KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
In 2020 organizations have been forced to accelerate their digital transformation plans to meet the needs of a more digital engaged end user. From remote workforces to shifts to online commerce, nearly every industry has had to adopt to this new reality. This has resulted in rapid cloud service adoption and a need for integration of existing on-premises investments with them. But today's Hybrid Cloud reality needs a comprehensive security policy that encompasses newly acquired cloud technologies all the way down to legacy on premises applications which provide business critical capabilities. In this presentation, we will discuss the characteristics needed in an Identity and Access Management platform that will allow organizations to quickly get address new security issues while allowing for a smooth digital transformation at their own pace.
In 2020 organizations have been forced to accelerate their digital transformation plans to meet the needs of a more digital engaged end user. From remote workforces to shifts to online commerce, nearly every industry has had to adopt to this new reality. This has resulted in rapid cloud service adoption and a need for integration of existing on-premises investments with them. But today's Hybrid Cloud reality needs a comprehensive security policy that encompasses newly acquired cloud technologies all the way down to legacy on premises applications which provide business critical capabilities. In this presentation, we will discuss the characteristics needed in an Identity and Access Management platform that will allow organizations to quickly get address new security issues while allowing for a smooth digital transformation at their own pace.
Well, thank you very much. And let's just talk a little bit about what is going on in the industry today.
So, you know, in, in my space and the way I like to kind of do things, we talk about the, the word of the day, and it's kind of how I kind of get my thoughts around. And if I look over the it industry, the word of the day is, is hybrid.
You know, with a few exceptions out there, organizations with a few pure born in the crowd organizations, such as like Uber or some of these latest platforms, organizations really have a hybrid environment. Some people call 'em a multi-cloud environment, but they're operating, you know, on-prem services that they maintain as well as consuming SaaS services. So today we're gonna cover, you know, what drives organizations to have these hybrid cloud deployments. We're gonna talk about what security issues can come up from, from these hybrid deployments.
We're gonna talk about how a modern identity and access management system can overcome those security concerns. And then we're gonna look at what does a typical migration look like and, and a brief customer use case to, to round out the presentation. So lot to get through here in the next 15 minutes, but I think we'll be able to do it.
So, as I said, you know, it's not just me in the industry saying people are running a hybrid. We just had a, a recent identity live event from, for drop where 86% of our respondents pulled that hybrid was gonna be their it deployment model of choice for at least the next five years. So some people were looking at more than that, but for at least the next five years, you're looking at 86% of the respondents said hybrid.
This really, you know, aligns well with another poll out there by an independent organization called Flexera that had about an 87% respondent say that they were gonna have a hybrid deployment model. So one of the things that, that I hear a lot and is really a myth out there is that everybody feels like they're gonna be totally cloud in the next year or two years, you know, in a very short time horizon. But that just simply isn't the case organizations. They really wanna adopt the cloud, but there's barriers that just prevent them from, from doing that.
And some of that is that, you know, their IP and their, their legacy systems that are their bread and butter are still just very much rooted in on-prem and, and can't easily be moved. Also, you know, there's a lot of security issues when you start trying to secure users, access to, you know, legacy mainframes that are on-prem through that are traditionally were protected by, you know, security perimeter, all the way out to SAS applications that are just completely available on the internet. So there's a lot of complications think through there.
And, and one of those big ones that we're gonna talk about today is you, you have what you have these different identity silos, right? So you need to manage identities in more than one place. And that just inherently brings in risk. So organizations that really view hybrid as a business enabler. And so they, they wanna push to adopt these SaaS applications wherever possible.
You know, they wanna gain those benefits of, you know, quick deployment time, lower operating costs, and really increase their business agility. And this, this proves to be true, whether this is a workforce environment, or if this is, I am environment, organizations really want to get these new capabilities out there quickly. And then if you look over 2020, you know, this has really been fueled by COVID right.
I mean, this COVID has really added rocket fuel to this digital transformation. And that was really summed up. I couldn't have done it any better than the Microsoft CEO Satcha and Adela said, you know, in their earnings called it, they've seen two years of digital transformation in just two months.
So, you know, a lot of this is because organizations have to react to wild shifts in user interaction. So if you think about some organizations had complete work from home workforces, you have now Teledoc me medicine, you have eCommerce that went from, you know, you have just business in general, that went from 80% in person to 90% online. So organizations had to get services and had to get capabilities out there quickly. And the easiest way to do that was through SaaS and that digital transformation.
So when they look at hybrid, what they look at it as a way that enables them to innovate quickly, deploy QuickTime to value and, and extra services out there without the inherent risk of moving everything all at one time. So it really allows them to maintain their core business and add new capabilities very quickly.
So, you know, given the new hybrid approach the organizations have for their, it, you know, they needing new identity and access management system to, to handle that. Right. And so there's a lot of reasons and business drivers out there for a new identity and access management system. And of course, they're turning to the cloud to look for software as a service IAM solution as well. And up until recently that wasn't something that, that was available. Most of those cloud identity and access management solutions were really, you know, focused on enabling cloud apps and, and other services.
And didn't really do much for their OnPrem environment. And then, you know, the legacy systems that were really good at enabling on-prem and could handle cloud, they just don't handle it quickly. So what you ended up with was these, you know, two identity silos at, at the very least nowadays, things are different there's cloud services out there that can handle everything and they can do it quickly. And that's really important right now because security has become more important than ever in, in 2020.
And, and as any organization shifts, you know, the, the bad people are out there trying to hack in and take advantage of any security in flaw that's out there. So if you look at what's going on, you know, according to Verizon, 67% of security breaches are due to credential theft. And then if you couple that with Google reporting that since COVID was launched, there was a 350% increase in fishing attacks and websites that are out strictly to get people, to give them their username and password.
And so that's, that's a real problem for all organizations, whether they're dealing with customers or whether they're dealing with their workforce. But then if you add on top of that, that, you know, 20% of organizations as of August had some, some sort of security breach due to a remote worker at home from COVID and that was from malware bite. So what you're seeing is you have a lot of people working on now, not controlled networks from their house, and they don't necessarily have the right password policies or security in place.
So what's driving the need for a new identity and access management system is number one, increasing that security of, of your customers, right? And of your, of your users. So you wanna be able to deploy the latest technologies that are out there. So some of those things are password list, user name list, and then you can also look at those invisible type of security features like device loca, whether it's a known device, or whether you're in a geolocation or things like that, to increase that security without actually impacting your end user.
Also, you know, a big thing that, that we see is that, you know, the password reset and password management, isn't always the smoothest. So you wanna look at organizations that can help you enforce strong password policies and really be able to do, you know, integrated password resets as well, because that's your basic premise and your basic starting point for security. The second thing is you wanna look at reducing risk, right?
So, as I said, if you have multiple identity silos, you really start opening yourself up for a risk of having conflicting security policies, different policies on different applications. And what that, what that'll do is that allows for infiltration of one side or the other. So you wanna be able to have one security policy that spans the whole organization. And so you need an identity and access management system that can do that.
Obviously, if you're looking at the cloud, you wanna reduce costs. You wanna, you know, reduce that infrastructure cost, as well as all the other costs that go along with, with personnel of maintaining just the infrastructure and the underlying OS for security patches, and then upgrading the, the identity and access management solution.
And then, you know, if you start thinking about security, security is always evolving. So as new security technologies come out, you wanna be able to consume them quickly, as opposed to having to go through an update upgrade process. So here's another place where you're reducing cost and you're increasing your security. And then lastly, you need to be able to increase speed the value. So there's no point in going out and, you know, wanting to consume all these SAS applications and deploy them quickly, if you can't secure them and enable authentication and security on them just as quickly.
So you need a, a new solution, a modern solution. That's able to do that in the matter of hours or days as opposed to weeks and months. So that's really, what's driving this need for people to go out and find a new identity and access management solution and why they're looking at the cloud.
And so if you're looking at identity and access management solution to, to secure your hybrid cloud, to secure, you know, applications on-prem or in your multi-cloud, because that's the other, other thing people talk about when you operate your data center in Google or Amazon or Azure, or, you know, and then you have your, your SaaS applications, there's a few things you need out there.
And so one of the things you really need to look at is if you're gonna use one solution and do that, you want to have a common architecture between both of them so that when you make a change in one, it it's picked up by the other one. Or if you have to configure both, you're using the same technology you're using the same commands you're using the same terminology, makes it much easier to have your unified policies and things like that. Another thing you wanted to do is you wanna make sure that you have deployment flexibility and predictable pricing.
So, you know, our solution, if you get the, for identity cloud, whatever you license in the cloud, you're allowed to deploy on-prem as well. And so what that does is that allows you to plan your own migration at whatever stage you need, whatever timeline you need to move things out without having to pay two, two different licenses.
And we also price our solution based on, on enrolled identities, as opposed to, you know, monthly active users, when you saw this massive swing with COVID and digital transformation in the way, you know, users interacted and customers interacted, you saw organizations that had to deal with a huge price search. So you wanna look at that predictable pricing.
So, you know, you're gonna save cost, but you wanna be able to make sure you have the right budget for that as well. The only thing you wanna make sure you have is the complete identity and access management platform that can support your needs.
And so, you know, the, the for drop identity cloud is fully configurable and customizable to not only fit your business workflows today, but it'll also allow you to adjust them and change them as, as you move more things to the cloud. And as your organization grows and transforms, we'll be able to do that as well. And that also means being able to manage, you know, not just identities, but things and service accounts, and, you know, microservices, there's a lot of other technologies out there that are falling into that identity and access management bucket that need to have security.
And lastly, you wanna look at the security that's provided by the vendor. And if you look at the, for drop identity cloud, what we offer is full tenant isolation. What that means is that there's no exploitable back doors for anybody else to get access into your, into your cloud service. It also means it eliminates any noisy neighbor type of situation where their, their workload is gonna impact your performance. Along those lines. We don't commingle your data. It's all stored in one place. And you as a customer, get to determine where you wanna store that.
And then we offer up to the minute security, cuz we're constantly patching our solution. We're constantly making sure the infrastructure's patched. And then as we add new authentication capabilities and security capabilities, they're gonna become available to you instantly without having to go through an upgrade process. So these are the types of things that you wanna look for in a hybrid cloud when you're choosing that, or you wanna look for an identity management solution when you're, when you're choosing one to secure your hybrid cloud.
So what I wanna do is I wanna quickly walk through what a typical hybrid migration process looks like for identity management. So the first thing here is you have your existing on-prem deployment, you know, and what you're using is you use SAML or Federation to connect to your cloud devices or, or your, your mobile applications, your legacy applications, Hey, they might integrate with this system or they might have their own directory for authentication.
So you probably have a few little identity silos here, maybe some of your SaaS applications, aren't, aren't a hundred percent connected and people are managing their own password there, which is generally gonna mean they're just reusing their single sign on password and starting it in the browser, which isn't the, the most secure way to go. So once again, deciding you need a new identity and access management solution, one can handle everything.
Well, the first thing you're gonna do is you're gonna, and you're gonna turn on that service. And then you're gonna configure that service to be the, the policy enforcement or, or the policy decision making center or the identity and access management brain, so to speak. And so once all that moves up there, all the decision making, then we're just gonna relay that information down to the on-prem solution. And we're gonna have that solution go out and connect and do the auth authentication and authorization to all the applications they already have enabled.
So that's the first thing that, that we're gonna do in any solution is get that, that policy, policy enforcement and decision making to the cloud cloud deployment. The thing about doing that is as soon as you're able to do that, you're able to leverage these new identity and access management capabilities.
So you can get the latest multifactor authentication, or you can get better user self service, whether that's an integrated password reset that allows the, the user to return right back to where they were after their passwords reset with a fully, you know, fully authenticated session or whether that's context enabled user registration, where, you know, you register somebody based on a device. If it's a mobile device, you don't ask a lot of questions.
If they're on a laptop, you do, but there's a lot of different modern capabilities that you can consume right then, and there that are gonna increase your security posture, make it easier for your employees to work while you are in the background, you know, starting to move your applications over. So once you have those new technologies in place and you're consuming them, now, what you're gonna do is you're gonna migrate your applications to connect directly to the cloud identity and access management solution.
So you'll probably start on your cloud and mobile apps, and then you'll start deploying new edge controllers that can handle all your legacy apps, OnPrem. So that'll go, you know, that'll be whatever process it is. And here's a place where you need to make sure you take your time because any, any outage of any of these applications can be very critical to your business. And then finally, once you have everything over, you can retire that on prem identity and access management solution, you don't have to pay for the infrastructure.
You don't have to maintain it, upgrade it, anything along those lines, everything's going out to the cloud, all your decision, making all your authentications going out there. And now, as you take advantage of the new SaaS applications that are all modern authentication protocol, they're easily gonna integrate into the cloud. And then you can also migrate your, your on-prem applications at your leisure, if you wanna rewrite them, or if you just want to go through the edge edge controller as well. That's fine.
So what this does is now that you're here, you're gonna eliminate any possibility of conflicting security policies. So now you have your, your one identity and access management solution that's securing your hybrid cloud. You can also see in this example that, you know, the edge, the edge component could be deployed on your premise or in your private cloud someplace else to be able to do that authentication there realtime, or to be able to handle enable those legacy applications quicker. So now let's just talk a little bit about a, a use case that we had here.
We have a customer named collabro. They were a call center technology company, and what they really prided themselves is being able to provide the best customer service. And so they were doing so well with that, that they actually grew through acquisition. And what that did was that led to a bunch of identity silos in their offering. And so they took an effort at managing that themselves, try to develop their own homegrown solution, to provide a unified identity across all of their, all of their applications, but that didn't work out the way they wanted it to it.
It just proved to be too complicated and take too long form. So what they wanted to do is they wanted to find an identity and access management solution that that would be enterprise capable, but have the speed of the cloud. So what they did, and then on top of that, they also needed to be able to support cloud as well as on-premise solutions to be because their customers ran in both configurations. So they turned to us at, for drug to leverage our, for drug identity cloud, as well as our identity and access management platform.
So they're able to do one integration and it met the needs for their on premise and their cloud customers gave them that seamless user experience across all the services that they were looking for and they prided themselves on. So once again, it's, it's really, you know, organization. They had identity silos due to this digital transformation and, and rapid growth. They leveraged the forger identity cloud to be able to provide a seamless user experience, increased security across all environments there.
So just to, to wrap up, you know, and before I go, I just wanna give you some key points here to our discussion. The first thing you wanna look at is hybrid flexibility.
You know, you wanna look at the identity and excess management solution. That's gonna support not only the cloud apps, but that has to support your legacy apps as well. And to be able to do this, you wanna make sure they have common architectures and the single security policy while you're going through your, your migration. Right? And so we also wanna make sure that you can migrate at your own pace without any penalty of having to pay double licenses. So those are all types of things you wanna look at when you look at hybrid flexibility.
And then the other thing you wanna do is you wanna leverage cloud security. You know, there's a lot of organizations or anybody who's offering a SaaS service out there. You know, what they're doing is they're providing all that. They have security teams that are monitoring the, the, their solution, patching the solution, making sure it's up to date, but what you also wanna make sure is that you have that tenant isolation, that your, your data is not being commingled. And all of these things can lead to you.
Being able to leverage their security infrastructure, to check off your compliance needs as well. And then you wanna be able to deploy that, that latest technology, right? So not only is it making sure those security patches are, are done very quickly, but you wanna be able to take advantage of new things when they come to the market, whether that's like 5 0 2 web bought, then authentication methods, or if it's new access protocols, like, you know, Maroons are starting to come out, you wanna make sure that you can leverage those as soon as they're there or any other context signals, right?
We're seeing a lot more contextual type of signals that security solutions are adapting as well and utilizing to assess risk. So with that, I just wanna say, thank you. And if there's any questions I'm here to, to take those.
