Architecting and Managing Hybrid and Cloud-based Identity Services

Over the past 10+ years, much of enterprise IT has moved to the cloud. In conjunction with this trend TechVision has written about IAM migrating to the cloud, Customer IAM is becoming primarily cloud-based and even Privileged Access Management is moving to the cloud. Today, we find ourselves with a largely mixed set of IAM capabilities residing on-premises, in the cloud, or both. Adding to this complexity for many organizations is that they may be using multiple Identity as a Service (IDaaS) offerings, may have multiple on-premise IAM systems and may be leveraging multiple cloud service providers. The many components that comprise an IAM environment, such as authentication, authorization, account lifecycle management and privileged access today can be sliced and diced in such ways that enterprises can select to run in the cloud certain capabilities that run more efficiently, are more cost effective and retain requisite security.

This report focuses on how enterprises manage, integrate, architect, migrate, operate and secure these hybrid IAM environments. Taking into consideration the most common enterprise requirements for IAM, we describe how to build a Reference Architecture for hybrid/cloud IAM that can fit well within the context of leading vendor offerings/directions in an effort to help you understand how to match vendor solutions to your needs and how to deploy those solutions thoughtfully and effectively.