Last week we kicked off a four-part series on evaluating a single identity and access management (IAM) platform versus using point products from multiple vendors for your security needs. The first post covered procurement effort and implementation difficulty; today, we’ll discuss integration complexity.
The enterprise security software marketplace is expanding rapidly. For organizations needing to select and implement a new IAM solution, it can be difficult to navigate the thousands of products and solutions on the market. And even when companies finally select a solution, they all too often experience everything from friction to failure as a result of integration issues.
Integrating an IAM solution into your business can be a complex and time-consuming ordeal. And while there is certainly a trend toward universal compatibility, many companies still rely on legacy systems that were simply not designed to integrate well with newer technologies.
To further complicate matters, most organizations are simply ill-equipped to handle these necessary and complex integrations, while most solution vendors lack expertise with other products. All of of this has led to a large number of consulting and professional services firms in the cybersecurity space. And while these consultants are worth every penny, they will cost you a lot of pennies.
What’s the Integration Process Like?
So, when it comes to IAM point products versus a single platform, what can you expect in terms of the integration process?
- Single-vendor platform: With a single-vendor platform, the vast majority of the integration work has already been done for you. The components are already there and designed to work together. As a result, you only have to worry about integrating the IAM platform with your pre-existing web and legacy systems and not other identity solutions—which is easier to do, since you are only working with a single, centralized identity repository.
However, to realize the integration benefits of a single platform, it’s important to make sure your vendor truly offers an integrated platform and hasn’t built their product through acquisition. Despite a polished marketing wrapper, many of these solutions are little more than loosely held together point products; they have different interfaces, workflows, processes, and technologies.
- Multi-vendor point products: The reality is that most cloud vendors are focused on selling their software—not making sure you have tight and necessary integrations with the rest of your environment or even across each vendor’s unique user store. So, few of these point product vendors will be able to help you integrate your environment.
This means the vendors essentially throw the solutions into your lap, and it’s up to you to deal with the setup, integration, and management life cycle. If you don’t have a high degree of IT expertise on your team, most of these efforts will need to be outsourced.
Additionally, each point product comes with its own identity (user) store. So, users of IT-provided systems must go through the hassle of manually entering information multiple times into each downstream system, instead of just entering this information once and having it automatically pushed to these systems.
Integration complexity should always be a consideration when selecting new software for an organization. We know firsthand how complex it can be to integrate point solutions because our company originated as an integration consulting firm. We built our own IAM solution, RapidIdentity as a unified platform, so it would integrate more easily than the legacy systems we used to deploy in our consulting firm days.
In the next part of this series, we’ll examine five additional areas to think about in the single-platform vs. point products debate: technical support, training, upgrades, vendor longevity, and cost.