InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
In looking at the current state of IAM, older identity and access management (IAM) solutions continue to be a viable for enterprises, however, a shift to the cloud is a time for mature organizations to evaluate new IAM solutions. Leading providers in
the space have advanced and broad capabilities that may offer better mid- to long-term options for organizations considering a new approach.
We see some definitive shifts in IAM occurring in the marketplace. In the past, IAM encompassed centralized authentication, single sign-on (SSO), session management and authorization enforcement for target applications (often tied to some role/privilege
While this has not changed, modern IAM solutions also include adaptive and contextual authentication (which allows context, such as a user’s specific mobile device or location, to dynamically update authentication options or requirements) and support
for modern identity federation/integration protocols such as SAML, OAuth2 and OpenID Connect (OIDC). All these features are important for improving federation and cloud service integration, as well as reducing the risk of attacks with an increasingly
With the shift to hybrid cloud and widely expanded types of end-user access models, IAM solutions increasingly also encompass:
Several IAM providers could be serviceable for a mature organization that needs a broad suite of IAM capabilities, relative ease of use and deep integration with both on-premises and cloud-based systems and services. Highly regulated organizations can also consider:
Okta: Okta provides a software-as-a-service (SaaS)-delivered IAM solution that includes deep authentication and adaptive authentication capabilities, as well as SSO, directory services, multifactor authentication (MFA) and broad API support. Okta also provides threat intelligence and much-improved session management, along with a relatively recent reverse proxy solution for integrating legacy and non-standard applications.
Microsoft: Azure Active Directory (AD) is highly capable within Microsoft and more support for third-party applications and services is emerging all the time. Licensing can also be somewhat complex, but the pace of updates and new capabilities, particularly in Azure AD adaptive and contextual authentication through
conditional access rules, is good.
Ping Identity: Ping is considered among one of the most complete solutions available today, however, depending on your business' needs you might have to buy numerous packages to get there. Ping also offers threat intelligence and robust directory services
Other service providers also offer relatively complete IAM portfolios, including IBM and Oracle, with other options in the form of solutions from ForgeRock and OneLogin.
When considering a move to a new IAM solution, organizations should be careful to thoroughly evaluate all the different use cases currently in place for application and user access and authorization. Federation, SSO and application integration to cloud
services are now priorities, and flexible options with MFA and mobile access are also key considerations. We suggest taking the following into account:
Looking at both financial and operational costs for each solution. Be sure to ask providers what the expected deployment and maintenance overhead will be because these can be significant.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.
September 29, 2022
By IANS Faculty
Understand the integration points between information security and enterprise architecture. Find guidance for functional organizational constructs to maintain a solid EA practice.
September 27, 2022
By IANS Research
Learn how to ensure full cyber insurance policy coverage and find 5 tips to help maximize your potential cyber insurance claims.
September 22, 2022
Find information on cyber insurance coverage types along with best practices to choose a cyber insurance carrier and policy for optimal security coverage.