- Why is Identity and Access Management (IAM) important as a business security framework?
These days, companies are securing more users who are accessing more applications from more places through more devices than ever before, and all this diversity is putting increasing pressure on identity and access management (IAM) systems. At the same time, security has never been more paramount—or difficult to ensure, given today’s outdated and overly complex legacy identity systems. Add to that the fact that consumers expect rapid authentication and easy access to all of their accounts and information.
Today’s identity infrastructures face the traditional challenge of multiple links to multiple sources and targets. This creates an unmanageable “n-squared” problem, where there are too many custom links, each one extremely expensive to manage.
This n-squared problem is fueling the rapid adoption of federation standards, such as Security Assertion Markup Language (SAML), OAuth, and OpenID Connect—and that’s good news for large enterprises looking to achieve Single Sign-On (SSO) across web and cloud applications. As many companies are discovering, however, deploying federation requires more than the acquisition of a federation security component. To make this solution operational often requires some level of identity data integration.
That’s why federating the identity layer—not just the access layer—is essential for empowering today’s fragmented IAM infrastructures and driving business in a cloud and mobile world. A federated identity service based on virtualization shields your applications, WAM solution or portal from the complexity of disparate data sources and possible changes in data structure by federating identity from across the disparate backends into a single logical access point. Enterprises can then leverage existing identity stores for centralized authentication and fine-grained authorization. With a federated identity service, you can provide fast authentication, extend authentication across web applications, enable SSO, increase security, speed deployments, and develop more personalized services for your users.
- What are some of the key market drivers that are driving the need for IAM as it relates to information security, i.e. hackers, increase in identity profiles due to IoT, etc?
One of the most important market drivers in the IAM security space right now is the emergence of consumer IAM (cIAM). Security practices can now be used to engage with customers, providing a more convenient and better user experience, while also collecting data on the user’s preferences to provide a complete digital experience. New vendors are leveraging the registration process to collect data to do this, making security the starting point to serve better customer knowledge, tailored digital experiences, and the entire marketing and sales lifecycle.
But enrichment of the digital experience through data gathered at registration must be delivered in tandem with the most rigorous levels of security. This presents a key challenge for the identity infrastructure—integrating customer information across different data silos, translating that data into the appropriate format or protocol for consuming applications, and delivering data at high speeds to enable the most forward-looking security practices and the most fluid user experiences.
Radiant Logic’s RadiantOne identity and context technology provides a highly scalable, model-driven data integration service that works with new cIAM tools to enable enterprises to fully build and leverage rich profiles for their customers, ensuring smarter security, along with better marketing and more customized digital experiences. And RadiantOne’s Big Data Directory, HDAP, provides the storage capacity to handle all the user data collected through this process.
- What are the benefits of integrating IAM with cloud?
Most large enterprises have complex infrastructures with identities spread across many heterogeneous sources—multiple AD domains and forests, other directories, databases, web services—along with a multitude of legacy applications that rely on those sources. A move from on-premises identity to cloud-based identity would be extremely disruptive and might pose security risks as well.
Enterprises have long used RadiantOne to build a normalized, integrated image of their identity infrastructure, then create customized views of identity to meet the needs of each application. Since the rise of the cloud, they’ve also been able to push that tailored image to their IdP to secure cloud and SaaS applications. RadiantOne 7.2’s cloud provisioning capabilities allows customers to use that rationalized image of identity to populate cloud applications such as Azure AD and Salesforce, as well as Google Directory and PingOne Directory.
RadiantOne delivers a single access point for all applications, whether they’re in the enterprise, on the web–or in the cloud. Such an on-premises identity service allows users to authenticate as close to the authoritative sources as possible—and keeps identity information more secure, since identities don’t have to travel across the firewall every time user accounts are synchronized.
RadiantOne simplifies the move to cloud apps by:
- Creating a single logical place to authenticate users and retrieve a global view of attributes and group information
- Utilizing a global reference image to provision to cloud applications
- Saving time by simplifying the management of users and groups
- Which industries do you see adopting IAM the fastest and why? Which industries do you think could benefit more from IAM from a security perspective?
We are seeing the highest growth in the insurance, banking, healthcare and manufacturing sectors where a legacy identity infrastructure and scattered identity silos present difficulties in creating a single complete profile. The ability to combine identity and data integration together to create a complete profile allows the enterprise to deliver a better, more secure digital experience.
Healthcare presents a great example of the challenge to today’s large enterprises. The changing nature of the healthcare industry has made it increasingly difficult to provide secure access to mission-critical applications, whether they’re in the enterprise, on the web, or in the cloud. As consolidations, mergers, and acquisitions become the new normal in the healthcare sector, and healthcare organizations face considerable diversity in their IT infrastructures, a solution that can leverage identity across all local systems, for global initiatives, is necessary. In such complex, hybrid environments, identity must be carefully managed as regulatory compliance is critical.
By turning disparate, fragmented identity infrastructures into one logical identity provider, RadiantOne helps enterprises build a secure, federated infrastructure, offering single sign on and a common access management point that connects all internal identity and authentication sources for a fully integrated view of identity.
- Do you have any customer examples or use cases that highlight the benefits of IAM integration with cloud? What benefits did they see from a security perspective?
Yes. Healthcare presents a great example of the challenge of cloud security. The changing nature of the healthcare industry has made it increasingly difficult to provide secure access to mission-critical applications, whether they’re in the enterprise, on the web, or in the cloud. And maintaining security is of paramount importance in this industry in particular.
As consolidations, mergers, and acquisitions become the new normal in the healthcare sector, and healthcare organizations face considerable diversity in their IT infrastructures, a solution that can leverage identity across all local systems, for global initiatives, is necessary. In such complex, hybrid environments, identity must be carefully managed as regulatory compliance is critical.
RadiantOne simplifies the process of federation and single sign-on for cloud applications by providing one logical identity hub. With RadiantOne, enterprises can build a secure federated infrastructure, offering single sign on and a common access management point that connects all internal identity and authentication sources to the growing world of cloud and federated web applications. “RadiantOne is the key engine used by many organizations in the Healthcare space to consolidate and federate their identity and provide a common service for accessing cloud and web applications,”. “It provides SSO to cloud and federated applications when users are stored in the widest range of repositories from AD to Oracle/SUN directories or SQL databases. And it can extend access to applications such as Office 365 or those supported on Microsoft Azure to make it easier for organizations who have identities in a variety of locations to manage those identities globally.”