By Greg Keller Posted March 17, 2017
Identity management solutions are some of the hottest products in the IT world. There’s a confluence of events coming together to make the market so active. On the negative side, identity theft and company security breaches are at all-time highs. On the positive side, IT admins can integrate a number of disparate systems to create a central identity management platform. The challenge in this complicated market is how to create a checklist for a cloud identity management solution.
The Evolution of Identity Management
The identity and access management market used to be pretty simple. IT admins would leverage the Microsoft Active Directory® platform. Their IT networks were predominantly Microsoft Windows based and also on-prem. The choice to manage user accounts on those systems was straightforward – you used the Microsoft toolset, namely AD.
That process started to change over time. IT organizations introduced other platforms and providers to the mix. Mac and Linux devices started to become more popular. AWS picked up a great deal of steam, and organizations shifted their on-prem or leased data centers to the cloud. Web applications became far easier to leverage than on-prem applications. Wired LANs gave way to wireless networks. All of these changes put a great deal of pressure on Active Directory, the core identity provider of the time.
Requirements for a Cloud Identity Management Checklist
A new generation of technology emerged. Initially, these solutions called IDaaS were just dealing with web applications and connected AD identities to those cloud apps. That worked for a few years, but then cloud identity management platforms decided to go further. With all of the changes occurring in the market, the concept became to reimagine Active Directory and OpenLDAP for the cloud era. In order to replace Active Directory, there are a number of requirements for a cloud identity management platform.
Central User Management System
Provisioning, deprovisioning, and modification of user access should be handled from one central web console. IT admins should also have the ability to seamlessly integrate G Suite or Microsoft Office 365 with the cloud identity provider.
True Single Sign-On™
End users should be able to connect to just about any IT resource they need to access, including their systems, applications, and networks.
Many IT systems are authenticated via LDAP, so a system that federates identities via LDAP is critical. LDAP is still one of the most important authentication protocols on the market.
While the domain controller is no longer as relevant, providing authenticated access to the wireless network is a critical step-up in security. Outsourcing the heavy lifting of implementing and managing unique access to the WiFi network means that IT admins save tremendous time. As a result, they can integrate more components of their cloud IAM strategy together.
While AD helped manage Windows devices, modern cloud identity management solutions need to manage a mixed-platform environment. Windows is no longer the dominant OS in an organization. Since Mac and Linux machines have made significant inroads, IT admins need to be able to centrally manage all three major platforms.
MFA & Other Security
With identity breaches occurring just about every day, any cloud identity management platform must dramatically step-up security for the organization. Multi-factor authentication is a critical measure for protecting user identities. One-way hashing and salting of all passwords is another. Managing SSH keys (and leveraging them wherever possible) is also vital.
Event and Audit Logging
Being able to audit the access to your IT resources is an important part of the cloud identity management platform. Auditors and security personnel leverage the data from the cloud IAM solution for compliance activities, which helps determine whether there are any security issues.
How Does Your Identity & Access Management Check Out?
Each of these areas is an important part of the checklist for a cloud identity management solution. If you would like to learn more about these requirements and what solutions could help you solve these problems, drop us a note. Also, please sign up for a free account and give our cloud identity management platform a try for yourself. Your first 10 users are free forever.