Request Information
1.877.459.4347

Request Information

or Call 1.877.459.4347

Work From Home – An Application and Identity Management Guide | Part 1

July 13, 2020 / Evolve IP

This is part one of our three-part series on work from home – an application and identity management guide. In this section, we’ll cover the ins and outs of identity and access management. Before we get into the meat of this write-up, we’ll start with a little baseline background.

Background

SaaS is exploding.  Unless you live on Mars, this is a pretty obvious statement!  But what isn’t perhaps as obvious is the gaping hole this explosion is causing in your IT security posture. In many organizations, Active Directory (AD), which used to control all access to company resources, now only governs 20% of applications while 80% of a user’s application load comes from a 3rd party like Salesforce.com or Concur.

That also means IT is no longer the linchpin to get applications up and running. If a user or group of users want to share files, they can have an app up and running in 5 minutes with a credit card. Similarly, when internal applications are not easy to use, the workforce is finding, they now have the power to go out and sign up for tools on their own.

IT is struggling to provide users with the flexibility to get tools the way they want them, while also trying to get their arms around provisioning, usage, and de-provisioning.

Identity and Access Management Defined (loosely)

It’s essential to define these terms before we dive into these two distinct functions within an IT security framework.

Identity Management – This refers to the process of assigning and then managing the attributes of a user.  Who are they, what groups they are a part of etc. For example, “This person is remote, part of the Marketing functional area,” and so on.

Access Management – This refers to the process of taking the above identities, or groups of identities and deciding what IT resources they have access to.

These terms are very closely related and often used interchangeably. This is likely because traditional IT environments where corporate assets have been housed internally have utilized Active Directory (AD) to address both of these dynamics.  Who you are and what you can access.

However, with the explosion of SaaS, AD isn’t able to perform these functions by itself any longer.

Identity Management

Solutions for identity management can be segmented into two buckets:

Here are a few of the options:

Traditional AD – Companies not yet “cloud-enabled” are using this tried and true structure, whether hosted on-premises or in some sort of private cloud environment.  It works great; it’s robust and very familiar and easy to manage.  But, it’s lacking when companies start venturing out to SaaS applications, and identities must be created and maintained at these providers individually; it’s extremely time-consuming for IT to create, manage, and audit.

Directory as a Service – Seriously … another DaaS??  In all seriousness, these are purpose-built solutions hosted by 3rd parties specifically for managing user identities.  They are often built to integrate with other cloud solutions like SaaS applications.  A great example of this would be Azure AD, which is very popular. Mostly due to the fact it’s given away for free in some instances.  These are great for companies that are entirely “cloud-enabled,” but they aren’t built upon full-blown AD.  So, companies that have any legacy infrastructure that requires full AD must maintain both.  And while these two can integrate with each other, it can only be managed using the full AD instance as opposed to the cloud directory instance since that’s the scaled-down version.

In part two of this series on work from home – an application and identity management guide, we’ll dig into what SSO is, how it works, and the three big considerations for why to use SSO. For a much more thorough dive into the work-from-home guide, follow the link above.

Categories: Digital Workspaces Work Anywhere
Listening To Needs. Solving Complex Challenges.

Helping enterprise IT focus on business results, not infrastructure

  • One of the nation’s largest and fastest-growing dermatology businesses estimates savings of $6.45 Million over 5 years

    View Case Study

    “Evolve IP’s digital workspaces have allowed us to acquire more practices in a faster and more profitable way. That is resulting in bottom-line cost savings and top-line business benefits.”

    – Jeff Francis, Vice President of IT USDP

  • International Law Firm Drives Communications Reliability Across 60+ Worldwide Locations and Saves Over $300,000 a Year

    View Case Study

    “That’s the type of proposition I like to bring to a Board of Directors. When I can say, ‘we can get everything new, be completely redundant, it can meet all of our needs and oh, by the way, we are going to save over $300,000 a year.’ It makes it easy for me to sell!”

    – Ken Schultz CIO of Ogletree Deakins

  • Financial advisory firm enables employees to Work Anywhere with an integrated platform

    View Case Study

    “The transition has been almost seamless to our folks, working from home full time. My team looks like heroes right now.”

    Ryan Easter, Director of IT and Principal at Johnson Investment Counsel

Simplify and future-proof your technology footprint with Evolve IP

It's nearly impossible to stay on top of every change in technology. Partner with Evolve IP and gain the combined experience of hundreds of technologists, all acting as an extension of your IT team. Helping you do more with less.

Recognized by:

Certified by:

close

Contact Us

or Call 1.877.459.4347
This site uses cookies for analytics, personalized content and ads. By continuing to browse this site, you agree to this use. Want to know more? Please check our privacy statement.
Close