By Greg Keller Posted January 6, 2017
As the IT world moves to cloud based services, one area where there has been a lot of activity is in the identity management world.
Traditionally, identity and access management has been delivered via on-prem solutions. IT admins weren’t comfortable with cloud-based identity management systems. Over the last several years that has changed and IT admins are putting together their IDaaS checklist for choosing the right cloud identity platform.
Overview of IDaaS and IAM
Since the IDaaS world has been a moving target, it is important to define what it is. Historically the Identity-as-a-Service market has been about web application single sign-on. The theory went that Microsoft was unstoppable with Active Directory® as the core identity provider for an organization, so there was an opportunity to federate access to web applications.
This approach worked for a number of years, but it isn’t enough now for IT organizations.
With the shift to the cloud, heterogeneous platforms, and mobile workforce, IT organizations are interested in replacing Active Directory with a cloud identity management platform. They want an alternative to Active Directory and that is now being called IDaaS. So now the true meaning of Identity-as-a-Service is far beyond simple web application SSO.
Your IDaaS Checklist:
For those organizations that are looking for a modern IDaaS solution, the question becomes what is on the list of key requirements for a cloud identity platform. For that purpose, we’ve made the checklist below:
✓ Cloud Native
Of course an IDaaS solution needs to be delivered from the cloud, but many vendors are “cloud washing” their legacy, on-prem solutions. A next generation IDaaS solution should be built from the ground up from the cloud and for the cloud. The benefits of a SaaS-delivered solution are tremendous including shifting the installation and maintenance to the third-party provider.
✓ Connect to Mixed Platform Environments
Today’s IT environments are heterogeneous, not homogeneous. Windows was the dominant platform fifteen years ago, but today environments are based on Mac and Linux as well. Active Directory doesn’t make sense when your network is a mixed platform environment and located on-prem and in the cloud.
✓ Support On-Prem & Cloud Applications
IT organizations are chartered with managing applications both on-prem and in the cloud. These applications have different authentication protocols and methods. Cloud applications often use SAML as the protocol while many on-prem applications use LDAP. Whatever the protocol, a modern IDaaS platform must be able to control user access across the applications an organization needs.
✓ Control Access to the WiFi Network
The concept of the domain is largely obsolete. With the move to wireless networks, the idea of authenticating to the network has been lost. When users connected to wired networks they would be granted access to the network via a domain controller. This is also how access should work for wired networks, but unfortunately it doesn’t. IT admins know that WiFi networks pose a security risk and by connecting the WiFi network to the IDaaS platform they are stepping up security.
✓ Deliver Increased Identity Security
The modern cloud identity management platform needs to also increase security with modern techniques. Identity theft and compromises of networks are a significant issue that IT admins face and the number one reason for those breaches is the loss of credentials. As the identity management platform moves to the cloud, there needs to be a significant number of security techniques included. One-way hashing and salting of passwords is critical as is secure communication between all components of the IT network. IT admins should look for the next level of security with their IDaaS platform.
IDaaS Checklist Results
Choosing the right IDaaS platform can be a challenging project for IT admins. As IT organizations make the shift from the legacy, on-prem Active Directory to a cloud identity solution, creating a checklist of the key capabilities necessary for your organization is critical.
If you would like to learn more about creating the right requirements for choosing an IDaaS solution, drop us a note. Or, sign-up for our Directory-as-a-Service platform and see what it can do for your organization. Your first 10 users are free forever.