Identity in the Cloud: 3 Reasons You Can Do It Now

Are you feeling organizational pressure to move to the cloud? In the last year, the volume of CIO mandates to be “cloud first” or only adopt cloud applications going forward, has increased significantly in large enterprises. The adoption of cloud applications in the enterprise is no surprise due to their inherent business value, but when it comes to security applications such as identity governance, many enterprises have moved at a more cautious pace. But, just like the current data breach reality of when – not if – organizations will be compromised, the adoption of cloud-delivered identity governance is only a matter of time.
As you think about the future, you can breathe a bit easier as the early challenges which held back organizations from moving to cloud-based identity governance have abated.

  • Security – there has been significant investment in processes and technology to allow for the secure deployment and operation of identity governance from the cloud. As evidence, SailPoint just received patent approval on its own zero-knowledge encryption model for storing service account credentials required to connect to on-premises or cloud-based systems. This ensures that sensitive information is never exchanged or exposed due to the unique handling of encryption keys.
  • Product maturity – SSO-centric cloud solutions offer some value but they do not provide the enterprise identity governance required to address security and audit needs across both cloud and on-premises application environments. Now enterprise organizations can deliver SSO, password management, access certification and provisioning solutions across all of their enterprise apps – on-premises or in the cloud.
  • Business continuity – moving your existing, on-premises identity governance solution to the cloud can seem daunting – especially if you have complex business processes. But there is great opportunity for seeing quick value in moving lightweight, authentication workloads to the cloud like SSO and password management to start. Then moving access certifications and provisioning as a second phase. While provisioning and access certifications can be a bit more extensible and therefore “heavy weight,” moving authentication workloads like SSO and password management is much easier as they’re more lightweight in nature. Start there and move other workloads over time.

Are you facing a similar decision on the horizon? Drop us a line in the comments below or contact us here for an even more in-depth conversation, either way, we’re here to help.