Let's face it, enterprise mergers and acquisitions (M&As) are tough to get right. Nobody loves change and uncertainty, and M&As are full of both. One of the trickiest parts of merging two organizations is ensuring uninterrupted access to data and applications across both organizations. The expectation is that the two organizations will magically become one overnight, with all barriers to access removed. However, gaining cross-domain access isn't automatic, and it's anything but trivial.
To understand the challenges here, let's look at a simple example. Company A merges with Company B, and both use AD for authenticating users. But now that they're one company, Company A employees need access to Company B resources, and visa versa.
What are their options?
Option 1: They can perform an AD domain consolidation, so that all users are merged into a single AD domain. This can become non-trivial quickly, and it can create a lot of challenges due to dependencies on the original domain. And the process is a long and painful one.
There's a much better way.
Option 2: They can use federation to alleviate the pain. On day one, both Company A and B implement the Ping Identity federation server, and the two systems are easily connected to create an identity bridge. Now, administrators can quickly and easily grant Company A employees access to Company B applications, and visa versa.
Federation is based on the concept that one organization (the identity provider) authenticates their own users and passes an authentication token to another organization (the service provider) with which they have an established trust relationship. This token exchange grants users access to services or applications.
This concept works exceedingly well to bridge identities in M&As because the two organizations that are now one can be provided immediate and uninterrupted access between what was previously two separate organizations. It's quick and simple to set up and can reduce significant cost and time.
There are many choices to consider when consolidating multiple domains, so organizations that are going through an M&A can take the approach that best suits their needs. But identity federation is the simple way to ensuring that 1+1=1 in the world of enterprise M&A.