“Best practices for IAM architecture patterns need to change. Identity systems must be more agile, handle a wider set of use cases and provide more protection against unauthorized access. IAM must evolve from a set of capabilities that supports specific use cases in a series of identity silos to a more flexible platform that is able to quickly support new business and new combinations of access needs.” (Gartner, The Evolving Architecture of Modern Identity, Refreshed June 18, 2018, Published 23 February 2018, Mary Ruddy)
This may be your current situation. You spent millions of dollars on your traditional IAM and IGA stack and it has taken you over three years to implement. Now more mobile devices, Alexa’s and other internet devices, are popping up all over your organization and you need to add them to your IAM stack fast before they become a liability. At the same time, the business has ever changing rules and requirements and they don’t match to what you built. You know that any changes will take additional investment and more time that you don’t have. In addition, you are experiencing a large skill shortage. How can you do this and still leverage your existing investment. What do you do?
Here are three ways you can modernize your IAM and IGA
- Perform a robust IAM and IGA Advisory Assessment to identify where you are, where you want to be, and how to get there. The main focus here is performing the assessment against a robust and modern IAM Program Reference Framework and against industry standards. The main outcome is an agile and nimble IAM Program Roadmap that identifies the highest risk cybersecurity, IAM, and IGA, gaps and takes immediate action to remediate. Setting these goals is important to figuring where you are and where you need to be.
- Implement modern IAM Microservices with Perseus IAM. IAM Microservices can not only remediate immediate cybersecurity gaps, but also modernize your architecture and infrastructure at the same time. This will aid in the establishment of modern, robust, and nimble IAM capabilities for both on-premise, hybrid cloud systems, and new internet enabled devices. Modern products like Perseus IAM are built using IAM Microservices and API’s to bridge the gap between a modern IAM stack and your legacy IAM and IGA.
- Establish a repeatable and measurable feedback loop. Use this process to increase the maturity, effectiveness, and efficiency of the IAM Program over time. IAM is always changing and you need to keep yourself updated on new technologies, new requirements, and new threats - this way you can change your goals accordingly!
Cross train your current team and hire DevOps, AI, and ML savvy candidates. In order to prepare for the upcoming wave of nimble, agile, and DevOps ready IAM, IAM leaders must focus on hiring and retaining architects and engineers with a wide array of DevOps skill sets. These include containerization, orchestration, elastic infrastructure, AI, ML, and real time operational support.
About Aldo Pietropaolo
Aldo Pietropaolo is a cybersecurity evangelist, identity security expert, and co-founder of Good Dog Labs, A Lighthouse Company. Good Dog Labs modernizes identity and access management and governance for SMB’s and large enterprises using advisory and implementation services in addition to bringing new innovative products such as Perseus IAM to market.