We are long past the days when an office was the extent of a secure network. Today, security experts agree that identity management is the true digital perimeter, ensuring that only trusted parties can enter the corporate network.
Identity and access management (IAM) tools tend to be embedded in a business, and changing them is not as easy as switching between Skype and Zoom as a preferred platform. However, making sure you have the right solution for your needs is critical, and there has never been a more appropriate time to reassess your existing supplier.
In this article we cover some of the most popular IAM tools in the UK today. They cover a variety of areas and while most have the same basic functionality, many will specialise in a certain area or be more suitable to a certain type of business.
We will assume that your company has already laid the groundwork for remote working, with policies to support the practice and an analysis of expected traffic and risks – such as freezing password expiry limits and establishing a VPN if needed.
After getting the basics in place, it is time to look at IAM tools themselves. Requirements will vary depending on factors like company size, and others like solution price and vendor support will also come into play. Here are some of the elements to consider when looking for a new IAM solution.
Features to consider
Product features: multi-factor authentication (MFA), single sign-on (SSO), role-based access control, etc.
Ease of use
Compatibility with existing IT
Management of on- and off-boarding
Deployment options – on-prem, cloud, hybrid, hosted
Data migration ability
Identity data consolidation from multiple sources
Protection of identity data (and, related, the end-to-end security of the solution)
Supported standards/membership of standards bodies
Integration with third-party applications
Extensibility and scalability
Delta is Computing’s technology market intelligence service, which distills the opinions and experience of thousands of IT leaders. We have put together a special three-month trial for access to all research to help with business continuity at this challenging time, for the price of a cup of coffee per team member per day. Click here to request a demo.
Microsoft’s Active Directory (AD) is widely adopted for IAM, even though it is not a traditional IAM tool; rather, it is a collection of services that help administrators manage users and devices on a network.
AD integrates with nearly 3,000 business apps, including Salesforce, Box, Workday and Office 365. Customers can run AD on-prem, in the cloud (Azure AD) or in a hybrid deployment.
The cloud version of the app has several important differences to standard Active Directory: for example, it doesn’t include Microsoft’s Group Policy or DNS. Customers often use standard AD and Azure AD together to extend an on-premises AD solution to the cloud.
AD features a directory called the data store, which contains information about network objects like servers and user accounts. It uses logon authentication and access control to these objects to manage security. Through this architecture, AD enables single sign-on to data store objects (including for external users), multi-factor authentication, privileged access management, identity governance and other methods of IAM.
As well as the data store, AD includes many more ways to work with objects in the directory, including rules to define their classes and attributes; a catalogue of information; and a replication service to distribute data across a network.
Microsoft splits Azure AD into four pricing tiers: free, Office 365 Apps edition, Premium P1 and Premium P2. The Office Apps edition is bundled into O365 E1, E3, E5 and F1 licences, explaining AD’s massive user base. Price for the Premium editions starts at £4.47 per user per month.
Delta respondents said that AD had many areas of strength, especially its password and employee lifecycle management. They praised its integration into existing infrastructure, and added, “Seamless user experiences are key, and Microsoft does this so well at present.” They also felt that Microsoft’s resources would enable further development. However, costs were a weak point and said to add up “very quickly.” Microsoft shows little flexibility in this area. – Read more