Why Cloud Identity Management Should be a Priority
Over the last year, 38% of organizations have made shifting to the public cloud their top priority. Many have started by migrating email, productivity software, and web hosting, and this is where a majority of 2019 IT budgets are expected to be spent as well. What about the IT management tools used to manage users access to these cloud resources on a daily basis, like cloud identity management for instance? Well, it’s not a top priority. Only 6% of cloud IT budgets for 2019 are going towards IT management. If organizations plan to experience the agility, efficiency, and security gains the cloud has to offer, this is ill-advised. They need to consider why cloud identity management should be a priority as they continue to execute on their cloud strategy.
The Centrality of Identity
The identity sits at the center of all work that happens at an organization. The role of an identity management solution is to securely connect end users to the systems, apps, file storage, and networks they require to do their job. When the right identity provider is in place, IT admins can automate most of their user and system management. This creates more consistency and gives sysadmins more time for higher value tasks.
At the same time, end users gain frictionless access to their digital tools. For example, the average user takes 14 seconds to type a password. When centralized identity management is in place, users only have one password to deal with.
When identity management isn’t in place, a single user is left with:
What does this add up to for a 50 person company over the course of a year?
That’s a ton of time spent on typing credentials. On top of that, 76% of employees regularly experience password problems. Also, if 76% of employees regularly experience password problems, that means IT spends a lot of time helping users reset their passwords. In fact, about 20 – 50% of IT support tickets are password resets.
This is just one example of how an identity management solution sits at the epicenter of day-to-day work life of both IT admins and end users. It’s why cloud identity management should be a priority as IT organizations migrate to the cloud. In this cloud-forward era, though, IT admins can’t utilize just any identity provider. They need to be strategic about which solution they place at the hub of their organization.
Why Cloud Identity Management?
So, why should IT admins consider a cloud identity provider (IdP) over a traditional identity and access management (IAM) solution? Well, first, it enables them to go all cloud and fully take advantage of the efficiency, agility, and cost savings the cloud has to offer. Next, legacy identity providers weren’t built for the heterogeneous IT landscape that has enterprises deploying Macs in the 1000’s, Linux running 90% of the public cloud, and companies paying for 20+ SaaS applications on average. Traditional IAM solutions were created for on-prem homogeneous environments.
So, it makes sense that the diversity of IT systems and technology was one of the top challenges in managing IT infrastructure for 47% of participants in a Ponemon study.
Conversely, cloud identity management doesn’t require any on-prem hardware or software, so organizations can truly go all cloud. It also inherently supports legacy and web-based applications, physical and virtual file storage, wired and wireless networks, and Mac, Linux, and Windows systems. This lends itself well to IT organizations who are looking to optimize user and system management, improve the end user workflow, strengthen security, and use the best tools available. It’s why cloud identity management should be a priority.
The Impact of Prioritizing Cloud IAM
A platform-agnostic, provider-independent IAM solution with a multi-protocol approach means organizations (and their employees) will have more choices. Instead of being limited to specific protocols and platforms, they can leverage whatever IT resources that make the most business sense for them. This was imperative for Cabify, a cloud-forward transportation network company that grew over 3000% in the last two years. They’ve grown “so fast in so little time that [they] outgrew the standards [they] had in place, and some never had time to be in effect”. One standard they lacked was centralized user and system management. They had considered Microsoft® Active Directory®, but about 80% of their PCs use Windows Home Edition. In order to use Active Directory, they would have “had to upgrade about 1,500 PCs to Windows Pro. At about $80 per system, the sheer cost of that made it impossible to go with Active Directory.”
After all, would it really have made sense to spend $120,000 on upgrading a Windows operating system solely because the directory service didn’t support it? Cabify didn’t think so.
Furthermore, Cabify works in a “heterogeneous environment. [They] use Mac and Linux in addition to Windows, and Active Directory doesn’t work well with either of them.” So it really didn’t make sense for Cabify to spend so much money on adapting their environment to the identity provider, to only have it manage part of their environment. It would have been like “…putting a big dinosaur in the middle of the room…”, and a really expensive dinosaur at that. What they needed instead, was an IAM solution that could adapt to their environment and navigate change with ease. Cloud identity management is doing just that by “paving the way” for Cabify to accomplish their IT vision.
A cloud IAM solution that supports systems, applications, file storage, and networks regardless of protocol, platform, provider, and location is a powerful IT management tool. It centralizes user access to virtually all IT resources, thereby eliminating ad hoc processes. Cloud IAM was certainly the powerful tool Doublestruck needed to Make Work Happen™ for their sysadmins and end users. Before the London based education tech innovator implemented a cloud IdP:
“They were really feeling the pain of having a bunch of systems all set up different ways for different users. [Their] end users were feeling that pain too.”
As soon as they implemented a cloud identity provider and centralized everything, “identity and access management got much easier. [For starters] users have the same password for everything.” Consequently, users aren’t forgetting their password, so they’re submitting fewer support tickets related to password resets. In the event a user does forget it, they can easily reset it themselves. With the reduction in password resets alone, Doublestruck IT admins have been able to focus more of their time on “building new infrastructure and resources for the company rather than keeping access up to date.” Even more importantly, it has “enabled end users to avoid lockout delays,” allowing them to seamlessly access their IT resources day in and day out.
An IDG survey discovered 52% of participants expected their security budgets to increase in 2018. What are organizations using their security budgets for?
Making cloud identity management a priority can help with both security factors. A cloud identity provider enables IT admins to centrally enforce identity security best practices with features such as Password Complexity Management, Multi Factor Authentication, and SSH key authentication. Additionally, IT admins can use IAM to lock down systems in their environment using security policies, which can remotely disable USB drives or require Full Disk Encryption.
When Cabify set out to standardize identity management, elevating security best practices was a key objective. In the past, “everyone [in Cabify] was logging on to their systems using local accounts. Some of them were generic, and there were no sufficient tools to enforce password security… With [a cloud identity management solution], they’ve been able to clean that up, and it’s been huge for [Cabify] to move users away from using local accounts on their Windows and Mac systems.”
“ [Cabify’s IT] environment is much more secure, especially now that they can enforce the password standards that they want.”
Enforcing security best practices often goes hand in hand with meeting compliance regulations. This was certainly the case for Doublestruck and their need to prepare for GDPR compliance. “One of the big rules that [Doublestruck] must follow for GDPR is to have a way to say who has access to what data at what time. [Doublestruck’s] old setup had so many accounts being shared” it would have almost been impossible to do that. However, implementing a cloud identity management solution allowed them to fix that. They were able to “separate out all of [the] user accounts. By the time GDPR came around” Doublestruck was prepared, and “[they] can’t think of any organization that wouldn’t benefit” from a cloud identity provider.
Cabify and Doublestruck were not alone in experiencing such positive gains. Over 50,000 organizations are prospering thanks to having choice, efficiency and security, and it all began with making cloud identity management a priority.
Ready to see the impact of prioritizing cloud IAM in your environment? In a few clicks, you can be on your way to a more agile, productive, and secure IT environment. Sign up for a free JumpCloud account and start connecting users (ten are free forever) to systems, apps, file storage, and networks. If you need help along the way, consider viewing the video playlist above or browsing JumpCloud’s Knowledge Base. For more conversation about why cloud identity management should be a priority, drop us a note. One of our technical experts would be happy to speak with you.