Moving your enterprise identity management to the cloud is a smart move. There are than a few compelling reasons to do so (better TCO, reduced resource costs, time to value, ease of implementation, access to innovation), but before you do, make sure you’ve addressed these five critical success factors.
How do you manage cloud access when your enterprise is an extended one? Your employees and customers are using apps at much greater scale than ever before (including just yesterday and again, come tomorrow) that are mingling with data distributed all over the cloud. Access control and authorization has become much more complicated than a has/has-not situation: ‘Becky in HR has access and Ron in marketing does not.’ The answer to healthy access control is scalability in the form of federation.
Once upon the time of firewalls and passwords that lived in local directories, it was pretty easy to verify across apps and domains that people were who they said they were. Back then, the enterprise either controlled or owned everything, from identities to apps. No more. Anywhere access is key to growth if not survival - but it must occur in a manner that is secure and that does not impede innovation. See above for the three S’s that underpin authentication at scale.
3. User account management and provisioning.
When the average enterprise relies on no fewer than six clouds, managing the disparate silos of user data and accounts across disparate SaaS, PaaS and IaaS entities can become a bit of a juggling act. The single-most important success factor for secure user account management? Standards-based with a focus on integration and automation.
The opportunity of the cloud – accessibility – can also be its challenge, particularly when it comes to compliance. Data, apps, users, logs, activity; it’s all distributed. Vulnerabilities and laws (GDPR, HIPPA, etc.,) require data security compliance show up in demonstrable, manageable and enforceable ways. It’s a natural progression then that auditing and compliance begs for moving beyond simple, historical reporting to analytics. And when you can turn to machine learning for predictive and automated monitoring and analysis, you can model problems to prevent problems.
Now that apps have moved off prem and literally ‘left the building’ as SaaS, so have users and the devices they access them on. For 24x7 availability and growth at scale, interoperability is critical. The most reliable way to accomplish this is to create a seamless computing fabric. Open technologies that are standards-based, and that incorporate built-in security and trust to scale from the get go (like SAML), accomplish this.