Key Considerations for Identity Governance in the Cloud

by Rick Weinberg, Vice President of Product Management, SailPoint

Cloud is transforming the way we work, and today’s enterprises are seeing the many benefits of cloud migration for some or all of their infrastructure. The relative ease of purchasing and deploying cloud solutions coupled with the desire for a low total cost of ownership are the primary drivers behind implementing critical business applications as a service.

Like any significant technology initiative, taking your enterprise into the cloud requires forethought and preparation to be successful. Organizations must think through what issues they are really trying to solve and how those issues are prioritized against the business needs.

Key Considerations for Identity Governance in the CloudFor many enterprises, a cloud-first IT strategy means a chance to focus on the core strategy of the business versus managing technology solutions in their data center. In parallel, these organizations must consider the financial, operational and security ramifications of running business-critical applications in the cloud.

As companies become more comfortable with moving strategic and mission-critical applications into the cloud, some hesitate when it comes to identity due to the perception of a heavier workload and security risks. Even as enterprises rush toward the cloud, they often skip over identity because they believe they lack the budget, time or skilled identity resources required to implement such technology.

But that’s no longer an inhibitor to implementing identity governance as a service. Cloud-based identity governance offers the same security, compliance, and automation delivered by data center-deployed identity solutions, coupled with a lower total cost of ownership and faster deployment.

But before making the move, IT operations departments must ask: first, can you move your identity governance solution to the cloud? And then, perhaps, more importantly, should you? The answers to these questions will vary from company to company. They are dependent on the resource investments and needs of the business along with the current identity solution and corresponding business processes in place.

How Do I Know If I’m Ready for Cloud-Based Identity Governance?

As organizations rush toward the cloud, they don’t always stop to consider the importance of including identity management in their new cloud strategy. While there are several variables to consider, here are two questions to help gauge your organizational readiness for cloud-based identity management:

What is the alignment between your organization’s business and IT objectives?

Before embracing cloud-based identity governance, you should have a thorough knowledge of your organization’s particular business needs and how they reflect on your broader IT strategy. Is IT a means of executing your business strategy or is IT a strategic part of your business? What is driving the migration to the cloud? Where do you expect the shift in IT resource expenditure in the future? Infrastructure only? Personnel? Answers to these questions put you in a position to align with the right identity management strategy.

Which kind of solution will you choose, and how will you choose it?

Fortunately, cloud-based identity management can be served to both organizations who have very little experience with identity and to those who have had an identity management program for decades. However, the rise of software has ramped up the number of options organizations must sort through.

These days, cloud deployment options range from true, multi-tenant software-as-a-service (SaaS), to software hosted by your organization in a public or private cloud setting or through a managed service provider. Of course, selecting a deployment model that best fits your organization is just part of the equation. What does your organization do today for identity governance? What is the scope of users (e.g., employees, contractors, vendors, etc.), applications and data you’re trying to govern? Organizations with existing solutions in place often have existing – some quite complex – processes to manage the lifecycle of user access.

Key Considerations for Identity Governance in the CloudThis can impact the flexibility and extensibility required in a solution going forward – should those processes like to be maintained. And, to that point, it’s important to understand your current costs so you can build an effective business case with the relevant return on investment. To facilitate that analysis, work with a partner or vendor who has the experience to help you project potential costs of different cloud deployment options. Remember that identity governance – whether deployed in the cloud or in the data center – requires an investment by the business and IT to succeed. When choosing a solution, balance product innovation and capabilities with customer success today and 10 years from now.

The Heart of the Issue

No matter how your identity governance program is deployed, it must address the challenges associated with today’s global workforce, comprised of a complex, distributed network of employees, contractors, suppliers, partners and more. The different access requirements and interconnectedness needed to keep this complex global workforce productive amidst the rise in technology has created a complex mixture of security risks.

Attacks today are increasingly focused on compromising digital identities as a means of penetrating corporate networks. In fact, the vast majority of data breaches, whether conducted by a cyber attacker from inside or outside of the organization, involve the misappropriation of digital identities and user credentials. These credentials are used to gain legitimate access to sensitive systems and high-value personal and corporate data.

Key Considerations for Identity Governance in the Cloud

Identity governance gives the right people access to the right data amidst this complex enterprise environment. No matter how it’s deployed, every identity governance program should address the sheer number of users, data and applications the modern enterprise requires, and what is necessary to control them.

With identity governance, organizations can determine who has access to what and what they’re doing with that access, ultimately reducing risk and mitigating the effects of data breaches. No matter how organizations decide to implement their identity governance programs, it’s the only way to effectively manage risk in today’s hybrid IT environment.

About the Author

Key Considerations for Identity Governance in the CloudRick Weinberg, Vice President of Product Management, SailPoint. Professional Profile: Dynamic, MBA-educated product management, marketing, and strategy professional with a passion for information technology.

May 21, 2019

cyber defense awardsWe are in our 11th year, and Global InfoSec Awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.
Cyber Defense Awards

12th Anniversary Top InfoSec Innovator & Black Unicorn Awards for 2024 are now Open! Finalists Notified Before BlackHat USA 2024...