a good thing!
Top 10 Legacy IAM Challenges, Part 4: Legacy Administration and Hardware Costs
In the previous three posts in this series, we looked at the challenges you face with your legacy IAM system’s capability gaps in the areas of web access management (WAM), directory and multi-factor authentication (MFA). In addition to capability limitations, all of these have steep administrative and hardware costs that negatively impact your bottom line.
Today we finish up the 4-part series on the top 10 legacy IAM challenges by covering the administrative and hardware costs of legacy identity and access management.
Click here to see the full infographic
Many perceive the costs of IAM modernization to be too high to justify, but the costs of sticking to the status quo can be much, much greater.
Your legacy WAM solution, for instance, requires an excessive number of policy servers to provide application-level access control, and typically requires heavy on-premises databases for storing sessions, policies and encryption keys. On the directory side, adequately addressing scale and availability challenges while deploying more apps and identities relying on these directories is a catch 22.
Legacy multi-factor authentication systems also represent a major cost center within IT organizations. They require significant infrastructure to host authentication processes, user and policy databases, administration and self-service functionality. You are also increasingly likely to need additional hardware to support geographically dispersed deployments and remote users accessing internal resources. Costs balloon when redundant instances are set up for high availability and disaster recovery, not to mention the procurement costs of thousands (or tens of thousands or more) of hardware tokens.
A modern IAM solution slashes infrastructure spending:
Labor expenses devoted to maintaining legacy systems eat up a consequential chunk of your organization’s IT budget. When you shift from legacy IAM systems to a modern one, you allow your IT organization to focus on more strategic initiatives..
WAM-related expenses related are a big piece of this equation. Simply to keep the system running, multiple full-time administrators often are needed to ensure application security due to the WAM solution’s inability to share policies between API and web application security. Additional IT staffers are required to administer these complex solutions comprised of thousands of agents installed on hundreds of servers. And developers with years of expertise in these proprietary solutions are also needed, thanks to these solutions’ lack of support for open standards. Add in upgrade cycles requiring hundreds of hours of professional services, and your WAM related costs become too visible to ignore..
Also significant are the costs related to the legacy directories. Vendor support is often lacking, and because of this significant administrative effort is needed on your organization’s part to troubleshoot and apply hotfixes and security patches. Enterprises often fall into administrative time sucks of continual rebooting, resetting and fixing errors, while scale-related outages decrease workforce productivity.
But the highest labor costs, in many legacy IAM systems, arise from MFA. In an earlier post we talked about how misplaced or forgotten passwords, PINs, tokens and other authentication devices put a heavy strain on your helpdesk, causing thousands of dollars each year in support costs. In addition, your organization incurs hefty labor costs while maintaining, patching and upgrading servers and ensuring end-user device compatibility.
The identity and access management solutions built for today generate these labor savings:
If your organization finds itself buried under licensing and support costs for your legacy identity and access management solution, you aren’t alone. These costs may be harder to pinpoint than some of the other costs mentioned above, but they are no less real.
Consider your web access management implementation. Many of our customers found that their WAM usage was decreasing over time, yet they were still paying the same amount (or more) in annual maintenance and support—resulting in costs that were proportionately more expensive than originally incurred. These organizations were also paying for system-wide upgrades roughly every three years, so they were experiencing excessive costs to upgrade and scale their solutions.
Directory licensing and maintenance costs may seem a better deal at first glance, as their costs are often included within application licenses, but administrative efforts spent on systems with lapsed vendor support makes these licenses far from free. The perpetual maintenance and support costs of legacy MFA solutions are also often more expensive than what would be incurred via modern subscription licensing.
For transparency in licensing and support costs, look to a modern identity solution:
You can drive great value for your organization by migrating to a modern identity and access management system that lowers admin and hardware costs while improving access security, directory and authentication capabilities—but only when you do so wisely.
Trying to find the right identity and access solution to meet your enterprise’s IAM needs of today and the future can be a daunting challenge. If you’re interested in modernizing your legacy IAM systems and want to hear from others who’ve done it before, listen to the webinar replay with our modernization panel where you’ll hear from: