The Cloud IAM market is currently driven by services that focus on providing Single Sign-On to various Cloud services as their major feature and business benefit. This will change, with two distinct evolutions of more advanced services forming the market: Cloud-based IAM/IAG (Identity Access Management/Governance) as an alternative to on-premise IAM suites, and Cloud IAM solutions that bring a combination of directory services, user management, and access management to the Cloud.
There are many terms for what we call “Cloud IAM” for Cloud Identity and Access Management. IDMaaS (Identity Management as a Service), IDaaS (Identity as a Service), and various other names are used. However, there is no common understanding of what constitutes that market segment. Vendors have taken different paths to this market segment. One common denominator is Cloud Single Sign-On, which allows users to access a portal that links to “his” (or “her”) Cloud services and provides a seamless login, either based on passing through username and password or relying on Identity Federation standards.
This will change, but there will be at least two distinct approaches to Cloud IAM that overlap in their core functionality. One is Cloud-based IAM/IAG that provides Identity Provisioning and Access Governance capabilities as a Cloud service. These services in fact are a direct counterpart to established on-premise Identity Provisioning and Access Governance solutions. These types of solutions also provide good out-of-the-box integration with on-premise systems, allowing management and governance for identities and access to these services.
The second group of solutions primarily focuses on managing what we call the “new ABC: Agile Businesses: Connected”. They focus on managing external users, such as business partners and customers, and their access to Cloud services and on-premise web-based applications. Commonly, these services are a combination of identity federation, self-service registration, directory services, and access management solutions, all provided as a Cloud service.
While both groups of solutions might converge in the long run, both provide far more functionality than just Cloud Single Sign-On, which will not remain sufficient for success in business.
In this session, Mike Small will explain the evolution and convergence of Cloud IAM, talk about selection criteria and look at vendors in that market segment.
"To cloud or not to cloud?" - this is no longer the question. It is rather to what extent and depth enterprises leverage cloud computing. With identity and access management (IAM) solutions for their internal IT systems, enterprises have achieved a high level of security, transparency and compliance. They do not want to go back to the old days of erratic and insecure identity management when they have to deal with multiple cloud providers and their proprietary user management interfaces.
Integrating and maintaining each cloud application individually within the enterprise IAM solution is no real alternative. Obviously, building a pure Cloud IAM besides the existing on-site IAM is also not the most elegant way to solve the challenge. The target should be to use an approach that seamlessly connects the enterprise IAM solution with a multitude of cloud services in a standardized, centralized way.
In this panel session, we will discuss about architectural approaches for extending IAM to the Cloud, in order to allow managing all identities and access in a consistent way.