3 IAM deployment models: Which will work for your organization?

Each of the identity and access management platform deployment models--on-premises, cloud and hybrid--has trade-offs and different resource requirements.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Identity and access management (IAM) platforms have become vital components of corporate cyber security programs. They help companies manage digital identities and user access to systems, networks, and critical information within the organization—through role-based controls.

A key question for any organization looking to leverage IAM is what’s the best deployment model? Every IAM deployment will be unique, but there are three main models: on-premises, in the cloud, or within a hybrid environment. Each approach has its own challenges.

Following are some of the possible challenges companies might face with each and best practices for managing them.

Deploying IAM on-premises

With the on-premises model, most IAM solutions require significant infrastructure and platform footprint. It can be difficult to provide continuous availability and support, and to migrate from one vendor product to another, says Tim Skinner, information security manager at health insurer BlueCross BlueShield of Tennessee, which uses an IAM offering from Ping Identity.

Other challenges are that upgrades don’t always make the priority list for the security staff, and on-premises offerings require a large, specialized staff to run and monitor the IAM stack, Skinner says.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.