Light Dark
August 31, 2016 By Charles Carrington 4 min read
Cloud Security
Identity & Access

The times are changing, and many CIOs and CISOs are blowing away the cobwebs on their legacy identity and access management (IAM) programs and considering a move to identity and access management-as-a-service (IDaaS). Whether driven by the growing menace of attacks via identities, increasing compliance mandates or the expanding needs of end users for easy and frictionless access to their data, security leaders realize that a move to IDaaS is key to achieving critical business objectives that are relevant to every high-performing organization.

IDaaS solutions offer great benefits over on-premises deployments. They can breathe new life into legacy IAM systems, building upon these solid foundations to surface as new and improved IAM features. But many CISOs are concerned that their organization may not be ready to deploy an IDaaS solution.

When considering a move to IDaaS, a little preparedness goes a long way.

Come as You Are

No matter what software you use on-premises, what version you have and what platform you use, you can move directly to the cloud now. Technology readiness is not an issue: Many cloud-based IAM solutions are adapted to a come-as-you-are scenario. Any company moving IT to the cloud for any purpose should plan on using IAM in the cloud as well.

That’s not to say there won’t be complications. Planning and preparation are required to ensure a smooth migration. But the end result, moving IAM to the cloud, is well worth the investment and provides a predictable monthly expense with few surprises.

Cloud IAM can be used either to replace an existing on-premises IAM system or to extend an existing on-premises IAM solution. Hybrid scenarios in which cloud IAM is used as an extension are common.

When deciding whether to move specific IAM workloads to the cloud, important considerations include complexity of the applications being integrated, complexity of the business processes around the application integration and the extent of the desired direct control over the identity and access workload.

Another key factor to consider in a cloud IAM move is available assistance. Some cloud IAM suppliers are self-service only, leaving you on your own when integration challenges arise. If your situation has unique integration requirements, look for a team that can guide you through the effort and provide the necessary integration expertise for your on-premises enterprise applications.

Preparing to Move to IDaaS

Organizational culture and governance are always factors when it comes to adopting cloud IAM. A cloud-based IAM with single sign-on (SSO) can provide a way for companies to gracefully fold shadow IT. Providing SSO to all company applications is a powerful incentive for users, and as such it brings all those cloud services that users and departments have implemented without prior permission back under organization control.

A cloud-based IAM solution will also support other cloud initiatives already in place or planned, so it is a natural step for IT leaders as they try to regain some control over the usage of cloud applications.

Another factor is comfort. Companies accustomed to doing things in-house have to give up a small share of control to take advantage of a cloud-based IAM solution. But when you factor in the lowered costs and higher service levels, the business case is far too compelling to ignore.

Without a doubt, planning is key when moving from on-premises to the cloud, and the transition requires skilled and knowledgeable business staff. But the upfront preparation and work that goes in to this data migration is well worth it in the end.

Speedy Setup

Take an organization of over 15,000 employees, for example, that is considering moving from one on-premises product to another, or even moving from an old version of a product to its current version. Depending on how organized the IT team is and how well the policies are documented and developed, the average rollout can take a considerable amount of time; six months or more is a common figure.

Conversely, migration to a cloud-based IAM product can happen much faster. In our experience with IBM’s own IDaaS solution, Cloud Identity Service, moderately complex migrations can be done 75 percent faster than on-premises deployments, including set up of identity data feeds, protection of websites, initial federations, DNS considerations and testing, with 95 percent of the work done remotely. Preparation is key, but on-site impact is limited.

It must start with a team working with the business to identify all data to be replicated, all IDs to be enabled, all customizations, all sites to be protected, and all sources and targets for federation. The next step is to configure the cloud-based IAM solution in multiple environments (development, test, production) and test function before going live. In our experience, the more the business uses an off-the-shelf process and the less they customize, the faster the process and the easier the future maintenance.

IDaaS for All

IAM in the cloud can be deployed for companies in numerous industries, including automotive, media, education, financial, retail, pharmaceutical, industrial, and oil and gas. These organizations range in size from as few as 1,000 users and a handful of applications to more than 9 million managed identities, hundreds of protected applications and federations, and presence in multiple countries.

Cloud Identity Service builds on IBM’s 20-plus years in the IAM and security market. This IDaaS solution uses IBM software that is time-tested, mature and highly scalable. It provides the deepest set of IAM functions in the IDaaS market as validated by independent industry analysts.

The results speak for themselves. Customers enjoy improved productivity and customer user experiences, more secure and compliant environments and, most of all, the flexibility and scalability they need to meet their business demands.

Calculate Your TCO of IDaaS

 |  |  |  | 
Charles Carrington
Associate Partner, IBM

More from Cloud Security
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 4, 2024

Cloud security uncertainty: Do you know where your data is?

3 min read - How well are security leaders sleeping at night? According to a recent Gigamon report, it appears that many cyber professionals are restless and worried.In the report, 50% of IT and security leaders surveyed lack confidence in knowing where their most sensitive data is stored and how it’s secured. Meanwhile, another 56% of respondents say undiscovered blind spots being exploited is the leading concern making them restless.The report reveals the ongoing need for improved cloud and hybrid cloud security. Solutions to…

March 14, 2024

Cloud security evolution: Years of progress and challenges

7 min read - Over a decade since its advent, cloud computing continues to enable organizational agility through scalability, efficiency and resilience. As clients shift from early experiments to strategic workloads, persistent security gaps demand urgent attention even as providers expand infrastructure safeguards.The prevalence of cloud-native services has grown exponentially over the past decade, with cloud providers consistently introducing a multitude of new services at an impressive pace. Now, the contemporary cloud environment is not only larger but also more diverse. Unfortunately, that size…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature