Cloud-based Identity Management

Authors:

Gary Rowe – Principal Consulting Analyst

Nick Nikols – Principal Consulting Analyst

Abstract

Successful digital transformation requires a robust, adaptive, scalable and secure means of collecting, managing, authenticating, provisioning and leveraging digital identities in support of a wide range of applications and use cases. The right Identity and Access Management (IAM) foundation can make or break a digital transformation program and these services are rapidly moving towards the cloud.

The time is right for most organizations to consider moving some or all of their on-premise identity management to the cloud. The combination of a pervasive movement to cloud infrastructure services, a largely disappearing perimeter, the proliferation of IoT devices, the need to work with external identities and the requirement for a flexible IT infrastructure are all contributing to an inevitable movement of IAM to the cloud.

Options include Identity-as-a-Service (IDaaS), managed identity services, and hosted, enterprise-managed identity programs. We make specific recommendations as to the timing, architecture, integration and migration from the largely on-premises deployments most enterprises have today.

This report describes the cloud-based IAM value proposition, the current state of IDaaS as well as managed and hosted services that support the movement of identities and the management of those identities to the cloud. Since most organization’s IAM is not yet fully cloud-based, we’ll examine co-existence and migration paths as well as typical migration planning timeframes.

We’ll also consider key enterprise requirements for cloud-based identity management in light of major vendor offerings and include a vendor short list in this report. We close with some pragmatic guidance, a cloud IAM readiness checklist and a roadmap for enterprises making this transition.