By Greg Keller Posted February 4, 2016
Terms and jargon are often marketing creations. Catchy acronyms or phrases meant to entice a sale. Nowadays with social media being a loud boombox with a broken volume button, every new made-up term is buzz-worthy. Cloud-based, SaaS, native. Even the term Identity-as-a-Service, or IDaaS, has an ever-changing meaning. Because so many well-meaning individual and organizations have attached their own meaning to the term, it’s unclear what Identity-as-a-Service really means.
Is Identity-as-a-Service a Single Sign-on Solution (SSO), a cloud-based directory service, or a privileged account management solution? Or maybe IDaaS is something else entirely It’s no wonder that IT admins don’t really know what the term means, nor do they know how to define it themselves.
So, let’s hit pause. Better yet, rewind. Instead of caring about what IaaS does, and therefore naming it something catchy to reflect that, let’s consider what it solves. For one IT company, Identity-as-a-Service enables their admins to control user access and tighten security privileges. For another, it centralizes management of all resources, regardless if someone accesses company resources from on-premises or the cloud.
In short, IT organizations should define the term for themselves, based on the value IDaaS offers. Better yet, let’s think about the term as a framework rather than a specific solution:
- Central identity store vs distributed identities – Does your organization think about IDaaS as a central database of identities, or are the identities distributed across various “directories” throughout your organization? Are identities more closely tied to the access an individual needs rather than being across the organization?
- Hosted internally vs. cloud-delivered identities – Is your vision for Identity-as-a-Service to be delivered from the cloud, or is IDaaS hosted internally to your organization? Does it matter for your definition and vision?
- Authoritative identity vs. federated identity – Do you view Identity-as-a-Service as your authoritative identity, or is it an adjunct to your core identity framework? Perhaps your definition of IDaaS is as a conduit rather than the storage mechanism itself. It could be the transport system effectively shuttling identities securely from one directory to another.
To summarize, Identity-as-a-Service can be a useful term for organizations to know and use. By answering the questions above, you can help jump start an important discussion about how to build the right identity framework for your organization. There aren’t any right or wrong answers, but how you think about IDaaS matters. Identity-as-a-Service can be a helpful approach, as long as you can clearly define what that approach is, what it solves, and how it works in your organization.
Contact us if we can help guide your thought process in determining what Identity-as-a-Service means in your organization.