Debunking Cloud Concerns Over IAM

By Zach DeMeyer Posted October 17, 2019

Chalk-type drawing of a person throwing trash in a waste bin.

As the IT world heads toward an increasingly “cloudy” future, some are tentative about making the jump to the cloud. Well, you’re not crazy for wanting to get rid of on-prem identity and access management (IAM), even if your colleagues may think so. The cloud is changing IT for the better, and here’s why.

Debunking Cloud Concerns Over IAM

There are several concerns that have kept IT admins from adopting the cloud. One that sits at the top of the list for many organizations is the long term costs of cloud services over time compared to that of on-prem options. Security of cloud products is another obvious concern, given the near-daily occurrence of data breaches in the modern newscycle. Adjacently, perceived loss of control and questions about reliability also are concerns for sysadmins. Let’s address all of these concerns.

Cost

Like all parts of a business, IT admins need to make sure that they stick to budget when it comes to building out their stack. And, because the services that IT buys are often used throughout an organization, they need to ensure they choose the best possible options for the  best possible price.

Many cloud offerings today are delivered “as-a-Service,” meaning that they are charged on a subscription basis, usually in monthly or annual installments. A common thought among IT organizations is that, in the long run, these will end up being incredibly costly, making them less appealing than on-prem solutions.

However, on-prem IAM actually ends up being more expensive in the long run. After all, many on-prem solutions still require software licensing fees, which are comparable to SaaS subscriptions. Add on top of that server hardware (which needs to be continually replaced), backups, monitoring / security solutions, plus other assorted tooling, and on-prem equipment can return a sizable bill to foot.

Although they may seem to be a budget burden, cloud solutions have actually shown that they provide tangible benefits to the companies that use them, ultimately improving bottom lines by freeing up capital. SkyHigh reported that businesses taking advantage of productivity-enhancing cloud services grow 19.6% faster than their counterparts that don’t. By using cloud services, the time normally spent implementing on-prem IAM is eliminated by hosted servers and pre-configured applications, allowing organizations more time to work on other critical business processes and ultimately make more money.

Security

In our day and age, identity security is paramount for IT organizations. In IT’s early days, everything existed on-prem and access could be tightly controlled by a domain controller and other security tools. This perimeter of defense helped to serve as the castle moat and walls, surrounding the critical data and users that existed inside.

Of course, with cloud-based solutions, the entirety of a user base and the data they deal with no longer exist solely within the walls of the office. This opens up the potential for bad actors to prey on connections to cloud applications and the like. Additionally, armed with a traditional domain controller, IT organizations have seemingly no control over who has access to which apps, cloud infrastructure, etc. More on that in a second, though.

As it is with all new innovations, companies have simply needed to adapt their security tactics regarding cloud solutions. The zero trust security model is one such reaction that has sprung up to meet security concerns of the cloud era. Zero trust is predicated on the fact that an attack can arise from anywhere, so all network traffic must be monitored and no user can be trusted fully. Tech giant Google® leverages its own implementation of zero trust, dubbed BeyondCorp, to protect its cloud assets and those of the millions who use Google products.

Beyond a shift in mindset, several companies have found that using cloud solutions has actually improved their security posture. In their report, TechJury found that cloud technology is so reliable when it comes to safety that 94% of businesses surveyed reported significant improvements in online security after moving their data to the cloud.

Reliability

Another worry about cloud services is a lack of reliability. After all, if a cloud solution goes down for any reason, only its vendor can stand it back up again, leaving the affected IT organizations to twiddle their thumbs until it’s back online.

In the same TechJury report, their data showed that 80% of companies actually report operational improvements within the first few months of adopting cloud tech. Cloud service providers pride themselves on uptime, and because IT organizations don’t need to worry about the overhead behind the on-prem equipment a cloud service replaces, they have more time to improve other processes.

There are many companies who have put their faith behind cloud services. Of course, Mama always scolded, “If your friends jumped off a cliff, would you?” ⁠— so here’s some more food for thought as you consider your options. Hosting Tribunal collected important statistics about cloud usage:

  • 90% of companies in a recent survey are on the cloud
  • 89% of the companies surveyed use cloud-based SaaS applications
  • The average enterprise uses 1,427 distinct cloud services

Clearly, if your organization decides to trust the reliability of the cloud, you’re in good company.

Loss of Control

Concern about perceived loss of control is a common theme among concerned organizations considering cloud: Because a solution is not on-prem, IT cannot control it. This is simply not the case.

Now, if an organization leverages traditional, on-prem tools for identity and access management, then it will certainly be difficult to manage access to cloud applications and infrastructure that exist outside of the domain. But, for companies that get rid of on-prem equipment such as a traditional directory service, there is a solution to help them control their cloud-based resources.

The solution is a fully cloud-based reimagination of traditional IAM tooling: the cloud directory service. A cloud directory service allows IT organizations to extend their organizations to virtually all IT resources, both cloud and on-prem, regardless of the resource’s location or vendor. 

Beyond that, a cloud directory service allows IT organizations to implement additional security controls, including the framework for a zero trust environment. What’s more, with all of these abilities wrapped up into one centralized solution, IT organizations save money, as well as time.

Migrating Off On-Prem IAM

Of course, once an organization decides to opt for a cloud directory service, the next hurdle is figuring out how to get there. Thankfully, here at JumpCloud®, we have developed a comprehensive solution to help you migrate off on-prem Active Directory® and in to our cloud-based Directory-as-a-Service®.

If you want to learn how you can take the first step, consider scheduling a free personalized JumpCloud demo and see what our cloud directory service has to offer.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts