Work From Home – An Application and Identity Management Guide | Part 1

Blog / Remote Workforce, Security / Work From Home – An Application and Identity Management Guide | Part 1

This is part one of our three-part series on work from home – an application and identity management guide. In this section, we’ll cover the ins and outs of identity and access management. Before we get into the meat of this write-up, we’ll start with a little baseline background.

Background

SaaS is exploding.  Unless you live on Mars, this is a pretty obvious statement!  But what isn’t perhaps as obvious is the gaping hole this explosion is causing in your IT security posture. In many organizations, Active Directory (AD), which used to control all access to company resources, now only governs 20% of applications while 80% of a user’s application load comes from a 3rd party like Salesforce.com or Concur.

That also means IT is no longer the linchpin to get applications up and running. If a user or group of users want to share files, they can have an app up and running in 5 minutes with a credit card. Similarly, when internal applications are not easy to use, the workforce is finding, they now have the power to go out and sign up for tools on their own.

IT is struggling to provide users with the flexibility to get tools the way they want them, while also trying to get their arms around provisioning, usage, and de-provisioning.

 

Identity and Access Management Defined (loosely)

It’s essential to define these terms before we dive into these two distinct functions within an IT security framework.

Identity Management – This refers to the process of assigning and then managing the attributes of a user.  Who are they, what groups they are a part of etc. For example, “This person is remote, part of the Marketing functional area,” and so on.

Access Management – This refers to the process of taking the above identities, or groups of identities and deciding what IT resources they have access to.

These terms are very closely related and often used interchangeably. This is likely because traditional IT environments where corporate assets have been housed internally have utilized Active Directory (AD) to address both of these dynamics.  Who you are and what you can access.

However, with the explosion of SaaS, AD isn’t able to perform these functions by itself any longer.

 

Identity Management

Solutions for identity management can be segmented into two buckets:

Here are a few of the options:

Traditional AD – Companies not yet “cloud-enabled” are using this tried and true structure, whether hosted on-premises or in some sort of private cloud environment.  It works great; it’s robust and very familiar and easy to manage.  But, it’s lacking when companies start venturing out to SaaS applications, and identities must be created and maintained at these providers individually; it’s extremely time-consuming for IT to create, manage, and audit.

Directory as a Service – Seriously … another DaaS??  In all seriousness, these are purpose-built solutions hosted by 3rd parties specifically for managing user identities.  They are often built to integrate with other cloud solutions like SaaS applications.  A great example of this would be Azure AD, which is very popular. Mostly due to the fact it’s given away for free in some instances.  These are great for companies that are entirely “cloud-enabled,” but they aren’t built upon full-blown AD.  So, companies that have any legacy infrastructure that requires full AD must maintain both.  And while these two can integrate with each other, it can only be managed using the full AD instance as opposed to the cloud directory instance since that’s the scaled-down version.

In part two of this series on work from home – an application and identity management guide, we’ll dig into what SSO is, how it works, and the three big considerations for why to use SSO. For a much more thorough dive into the work-from-home guide, follow the link above.

Your essential IT ally for the enterprise hybrid workforce.

MSG_Arena_Primary_Logo-full-blue Nike_logo ford-img marriott-img chk-img apria-img
Friedman
International accounting firm increases productivity by 30% during COVID with fully integrated Work Anywhere™ solutions.

Everything was flowing, everyone's connecting...Just seamless! And everything just worked. We haven't been down since we went remote."

– Chief Information Officer, Friedman, LLP

Dermatology Logo Partners
One of the nation’s largest and fastest-growing dermatology businesses estimates savings of $6.45 Million over 5 years

Evolve IP’s digital workspaces have allowed us to acquire more practices in a faster and more profitable way. That is resulting in bottom-line cost savings and top-line business benefits."

– Jeff Francis, Vice President of IT USDP

Ogletree Deakins Logo
International Law Firm Drives Communications Reliability Across 60+ Worldwide Locations and Saves Over $300,000 a Year

That’s the type of proposition I like to bring to a Board of Directors. When I can say, ‘we can get everything new, be completely redundant, it can meet all of our needs and oh, by the way, we are going to save over $300,000 a year.’ It makes it easy for me to sell!"

– Ken Schultz CIO of Ogletree Deakins

Simplify and future-proof your technology footprint with Evolve IP

Microsoft_logo partner_cisco_logo_120 vm-logo partner_citrix_logo_sized partner_zerto_logo_120 veeam-logo dubber-logo

It's nearly impossible to stay on top of every change in technology. Partner with Evolve IP and gain the combined experience of hundreds of technologists, all acting as an extension of your IT team. Helping you do more with less.

Featured By
 Frost and Sullivan Logo Gartner Logo Inc 5000 Logo Fox Business Logo
Certified By
Hitrust Logo AICPA Logo