While security and compliance remain key concerns, enterprises are seeking cost savings, faster time to market and improved quality of service by shifting from building IT to consuming IT. As a result, there’s been a corresponding change in the way enterprises approach identity and access management (IAM)—a change that reflects the new trend of cloud adoption. Especially for large enterprises dealing with a hybrid mix of on-premises and cloud infrastructure, a cloud-first IAM solution that provides both comprehensive security and flexibility has become the ideal.
With so many IAM solutions and deployments to choose from, it’s important to properly evaluate your own enterprise needs and priorities to determine what will suit you best, including management resources, how much control you need, customization requirements and integration with your existing infrastructure.
In part two of this four-part blog series, we'll overview some of the considerations involved with maintaining the right level of control over your enterprise environment.
How much control do you need?
An enterprise’s demand for control over their environment varies based on many factors. On one end of the spectrum, smaller enterprises or individual projects within a larger enterprise could be satisfied with the control offered by an IDaaS solution. On the other end of that spectrum, enterprises dealing with large amounts of sensitive and targeted data may need the control they can only achieve by managing their own IAM infrastructure. Of course, most enterprises will fall somewhere in the middle, which allows them to leverage the cloud in various ways.
Maintaining your own on-premises infrastructure will always give you more control over the hardware used when compared to cloud deployments. Most companies are moving to the cloud because their need to free up management resources outweighs their need for full control. But moving to the cloud doesn’t have to be an all-or-nothing approach. You may decide to leave certain critical applications and data on premises, along with the infrastructure it runs on, while taking advantage of the cloud in other areas.
The bigger differentiator from a control perspective is often whether the deployment option is single- or multi-tenancy. Many enterprises won’t entertain a multi-tenant solution for their identity and access management needs because there would be too much liability in the event of a breach.
As a middle ground, some enterprises are adopting DevOps techniques to automate much of the manual portion of cloud deployments. Similarly, managed services providers are using DevOps to provide a lower price point for enterprises looking to outsource management of their IAM platform. These two options don’t grant you as much control over the physical infrastructure as an on-premises deployment, but they do provide greater control over the logical infrastructure than an IDaaS solution and also help you attain many of the cost-savings, agility and scalability benefits of the cloud.
Enterprise Cloud IAM offers options for different control requirements
For enterprises seeking the advantages of an as-a-service IAM solution, but looking for more control over their environment, such as single-tenancy, Ping’s enterprise-grade IAM platform paired with a leading managed service provider (MSP) could provide the best of both worlds.
Alternatively, with the rise of DevOps and cloud automation, many Ping customers are finding the right balance for them by cloud automating Ping products. The demand for cloud-automated software has been so great that Ping Identity just released cloud automation functionality for PingAccess, which, in addition to automated deployments, has the added benefits of auto-scaling up or down, zero-downtime upgrades and environment configuration promotion.
Balance your IAM needs and priorities
You saw in part 1 that when judged solely on reduction of management resources, IDaaS appears to win out. However, if you look only at maintaining control over your environment, on-premises solutions come out on top. Control, like management resources, is only a portion of what needs to be considered when selecting an IAM solution today, and each enterprise will set their priorities differently.
We’ve only covered two of the four core aspects that cloud-first enterprises with hybrid IT environments should consider when determining the best IAM approach. In part 3, we’ll look a bit more closely at the customization and configuration options that vary based on solution—another important aspect of choosing the IAM solution to fit your unique needs.