You can’t put the value of your directory into a slide deck or a spreadsheet.
So how can you determine its worth?
In IT, this is an all-too-common theme. Measuring the impact of IT investments is often nebulous, because there’s no line on an expense report for the benefits of a smoother onboarding process or a less-stressed out admin. Good security practices, for instance, don’t save the company any money… until they prevent a breach that would have cost millions.
In order to work within tight budgets, sysadmins are always on the lookout for ways they can improve IT operations, while simultaneously cutting down on costs. Lately, the biggest gains have come from leveraging SaaS applications and the cloud:
- 88% of cloud users switch for cost savings
- 56% agree that cloud services have boosted profits
- 60% report reduced infrastructure maintenance needs by IT teams
Source: CIO
There’s no doubt that, historically, IT has been a cost center in organizations. However, the attitude towards IT has been changing over the last decade, and many are starting to view IT as essential in their overall business strategy. Organizations have realized that leveraging the right technology can help solve core business problems, and that’s translating into strategic results.
For example, one report states that cloud solutions are enabling organizations as a whole to reduce costs, improve DevOps productivity, consolidate data centers, and increase agility and innovation. IT departments are instrumental in putting the right cloud solutions into the fingertips of a company, and there are opportunities to become more efficient in the delivery of those IT services. One area of deep interest to IT organizations has been the identity and access management (IAM) category, directory services. IT admins are particularly interested in how cloud directory services save money for organizations.
In order to understand how cloud directory services can work alongside your business strategy, let’s make sure we understand what IAM is, and what’s been going on in the identity management market.
IAM & the History of Directory Services
Identity and access management is a fundamental concept underpinning any IT organization. IAM solutions securely manage and connect users to the IT resources they need. In today’s security-conscious environment, there could not be a more critical component to IT security than a focus on securing identities and what they have access to. A critical category in IAM that is at the core of user authentication and authorization is the directory service.
The history of directory services began two decades ago when Microsoft® released Active Directory® in 1999. At this time, on-prem Windows networks prevailed, which was exactly the type of environment AD was created to manage. So, AD rapidly became the go-to choice for a directory service. Then in the mid 2000s, modern IT resources like Mac systems, web-based applications, and cloud servers started populating the IT landscape, and Active Directory needed help.
As a result, solutions such as privileged identity management, multi-factor authentication, IDaaS (i.e., web application single sign-on) and many others surfaced. These would sit on top of AD and extend identities to modern IT resources. The IT environment ended up changing so much that IT admins needed many of these solutions to manage their environments. This has ultimately led to the cumbersome, unwieldy, and costly IAM environments that many IT organizations are experiencing today.
The good news is a cloud directory service is a modern, comprehensive approach to identity management. This next generation SaaS identity provider is connecting users to the IT resources they need without the worry of platforms, protocols, providers, and locations. Simply put, it’s a reimagination of Active Directory for the heterogeneous, cloud era.
But, will shifting to a cloud directory service save money? The simple answer is yes, and the key points are explained below.
Saving Money with Cloud Directory Services
Moving to cloud solutions, in general, has enabled IT organizations to save 14% of their budgets. This is not surprising when you actually break down what goes into managing on-prem IT resources. For a directory service, an organization has to account for people’s time, staffing, infrastructure, and software and hardware. Let’s take a close look at each of these aspects, and how cloud directory services save money in each of these components.
Time / Staffing
On-prem identity management takes a tremendous amount of resources to manage. For example, you need a whole team just to properly manage all of the user changes, password resets, and other end user facing tasks (e.g. training). This list of tasks doesn’t even account for all of the maintenance and management involved with the hardware and software of an on-prem IAM solution (which we will detail below).
In short, for any reasonably sized organization, on-prem IAM becomes a full-time job if not a team activity, and can be a major distraction from completing more important tasks. For example, Ooyala utilized OpenLDAP™ for their on-prem directory before making the switch to a cloud-based directory service. When they used OpenLDAP, they had to use an engineer’s valuable time to make simple user add/remove changes. With a modern cloud-based directory service, they can place any level of a sysadmin because it is far easier to manage IT resources with web-based admin consoles. Additionally, the cloud identity provider also has end user portals, so that items such as password resets, SSH key management, and data updates can be handled by the end user.
In other words, IT doesn’t have to hire highly skilled personnel to administer their identity management infrastructure, and the ease of use reduces management overhead by streamlining routine tasks like password resets.
Infrastructure
In addition to the cost on an organization’s time and staff, on-prem solutions require a tremendous amount of time and money to ensure availability, security, and reliability. Further, because of IT’s requirements for near 100% uptime for authentication services, there is added expense and pressure on hosting, backup, redundancy, and network performance among others. All of these initiatives are expensive requirements.
Under a SaaS delivery model, these items are the responsibility of the cloud directory services provider. A key point here is that IT organizations would need to invest in these items for their organization only, while a SaaS solution gets the benefit of amortizing those costs over their entire customer base. It also shouldn’t go unnoticed that SasS identity management providers will have their own entire teams focused on performance, uptime, security, and, of course, engineering to continuously improve the cloud identity management solution. With an on-prem identity provider, the uptime, security, and reliability among others, fall on the shoulders of however many personnel the organization can afford to employ.
Software / Hardware
Finally, an on-prem solution will require the purchase of the directory services hardware and software. Depending on the size of the organization and number of locations, this could require extensive purchases, including duplicate infrastructure for redundancy.
For a cloud-hosted directory services platform, all of these costs are included in the pay-as-you-use monthly fees. There are no additional components to purchase or manage. There is no hardware on-prem that you have to host and manage. For one simple, per user price, all of what an organization needs is included in a cloud directory.
With these points in mind, it’s easy to see how moving to cloud solutions can help IT admins save 14% of their budgets, and how a cloud directory service can save significant money for IT organizations. Without the infrastructure to purchase, host, and manage, there is a lot more time and budget to focus on other areas. If you are interested in a detailed cost analysis and are interested in leveraging an ROI calculator, please reach out to us.
However, there is just one more benefit to a cloud directory service that goes beyond just cost-savings. A cloud-based directory service adapts to your IT environment instead of having to adapt your IT environment to work with the identity provider.
Cloud Directory Services Give You Choice
Historically, many IT organizations have been forced to leverage solutions that integrate tightly with the on-prem directory in order to control user access. This would limit the organization’s ability to choose the best IT resources. A modern cloud directory does not tie IT organizations to particular providers, platforms, protocols, or locations – dramatically expanding the universe of options.
As IT organizations make the shift to the cloud and become even more critical to an organization’s operations, there is a great opportunity to leverage modern IT solutions. If you would like to learn more about how your organizations can save money with a cloud directory service, drop us a note.