Integrate IAM as a Service Solution: Pay attention to complexity and hidden costs!

Cloud-based or IAM-based identity and access management solutions are a service, growing.

Like all IAM solutions, their mission is to secure and facilitate access to cloud applications and services as well as historical applications deployed in companies, whether they are Businesses from publishers or developed internally. Therefore, they must support communication with these applications, which may be more complex than expected.

Identity and Access Management, or IAM, is an essential element of enterprise security. They can rely on in-company infrastructure (On-Site or on-site), but can also be distributed as SaaS applications, importing IAMs as Services or IDaaS, or hybrid two.

 The primary task of all these solutions is to validate both the identity and user access to all of the company’s applications and pass on their identity to the user.

Consider the present

Under specific conditions, therefore, they must facilitate access to both cloud-based applications and services, which are increasingly popular because they are widely used by users, but also for applications. The history is deployed in companies, whether related to business (finance, purchasing, human resources). accounting, documentation, collaboration, etc.), from software publishers or developed in-house.

Therefore, it is necessary for IAM proprietary solutions as a Service to support communication with these applications deployed in the enterprise. This may be more complicated than expected.

 Indeed, managing a user’s access to and identifying digital resources requires a “footer” in his information system and has an interface with its existence: that it is level The system, including an identity store, at the application level or network level. Communication with the company’s IS makes it possible to provide a set of functions related to the current on the site, such as the user’s identification number based on one or more directories (or repositories). in the company or access to applications that have been used on a daily basis (for example, since the ERP application was made several years ago as well as a myriad of business applications). More,

The application of an identity and access management solution as a service (“IDAAS” or identity as a service) therefore requires this interaction, the local interface with the information systems business on the spot. This link, which looks simple, really – depending on its implementation – is more complex than appearance.

Some IDaaS solution editors rely on simple messaging for use but also simplicity and deployment speed. This can quickly prove to be more complicated than expected, especially after having already passed the simplest application to integrate. In addition, many IDaaS solution providers may skip to designate the additional unexpected costs needed to deploy this link to the legacy applications of the company, whether it is cost infrastructure or administration.

 As the IAM’s solution is to manage access and digitally corporate users with fully cloud-based applications (to SaaS), the association with existing ISs in the company is less, however. , it is still necessary, minimum to authenticate the user and ensure communication with its principal means of authentication (usually a couple “username + password”), since the public You do not want to outsource from storing passwords in a system out of your control and lying in the cloud.

Security risks for the company involved in outsourcing Login and password are high in this case, because IAM is a Service Solution that has been the target of hackers in the past.

Be careful with hidden costs

Finally, with the rise of IDAAS, some publisher solutions on the older generation of web sites, some more than 20 years old (from major computer publishers in general, database management, etc.) have recently published an evolution of their solution in IDaaS mode. However, sometimes they struggle to position themselves precisely to provide the user with a set of features that include equivalent application needs of the company’s on-site information system (such as so, still behind the firewall) as well as SaaS applications.

Special attention will be paid to deployment costs and the ability to include multiple uses, in the case of frameworks available to these publishers, often providing “free” (full or part) of these new solutions. Applying and deploying these old platforms can make their evolution (or even migration) long, expensive and complex. Customers may then become further detained by these publishers in general for the sake of their professional integration services.

Add a Comment

Your email address will not be published. Required fields are marked *