Why and Where Pure Cloud Play Falls Apart for the Fortune 1000: A Hybrid Alternative to the IDaaS Approach

By TMCnet Special Guest
Dieter Schuller, VP of Sales and Business Development, Radiant Logic
  |  July 31, 2015

There are two approaches to giving identities cloud access: pure IDaaS, or a hybrid method, federating and rationalizing identity on premises in a hub and then connecting to the cloud(s).

Large enterprises are simply not using IDaaS solutions, the evidence speaks for itself. In the 2015 Cloud Computing Trends, a survey of 930 IT professionals, we see that 82 percent of enterprises have a hybrid cloud strategy and enterprises are generally lagging in cloud adoption. What’s more, 55 percent of enterprises report that a significant portion of their existing application portfolios are not in the cloud, but are built with cloud-friendly architectures. In fact, 68 percent of enterprises run less than a fifth of their application portfolios in the cloud.

Why haven’t we seen a quicker uptake with IDaaS solutions?

Fortune 1000 companies and large organizations identity infrastructures are complex, heterogeneous, and not integrated. That’s an unavoidable reality. They want to provide cloud access, but they don’t want to outsource their identity sources for security reasons. Particularly with the rise of security breaches, enterprises want to minimize risk by keeping on-premises identity, while still setting them up for a move to the cloud later down the road.

Identity Integration as an Underestimated Challenge to Cloud Access (IDaaS isn’t Addressing this)

IDaaS solutions are not created to federate a complex identity infrastructure characteristic of a Fortune 1000 company. They must first rationalize the identity infrastructure inside a hub, then leverage that hub as a bridge to cloud and web apps.

The cost of connecting a complex enterprise infrastructure rises with each custom link.

Gartner (News - Alert) analyst Trent Henry says, “Preferred [criteria for public cloud deployment]: Ability to consume on-premises identity data, rather than replicating and storing identity data in the vendor's cloud: Due to privacy, regulatory or information-protection constraints, some organizations might utilize a cloud provider for runtime authentication, but choose not to store user identity data in the cloud. The provider should offer an integration method for on-premises identity data hosting.” (Gartner Research, “Evaluation Criteria for User Authentication,” 19 May 2015)

A Hybrid Approach Based on Federated Identity

This creates a common hub that federates identity and will first rationalize/normalize the different identity representations coming from the multiples data sources (internal applications like HR), directories (LDAP,AD) or even databases (SQL) and provide Single Sign-On and authorization/provisioning to different cloud apps securely with the identities residing safely on-premises. This hub is a stepping stone that will allow companies to migrate or outsource their identity in an orderly and secure manner when and if they need to host in the cloud.

Federating access through SAML, OAuth, or OpenID Connect does not take care of the internal identity sprawl.

In short, companies can manage their identity on-premises instead of outsourcing, and reduce risk while modernizing the whole system – leaving their options open to migrate to the cloud in the future.

“We are seeing success for many major customers in choosing a well-planned hybrid approach, where an identity hub can aggregate, integrate, and normalize identities like an on-ramp for all cloud and web applications,” Michel Prompt, CEO at Radiant Logic said. “Integration is the first step, then hosting the infrastructure, whether on-premises or on the cloud, becomes much more safe and easy.”

For 25+ years, Dieter Schuller has been helping enterprises map technology to solve business problems. As VP of Business Development at Radiant Logic, he works with customers to leverage their existing identity investments to support upcoming business initiatives. Dieter joined Radiant (2001) from Orbit Commerce, where he developed a sales and channel program that included direct sales, resellers, and partners.  Prior to Orbit, Dieter was Senior VP of International Sales at PLATINUM technology, a $1B systems software and services company with over 30% of their revenue attributable to the international markets. 

Edited by Stefania Viscusi
Get stories like this delivered straight to your inbox. [Free eNews Subscription]