeken, inloggen op applicaties, e-mails openen of data van de ene plek naar de andere plek brengen. Bedenk eens welke repetitieve handelingen binnen je bedrijf dagelijks allemaal worden uitgevoerd. Met Robotic Process Automation…