Moving to the cloud is one of the biggest challenges for organizations when it comes to Identity & Access Management (IAM). Many organizations find it daunting to extend IAM when moving to the cloud to support hybrid workloads.
However, cloud-based IAM services are potentially part of the solution because features such as multi-factor authentication can often be deployed more easily in cloud-based identity and authentication services than they would be on-prem.
Usefully, some Cloud-based Identity as a Service (IDaaS) solutions combine Access Management functions with Identity Governance and Administration (IGA) and Access Governance capabilities. These are all delivered as a cloud-based managed service.
Most IDaaS vendors deliver a cloud-based service to serve the common IAM requirements of an organization’s hybrid IT environment, delivering the common IAM capabilities of Identity Administration, Access Governance , and Access Management.
These services, therefore, are able to address many of the challenges of dealing with IAM in hybrid IT environments by delivering capabilities such as automated user provisioning and lifecycle management, self-service user profile management , consistent authentication, single sign-on (SSO) and identity federation, centralized role and access entitlement management, common access reporting, and common access certification.
IDaaS offers a springboard for organizations to start using foundational IAM elements delivered from the cloud and move rest of the IAM functions as they find it appropriate and at a pace that matches the organizational security maturity and cloud strategy.
— Martin Kuppinger, Lead Analyst at KuppingerCole
Because we understand how important it is to get Cloud IAM right, and because we are committed to helping your business succeed, KuppingerCole has a great deal of content in a variety of formats available.
As mentioned in the previous edition in KC Navigator, controlling who or what can access critical business systems and data is essential and a core part of IAM. For a cloud-related perspective on this, have a look at this Advisory Note entitled: Protect Your Cloud Against Hacks and Industrial Espionage.
For another perspective on cloud-based services as an alternative to on-prem IAM suites, have a look at this Advisory Note on Cloud IAM: More than just Single Sign-On to Cloud Applications, while for an explanation of how the “identity fabric” concept can facilitate a gradual, non-disruptive integration and migration of IAM to the cloud, have a look at this Leadership Brief on Leveraging Identity Fabrics on Your Way Towards Cloud Based IAM.
Audio & Video
Cloud IAM has been addressed in various presentations at KuppingerCole events over the years, including the most recent European Identity and Cloud Conference 2021, where much of the focus was on Cloud Infrastructure Entitlement Management (CIEM), which has already been dealt with in a previous edition of KC Navigator.
Other sessions at EIC 2021 that addressed the topic of Cloud IAM, included:
- Solving the Access Challenge in Cloud Migration
- Best-Practice Approaches to Multi-Cloud IAM in the Enterprise
- Addressing Multi-cloud Identity Challenges with a New Standard: IDQL
Choose from other presentations in the list below that are most relevant or best meet your organization’s needs in its journey to the cloud:
- Cloud-delivered IAM: Promises and Challenges
- Choosing the Right IAM solution to secure your Hybrid Cloud Environment
- IAM into the Cloud: Improving Security with Cloud and Collaboration Technology
Concise perspectives on topics are typically provided in blog posts or short video blogs. On the topic of cloud-related IAM choose from these vlogs on:
And this blog post on: IGA in the Cloud without Compromise
Cloud-related IAM has been the topic of many webinars. Look through the list below and select the ones that are of the most interest or are most applicable to your company:
- The IAM Cloud Journey
- Cloud IGA: Built for Hybrid Reality
- Cloud IAM – Get the Full Picture to Make a Real Win out of a Quick Win!
- How to easily expand Identity & Access Management to the Cloud
The topic of cloud IAM has also been addressed in several whitepapers. Select the most relevant focus areas from the list below:
- Meeting the Identity and Access Challenges in a Multi-Cloud World
- The Future of IAM Lies in the Cloud and as a Service
- Single Sign-On and Managed Access to all Applications from the Cloud
- Fast Access Management in the Hybrid Cloud for SMBs
- Identity Governance. The Value of Leveraging IGA Functions from the Cloud
- IAM for the Hybrid Reality. Efficiently Managing On-Premise IT and the Cloud
Organizations looking to make investments in cloud-based identity services should have a look at this Leadership Compass on Identity as a Service (IDaaS) with a focus on IGA for a discussion on the market direction and a detailed evaluation of market players to help IAM and security leaders to make informed decisions.
For a perspective on IDaaS services targeting full IAM and Access Governance capabilities for employees in hybrid environments, have a look at this Leadership compass on IDaaS B2E, while organizations looking specifically for single sign-on capabilities can have a look at this Leadership Compass on IDaaS SSO.
Organizations investing in technologies to support cloud IAM can also have a look at some of the related technology solutions that we have evaluated:
- Synacor Cloud ID
- Oracle Cloud Guard
- Saviynt Enterprise Identity Cloud
- SAP Cloud Identity Access Governance
- Google's Cloud Identity
- IBM Cloud Identity
- Oracle Identity Cloud Service
- CyberArk Privileged Session Manager for Cloud
- SAP HANA Cloud Platform Identity Authentication and Provisioning
- SAP Cloud Identity Service