Solving The Identity Management Conundrum

Cloud For Dummies.png
Disaster Plan.png
Disaster Recovery Plan.png
The Manuscript.png
Disaster Recovery Plan.png

Solving The Identity Management Conundrum

Businesses of all sizes are increasingly moving their IT operations into the cloud. Their reasons for doing so are diverse and varied, but typically fall into broad categories; modernisation, streamlining workflows, easier access to business-critical applications, cut costs on data centres, and so on.

While there is no denying that the amount of benefits that the cloud can bring to a business are vast, there are still some important considerations to make when making the leap.

One of those considerations is how to effectively manage identities.

The Old Problems with Identity Management

The challenge of identity management was never fully solved in the pre-cloud era, a strange anomaly given that identity and access management (IAM) has been at the heart of corporate IT security for two decades.

With companies now entirely reliant on computers for all aspects of doing business, IAM is also one of the broadest issues in IT security. Whether an employee needs to access internal applications, an outsourcing company requires limited control over hardware functionality, or consumers want to interact with their online accounts, they are all dependent on secure and reliable IAM.

Managing all the access points and accounts could be a time-consuming exercise, especially if the systems have been badly implemented. Even if they have been correctly implemented, issues such as orphan accounts, poorly mapped essential data, non-existent monitoring of privileges, and wrongly assigned super-user accesses could all combine to soak up precious resources and ultimately result in costly clean-up exercises.

The Arrival of Off-Site Services

Before the explosion of off-site services, IT staff were responsible for manually performing administrative tasks in order to give the employee the correct accesses. Such an approach made meeting regulatory guidelines, sufficiently managing security controls, and creating company-wide consistency difficult to achieve – all of which only served to exacerbate the problems listed above.

As discussed, IAM now underpins almost every facet of the business world – and thus requires far more management than simply adding and removing various accesses. The system in place needs to reflect a company’s business goals and unique challenges, and thus allow it to adapt almost instantly to any new requirements that arise. Beyond that, it needs to be simple, user-friendly, and secure.

If the situation was difficult to manage before, the uptake of cloud services, the growth of the Internet of Things, and the addition of external constituents could make the problem worse. Indeed, with Gartner now predicting that by 2020 “60 percent of all digital identities interacting with enterprises will come from external identity providers through a competitive marketplace, up from less than 10 percent today”, it is vital that systems are put in place now to help manage the impending change.

Thankfully, the cloud can help by offering hybrid solutions between on-premise resources and cloud-based resources.

The Importance of Cloud-Based Solutions

The long-held ideal of effectively organising identity management in cloud computing whilst maintaining control over internally provisioned applications and resources is now becoming a reality.

At the core of the solution is security. With data breaches and data theft seemingly never away from the headlines, organisations are increasingly required to prove that they have strong IAM controls in place both for internal resources and for resources accessed remotely. To achieve this, the ability to tie off-premise user identities to back-end directories is vital, and systems should be used that can provide cloud-based bridges to those directories.

Some facts serve to underline this point even more forcefully; according to SC Magazine, privileged users cost US businesses $348 billion per year in corporate losses, Group ID claim 19 percent of employees change job responsibilities each year (with 5 percent of users in an average company’s Active Directory being no longer employed by the organisation), and Gartner are predicting that IAM will remain as one of the top three most sought-after cloud services.

How Microsoft Azure Active Directory Can Help

The capabilities of Microsoft Azure Active Directory (AD) address many of the issues raised. Most importantly, Azure AD can provide access control to cloud-based applications, including third party ones, but the benefits extend far beyond that.

For example, it offers tools that allow IT professionals to scan the applications in use and isolate those which have the biggest effect on data confidentiality, compliance, and auditing, it helps to identify and address cloud-based security threats, and it can provide single sign-on to the most popular SaaS applications.

It also helps to negate inefficiencies in the user lifecycle, thus becoming the perfect solution for newer SMEs that were created in the age of cloud use. It does this by including support for self-service and dynamic rule-based groups, role-based and rule-based provisioning, managing both on-premise and private cloud directories, and regular recertification of user privileges.

In the age of global business, it is also important to have a way to let partners and other vendors access your applications. Azure AD assists in this business-to-business collaboration without the need for proxy users, instead making use of email-verified and social identities.

The Future

As the necessity for greater engagement between businesses and their customers grows, and as newer social and mobile technologies continue to come online, effective IAM is more important than ever.

Businesses now have to take a consumer-led approach for granting and controlling access to their resources, especially to those which are based in the cloud. Without that approach, they risk being exposed and left behind on a number of fronts.

Systems such as Microsoft Azure AD are the perfect way for SMEs to better manage their existing users and extend their services over time, making sure they don’t miss the exciting opportunities that will arise over the next five years and beyond. Contact them for more details.

This post is brought to you by Cloud for Tomorrow.

By Dan Price

Alex Brisbourne

Industrial IoT Cyberattacks Continue To Rise

IoT Industrial Security The Internet of Things (IoT) includes both traditional electronics and everyday ‘things’ embedded with sensors, computing, and networking capabilities. From smart coffee makers and smart homes to smart lighting and smart cities, ...
Gary Taylor

6 Organizational Challenges for Cloud Services

Cloud Service Challenges Organizations have rapidly come to the realization that digital cloud services make a compelling business case for helping them navigate this difficult pandemic year. The market for cloud services is expected to ...
Kamal Maggon

Mining Business Value – Accelerating a US Company’s Cloud Transformation

Mining Business Value Traditional industries like mining have been slow to adapt to changing IP technology.  Of course, coal and other mining types have adopted new technologies starting with mechanical drills powered by pistons, then ...
Non-Fungible Tokens

Non-Fungible Tokens (NFTs) As Digital Artwork

NFTs As Digital Artwork NFT stands for Non-Fungible Token. Anything fungible is replaceable with something that is of an equal value. A basic example would be money. A $10 note is fungible as it can ...
Yotascale podcast

Episode 10: The Modern Day Smokestack? The Economics of Cloud Management

The Modern Day Smokestack A conversation with Asim Razzaq, CEO, Yotascale Why is cloud cost management so difficult? What are the main challenges in achieving cloud cost optimization? What are the principles of cost optimization ...

TECH ELEARNING

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.