In our last post, we discussed some of the most compelling reasons for adopting identity and access management (IAM) in the cloud. Like most other cloud services, identity as a service (IDaaS) offers cost-effective, high availability and affordable scalability. However, as you consider the possibility of moving from your legacy, on-premises IAM system to the cloud, it’s vital that you begin with a clear understanding of common misperceptions that haunt the emerging IDaaS market; here are the two biggest ones:
1. IDaaS is just a Web-based single-sign-on (SSO) portal and password reset system.
If you’ve gotten the idea that IDaaS is nothing more than SSO and password reset in the cloud, you can thank the leading SSO vendors for that misperception. They’ve positioned IDaaS’ capabilities as such in order to aid the marketing and sales of their own products. While IDaaS may include sSSO for the cloud, a full-fledged, private cloud-based IAM system is much more than simply an authentication infrastructure that is built, hosted, and managed by a third-party service provider.
For example, IAM cloud offerings can provide full identity lifecycle management functionality, including user account provisioning and deprovisioning for applications, just like an on-premise solution. They also can support a broad selection of authentication methodologies that can be combined to meet any business or compliance requirements.
2. IDaaS is SaaS and therefore, requires little to no implementation, configuration, or customization support.
If you’re picturing IDaaS as a turnkey solution, it’s time to adjust your expectations. While a simple cloud-based SSO solution, designed for a small to medium-sized business, might be fairly quick and easy to deploy, we’ve already established that true IDaaS is much more than SSO in the cloud.
IAM is a process, not a task; you can’t set it and forget it, and you won’t be able to run a modern IAM system without substantial and continuous fine-tuning. A full-featured IAM system is a robust software platform that institutionalizes the unique business rules and governance policies of the organization using it.
While many vendors are making strides toward easing implementation and integration right out of the box through features like setup wizards, such functionality isn’t there yet for all critical IAM capabilities.
Full IAM requires some level of implementation services and consulting engagement. And, because IDaaS aims to offer more or less full-featured IAM in the cloud, you can expect to use implementation services to configure and customize the IDaaS offering before putting it into production as well.
You might think that’s bad news at first, but it isn’t. If you’re exploring your cloud-based IAM options, it’s most likely because you recognize that you’re looking for more than just SSO. A best-of-breed IDaaS solution offers the features you need to manage your users across both on-premises and cloud systems.
Even taking into account investments in customization and implementation, you’ll be coming out ahead compared to what you’d have to budget for an on-premises IAM solution. A certain amount of work is necessary to create a good fit between your IDaaS and your business, but it’s absolutely worth the effort.
Misconceptions about IDaaS make the technologies sound much more limited than they really are. These days, many businesses can comfortably migrate their IAM solutions to the cloud and reap the rewards of increased cost-efficiency, flexibility, and scalability, while future-proofing their workflows for the inevitable compliance and process changes down the road. Can you? Set up a demo with one of our representatives today to find out.