What is IDaaS
Enterprises are embracing cloud and mobile technologies. As they do, they’re moving beyond traditional network boundaries and the capabilities of their legacy identity and access management (IAM) solutions.
Identity as a service (IDaaS) are SaaS-based IAM offerings that allow organizations to use single sign-on (SSO using SAML or OIDC), authentication and access controls to provide secure access to their growing number of software and SaaS applications.
Gartner defines IDaaS as, “a predominantly cloud-based service in a multi-tenant or dedicated and hosted delivery model that brokers core identity governance and administration (IGA), access and intelligence functions to target systems on customers' premises and in the cloud.”
Gartner states that the core aspects of IDaaS are:
IDaaS for the digital enterprise
Basic IDaaS is the support of SaaS apps. It has proven to be effective for the small and medium business market, especially for “born in the cloud” organizations. But for IDaaS to be effective in the digital enterprise, it needs to have a broader application. Most enterprises have complex IT environments that include a mix of on-premises, IaaS, PaaS, and SaaS applications. In addition, enterprises typically use IDaaS to extend their existing IAM infrastructure. As a result, enterprise IDaaS providers must deploy solutions that can:
IAM Best Practices for Securing the Digital Enterpriseread now
Enterprise IDaaS requirements
Five key capabilities are required to make enterprise IDaaS solutions possible:
Single Sign-on (SSO): With single sign-on employees, partners and customers obtain easy, fast and secure access to all SaaS, mobile and enterprise applications with a single authentication using corporate credentials.
Multi-factor Authentication (MFA): MFA typically includes adaptive authentication methods—options to step up as risk increases based on situational changes, user behavior or application sensitivity.
Access Security: Access security is policy-based access management for applications and APIs to enhance security beyond SSO.
Directory: While most enterprises prefer to integrate IDaaS with their existing user stores, they may use a cloud directory, especially to support customers and/or partners.
Provisioning: Through SCIM support and integration with on-premises provisioning, user data is synced with web and enterprise applications.