Modernizing IAM in Financial Enterprises

October 8, 2019

Zain Malik
Product Marketing Manager

In large financial enterprises, infrastructure modernization projects can be daunting. From IT’s perspective, modernization requires cooperation from various departments and lengthy roadmaps that can last multiple years. For business units, modernization projects can’t come quickly enough because they’re essential to launching new products, which unlocks digital transformation and innovation. Gartner highlighted the challenge enterprises face by predicting, “Every dollar invested in digital business innovation through the end of 2020 will require enterprises to spend at least three times that to continuously modernize the legacy application portfolio.”

Modernization is crucial for financial services enterprises to remain relevant in the midst of the changing nature of the industry. Financial organizations need a modern identity platform that can comply with new regulations, provide the latest security controls, increase productivity and adapt to modern hybrid IT environments. With modern identity and access management (IAM) in place, IT can provide the speed, agility and services necessary to drive business growth.

We’ve outlined the drivers for IT modernization and the innovation that can be unlocked by pursuing such projects. We’ve also outlined items to consider and common pitfalls as you begin the planning phase for IT modernization.

What Drives Modernization?

Financial enterprises are now, in effect, technology companies. The winners and losers will be determined by the success of their digital strategies. It’s no surprise that companies like Apple, Facebook, Amazon and a host of other fin-tech companies have begun challenging financial heavyweights by launching their own financial services offerings. Modernization projects are essential for the incumbents to stave off the threats from these new players. Here are three key reasons why financial enterprises should consider modernizing their legacy IAM:

Simplify Sprawl and Reduce Total Cost of Ownership. As enterprises have grown, the maintenance of legacy systems has become increasingly complex and expensive to maintain due to lack of support, products going end-of-life and disjointed operations. A modern IAM solution with a product roadmap built for hybrid IT can eliminate many of these burdens.
Meet App Developer Needs. Cumbersome, outdated and proprietary technologies slow development. Internal application teams and developers favor self-service models for onboarding applications with minimal source code customization required. They prefer using APIs and open standards such as FIDO, OAuth and OpenID Connect, among others.
Improve User Experience. Homegrown and legacy IAM tools lack features of their modern identity counterparts in areas like single sign-on (SSO), unified directory and multi-factor authentication (MFA). Modernizing these features will allow financial enterprises to improve customer retention and employee productivity, as well as grow their partner ecosystem.

Tackle Your Strategic Initiatives

Modernization can be an arduous process, especially within the financial services industry, which has compiled significant technical debt over the years. However, with the right approach, modernization can enable digital transformation initiatives. It can also mediate risk by strengthening the security posture across an organization.

Zero Trust: With the growth of open APIs and BYOD, identity has replaced the network as the security perimeter of the financial enterprise. Modern IAM is a critical step to implementing a Zero Trust framework, which enables enterprises to constantly verify users and their behaviors with features like contextual and step-up authentication. The Zero Trust framework prepares you for the modern threat landscape and also sets up your organization to innovate with the latest technologies.

Figure 1: Today's users, devices and resources oftern interact entirely outside the corporate perimeter

Orchestration and Self-service: In the financial enterprise, managing all of the IAM capabilities and requests is difficult with limited IAM administrators who spend too much of their time putting out fires or doing repetitive tasks like updating certificates. With modern IAM in place, you can delegate some of that administrative burden to the business units via a self-service model and simplified workflows—and they’re happy to help themselves! The result is a quicker turnaround, greater business agility and more productive “customers” across your business units.
Passwordless: Passwordless doesn’t mean “security-less”—it means replacing a password and/or username with a better method of authentication. The consensus within the security community is that passwords are a terrible method of authentication. They’re also a source of much angst for users who have to deal with cumbersome reset processes, forgotten passwords and complicated password rules. Modern IAM enables enterprises to make secure passwordless options a reality through contextual, adaptive MFA and SSO. With passwordless in place, your users are more secure and productive.

Starting the Modernization Journey

The benefits of IAM modernization are numerous, but understanding your needs and securing a mandate is critical before evaluating vendors. The most important aspect is developing support internally and building the business case. You need cooperation from various stakeholders that can help you drive the change and ensure a successful implementation.

Don’t Rip and Replace; Determine Your Own Pace. Many legacy applications remain mission-critical to financial enterprises, and sunsetting them is not an option. These applications are often built on proprietary technology, and change is not an option due to their brittle nature. A modern IAM solution can integrate legacy apps into your hybrid IT environment by eliminating silos and allowing you to plan the migration at your own pace, which also limits downtime risk.

In choosing a vendor, you need to understand if their capabilities match the requirements of your environment. Determine if the vendor has the experience, use cases and understanding of working with the financial industry. See how the vendor’s product strategy lines up with your enterprise’s needs. After all, modernization is a time-intensive process. At Ping Identity, we’ve developed a buyer’s guide with questions that you should consider in your process. Also, make sure to take some time to learn how our identity intelligence can help financial organizations crush technical debt and modernize.