There’s a lot of fuss about Identity & Access Management (IAM). There’s also a lot of mess.
The fuss stems from rapidly-growing companies demanding effective IAM because of their increasing use of SaaS applications, exceeding need to onboard new on-prem apps and support the mobile demand. The mess stems from still too much distribution, local solutions in each and every platform and app, especially around authorizations.
IAM should handle both Authentication and Authorization. Authentication – The way to prove a digital identity (user, service, device, etc.), and Authorization – what can that identity do, what resources and actions it can use.
Authentication – has largely been mastered. The authentication solution market has matured and solutions have, by and large, enabled enterprises to seamlessly oversee the secure interactions between users and apps. Providers such as Okta, Ping Identity, and RSA have excelled at giving companies simple and scalable solutions to manage authentication.
But authorization has been, until now, overlooked. Aside from us at PlainID, there are only a few players on the market: Axiomatics and NextLabs are two examples. The dearth of solutions has coincided with rapid technological changes to the way authorizations can be managed and controlled. These changes require a new and agile approach to authorization so can companies can meet growth targets.
Traditional Doesn’t Work
Traditional methods have failed to keep pace with the evolution in both business needs and upcoming technology. Global relationships with business partners and customers who depend on SaaS apps and mobile devices to exchange data calls for distributed ownership beyond the four walls of a company.
According to a Gartner researcher, by 2020, 80% of user access will be shaped by new mobile and non-PC architectures that service all identity types, regardless of origin. That same researcher predicts that by 2020, most enterprises will allow unrestricted access to non-critical assets.
As exciting as that uninhibited flow of interactions between companies, clients and customers should be, IAM, until now, has been unable to handle authorization in this agile environment.
Authorization in traditional IAM, according to Forrester, has failed for several reasons:
- SaaS apps involve many user stores, and companies’ lightweight directory access protocols (LDAP) and active directory stores don’t scale properly as the number of apps increase.
- SaaS and partner apps that rely on too-infrequent synchronization to obtain authoritative user data tend not to catch status changes that should have resulted in denying access.
- Reduced business agility due to latency when adding authorizations.
- Increased BYOD use.
Centralized Authorization Needed
Forrester stresses that if businesses want to meet the demands of growth, they need to let external identities “knock on (their) doors for access.” Also, companies must be able to integrate, “at a moment’s notice,” the apps of different business units and third parties.
How can they do this? They can have a centralized policy decision point that both internal and external apps can consult for authorization.
PlainID believes it has such a solution: the centralized, no fuss, no mess, AuthZ answer to the growing demands of every organization. For one, PlainID accelerates an enterprise’s shift from the in-house legacy authorization solutions to industry standard authorization methods that are required by mobile and cloud vendors. In addition it enables the use of one business policy for all worlds, on-prem, cloud and mobile, so that efforts that have been placed in one place can be easily reused when moving to another.
Because access can be determined in real-time – based on user and environmental attributes and events – we can adjust the access to the user’s origin, authentication method, and even the current “mood” of the organization.
PlainID is here for the companies that are looking away from the traditional and wanting to be ahead of the curve before 2020 arrives.