Tame the Identity Management Monster
Services provided through the cloud are booming — and that growth isn’t expected to slow down any time soon. It started with basic Software as a Service (SaaS). Today, you can get almost anything as a service: monitoring, communications, backup, database administration, desktop, or even your IT infrastructure. As a group, these services fall under the umbrella of what the Open Group consortium refers to as XaaS (Anything as a Service). In this case, “X” doesn’t mark the spot but rather lets you define the service you want — and you’re likely to find it.
XaaS is booming because cloud-based services are cost-effective, can be implemented quickly, and enable user access from anywhere. It should make life so much easier for IT … right?
Well, not really. Although there’s less management of the applications and services involved, you suddenly create a complex IT ecosystem that requires attention, management, and specialized skills. One area in which this complexity can rapidly overwhelm IT is Identity and Access Management (IAM).
The complexity surrounding IAM
IAM can get really complex really quickly. For starters, the environment itself is complex. Users are typically a diverse group of people, including employees, contractors, vendors, partners, and customers — and those users often access applications and data located on numerous local and remote servers.
Using a SaaS solution can add even more complexity for a company. Although SaaS isn’t under the company’s direct control, the company is still responsible for provisioning IAM, with minimal support from the SaaS provider. This complex environment can quickly make IT feel like they are battling the mythical hydra monster; when you cut off one head, two more grow back.
Cutting through the complexity
There are several ways to handle IAM in the cloud, one of which is implementing an in-house federation service. Many companies choose this solution, but it requires specialized equipment and a high degree of ongoing management. In addition, the IT team needs a specialized skillset to implement and manage the federation service.
Another way to handle IAM in the cloud is to use an Identity as a Service (IDaaS) solution. This type of solution integrates well into an XaaS ecosystem and offers benefits such as:
- A smaller on-premises footprint
- No need for the IT team to have highly specialized IAM skills
- Scales well
- An efficient pricing structure
However, not all IDaaS providers are created equal. Here’s what to look for:
- A great match. The provider’s IDaaS solution should completely and seamlessly integrate with all of your company’s applications and systems and include multiple layers of identity verification. The solution should also be able to scale as your company grows.
- The full lifecycle. It should be easy to add access privileges for new users and change the access privileges of existing users (i.e., onboarding). Similarly, it should be easy to remove access privileges when a user leaves the company (i.e., offboarding).
- Simplicity. The IDaaS provider should offer either federated authentication or single sign-on so that your users can use a single set of credentials to access your company’s applications and systems. The single sign-on capability will make your users happy because they won’t have to remember lots of passwords. And IT team members will appreciate how simple it is to manage and monitor user access, making it easier to enforce the creation of strong passwords and detect problems early.
- Direct contact. The IDaaS provider should offer ongoing support, including proactive monitoring 24 hours a day, 365 days a year. In addition, your IT team should have direct access to the help desk and ticketing system.
- Reliability. Ongoing maintenance should also be offered by the IDaaS provider, including reliable backup and recovery services and timely patches and updates.
IDaaS — A Viable Solution
To make business applications and data easier for users to work with, companies are putting their applications and data in the cloud. However, this often increases the need for a secure way to manage user access and identities. An IDaaS solution can keep your business flexible, even as your needs, applications, and systems change.