Reduce cloud IT management headaches by approaching IAM the right way

Moving to the cloud has opened up new identity-related concerns and worries that we’ve never experienced before. The good news is businesses don’t have to fight the identity security battle on their own, and solutions, strategies and best practices already exist to help them address this very challenge.

security map digital encryption identity
Thinkstock

What keeps you up at night? I typically lie awake trying to remember if I left the garage door open, or if I remembered to pack socks for my next business trip. For many IT folks, much more daunting concerns are likely troubling them, like the latest suspicious account the team found that may have breached the system, or if their team is prepared to pass the next PCI audit.  Scary thoughts, right? IT managers have a lot resting on their shoulders and if they get it wrong, it can be catastrophic to the business. Unfortunately, it doesn’t look like these IT headaches are getting any easier to fix with the increase in digital transformation and cloud adoption.

For many companies, moving to the cloud has opened new identity-related concerns and worries that we’ve never experienced before, mainly due to hybrid deployments. It’s challenging enough to have to manage one set of systems within your own data center, but now IT pros are having to juggle multiple cloud platforms at once -- all of which are unfamiliar territory for IT. The task of managing these new cloud environments can be so overwhelming that, in extreme cases, business turn a blind eye altogether to securing them and taking the necessary steps to reduce risk.  I was once told by a former prospect that his cloud platform was “too new,” so he didn’t have the tools to perform an adequate audit and simply chose not to conduct one.

The problem with this approach is that cybersecurity is not a joke and must be applied across any and all systems. The good news is businesses don’t have to fight the identity security battle on their own, and solutions, strategies and best practices already exist to help them address this very challenge. And while there are many goals that should be established when embarking on an identity project, such as automated provisioning, role attestation and ethical barriers, there are two concepts that must be achieved: governance of everything and IT workload reduction.

Governance of everything

While you have been moving towards the cloud, so has the hacker.  The idea that we can ignore ‘the elephant in the cloud’ and just focus on our internal systems is dangerous.  Advances in modern IAM solutions have kept up with advances in the cloud, which is a surprise to many IT teams who have stuck with their legacy on-premise products and strategies despite the adoption of cloud platforms. While it may be true that in the early days of cloud computing the complexity and level of effort required to connect various identity systems was herculean. However, today, the standardization of interfaces with web APIs, data formats like JSON and XML, and the growing adoption of SCIM (system for cross-identity management), demonstrate that those early challenges are all but gone. If your current approach isn’t providing you with the ability to capture accounts and entitlements across all your environments, then it might be time for you to modernize and take advantage of what are essentially turn-key solutions to hybrid IAM.  This doesn’t have to be that hard.

IT workload reduction

Having made the decision to reevaluate your current approach and tackle the task of IAM across your hybrid cloud and on-premises environments, you’re likely looking to determine which solutions, services and strategy works best for you. One of the most important boxes to check is that the selected strategy reduces IT workload. Businesses should look for solutions that simplify and automate repetitive tasks and put the control of the business where it belongs, in the hands of the business itself.  IT should not be a roadblock to the agility of the business.  You need to make sure that your solution empowers the business to govern themselves.

Truth be told, there are several IAM solutions available and you can be successful or fail with all of them.  Sometimes the key features you need to be looking for aren’t necessarily if “system X” can import data from “system Y”, but rather, what features will my team need?  Or even better, if we implement a certain approach, what is the impact to the business? As you’ll likely notice, the last question has almost nothing to do with technology, but everything to do with your success.

Oftentimes customers spend too much time in the nitty-gritty of the low-level technology at play and not enough time on what their future holds with their governance platforms.  Invest time in looking at the impact of an IAM solution and how it will reduce your workload, while simultaneously empowering the business.  These questions on usability and flexibility might be just as valuable as any question regarding interface specifications.

While it may seem like a heavy undertaking at first, putting in the work and investment up front to align cloud and internal accounts will pay off in the long run, and will ultimately secure and protect the company from cyber risk.  Once this new strategy is put into place, and your business customers are happy with it, you might finally find yourself sleeping well at night!

SUBSCRIBE! Get the best of CSO delivered to your email inbox.