Solving The Identity Management Conundrum

Microsoft Azure

Solving The Identity Management Conundrum

Businesses of all sizes are increasingly moving their IT operations into the cloud. Their reasons for doing so are diverse and varied, but typically fall into broad categories; modernisation, streamlining workflows, easier access to business-critical applications, cut costs on data centres, and so on.

While there is no denying that the amount of benefits that the cloud can bring to a business are vast, there are still some important considerations to make when making the leap.

One of those considerations is how to effectively manage identities.

The Old Problems with Identity Management

The challenge of identity management was never fully solved in the pre-cloud era, a strange anomaly given that identity and access management (IAM) has been at the heart of corporate IT security for two decades.

With companies now entirely reliant on computers for all aspects of doing business, IAM is also one of the broadest issues in IT security. Whether an employee needs to access internal applications, an outsourcing company requires limited control over hardware functionality, or consumers want to interact with their online accounts, they are all dependent on secure and reliable IAM.

Managing all the access points and accounts could be a time-consuming exercise, especially if the systems have been badly implemented. Even if they have been correctly implemented, issues such as orphan accounts, poorly mapped essential data, non-existent monitoring of privileges, and wrongly assigned super-user accesses could all combine to soak up precious resources and ultimately result in costly clean-up exercises.

The Arrival of Off-Site Services

Before the explosion of off-site services, IT staff were responsible for manually performing administrative tasks in order to give the employee the correct accesses. Such an approach made meeting regulatory guidelines, sufficiently managing security controls, and creating company-wide consistency difficult to achieve – all of which only served to exacerbate the problems listed above.

As discussed, IAM now underpins almost every facet of the business world – and thus requires far more management than simply adding and removing various accesses. The system in place needs to reflect a company’s business goals and unique challenges, and thus allow it to adapt almost instantly to any new requirements that arise. Beyond that, it needs to be simple, user-friendly, and secure.

If the situation was difficult to manage before, the uptake of cloud services, the growth of the Internet of Things, and the addition of external constituents could make the problem worse. Indeed, with Gartner now predicting that by 2020 “60 percent of all digital identities interacting with enterprises will come from external identity providers through a competitive marketplace, up from less than 10 percent today”, it is vital that systems are put in place now to help manage the impending change.

Thankfully, the cloud can help by offering hybrid solutions between on-premise resources and cloud-based resources.

The Importance of Cloud-Based Solutions

The long-held ideal of effectively organising identity management in cloud computing whilst maintaining control over internally provisioned applications and resources is now becoming a reality.

At the core of the solution is security. With data breaches and data theft seemingly never away from the headlines, organisations are increasingly required to prove that they have strong IAM controls in place both for internal resources and for resources accessed remotely. To achieve this, the ability to tie off-premise user identities to back-end directories is vital, and systems should be used that can provide cloud-based bridges to those directories.

Some facts serve to underline this point even more forcefully; according to SC Magazine, privileged users cost US businesses $348 billion per year in corporate losses, Group ID claim 19 percent of employees change job responsibilities each year (with 5 percent of users in an average company’s Active Directory being no longer employed by the organisation), and Gartner are predicting that IAM will remain as one of the top three most sought-after cloud services.

How Microsoft Azure Active Directory Can Help

The capabilities of Microsoft Azure Active Directory (AD) address many of the issues raised. Most importantly, Azure AD can provide access control to cloud-based applications, including third party ones, but the benefits extend far beyond that.

For example, it offers tools that allow IT professionals to scan the applications in use and isolate those which have the biggest effect on data confidentiality, compliance, and auditing, it helps to identify and address cloud-based security threats, and it can provide single sign-on to the most popular SaaS applications.

It also helps to negate inefficiencies in the user lifecycle, thus becoming the perfect solution for newer SMEs that were created in the age of cloud use. It does this by including support for self-service and dynamic rule-based groups, role-based and rule-based provisioning, managing both on-premise and private cloud directories, and regular recertification of user privileges.

In the age of global business, it is also important to have a way to let partners and other vendors access your applications. Azure AD assists in this business-to-business collaboration without the need for proxy users, instead making use of email-verified and social identities.

The Future

As the necessity for greater engagement between businesses and their customers grows, and as newer social and mobile technologies continue to come online, effective IAM is more important than ever.

Businesses now have to take a consumer-led approach for granting and controlling access to their resources, especially to those which are based in the cloud. Without that approach, they risk being exposed and left behind on a number of fronts.

Systems such as Microsoft Azure AD are the perfect way for SMEs to better manage their existing users and extend their services over time, making sure they don’t miss the exciting opportunities that will arise over the next five years and beyond. Contact them for more details.

This post is brought to you by Cloud for Tomorrow.

By Dan Price

Martin Mendelsohn

Supporting CISOS, CIOS and CTOS That Are Overwhelmed During the COVID Battle

The Covid Era and CISO Stress Even before COVID-19, senior technology executives, including CISOs, CIOs and CTOs were overwhelmed, and felt an increasing lack of ...
Digital Theft

Cross-Site Scripting – Why Is It A Serious Security Threat For Big Data Applications?

Security Threat And Big Data Applications (Updated August 11th, 2020) IBM, Amazon, Google, Yahoo, Microsoft - and the list goes on. All these leading IT ...
Armen Najarian

Martech: Brand Marketing is the New Demand Generation

Martech: Brand Marketing First, An Apology Sorry, demand generation professionals. We still love you and your jobs aren’t going away. But, as you are well aware, the ...
Patrick Joggerst

Payments Companies Will Always See ROI on Embedded Real Time Communications

ROI on Embedded Real Time Communications Without secure, real time communications applications, the financial services industry could literally come to a standstill. While transactions are ...
Ian Hayes

EasyShip – Shipping and delivering across the cloud

The Shipping Industry  Article branded by Easyship Shipping and delivering across the world is as hectic as it sounds, and it can get really chaotic ...
David Shearer

Looking Back – and Looking Forward to 2020

As we celebrate our thirtieth anniversary here at (ISC)², it’s incredible to look back at the changes our industry has been through. From advances in ...
Byod.png