IGA and the Cloud: What You Need to Know

With the rise of cloud computing, organizations have expanded their reliance upon cloud platforms. Many have expanded their capabilities and capacity through cloud servers, while others have adopted a hybrid approach that includes both cloud and on-premise environments. Gartner predicts that by the end of 2020, ‘75 percent of organizations will have deployed a multi-cloud or hybrid cloud model,’ with ‘cloud computing firmly established as the new normal for enterprise IT.’

Similarly, Forrester reports that 65 percent of North American companies now depend on public cloud platforms. With the current cloud market nearing $300 billion in 2020, again according to Forrester, upwards of 80 percent of organizations are predicted to migrate to the cloud by 2025. Cloud adoption has become commonplace as more organizations than ever have gained confidence to leverage cloud within their infrastructure.

And while it has brought many new possibilities, including reduced IT costs from purchasing, managing, and maintaining infrastructure and hardware, greater scalability across the business, increased flexibility for accessing content and improved collaboration among users, and enhanced efficiencies by avoiding time-consuming software installations and upgrades, relying on cloud has also brought new challenges to organizations and IT teams worldwide.

Organizations making the shift to cloud must fully consider the security implications that accompany these infrastructure changes. To ensure all employees have the access they need across environments, businesses need the right identity solutions that can keep pace. And they must have complete visibility and context for user access—no matter the complexity of the environment itself. This is where cloud-based Identity Governance & Administration comes in.

The Rise of Cloud IGA

While IGA solutions were initially developed and deployed primarily for on-premise applications, systems, and platforms, the digital transformation that has taken place in so many organizations today, including a gradual or complete move to the cloud, coupled with a highly remote, mobile workforce, has fundamentally transformed the way IGA is delivered. Companies can no longer depend on an outer perimeter for controlling access to networks, platforms, applications, and devices within an organization. They must instead gain complete visibility into who has access to what, and actively manage that access within a cloud or hybrid environment through intelligent, cloud-based IGA. 

This shift in strategy has fundamentally disrupted the identity governance and access management priorities within companies today. And it has required that IGA controls be extended to Platform as a Service (PaaS), Infrastructure as a Service (Iaas), and Software as a Service (Saas), while also ensuring identity governance for systems that remain on-premise can fully support a complex hybrid IT environment. The introduction of cloud-based IGA enables organizations to support their new cloud or hybrid environments, and to maintain least privilege access through cloud-enabled or cloud-connected IGA solutions.

What to Look for in a Cloud IGA Provider

Organizations that have moved or are looking to make the move to cloud should seek an IGA provider that is flexible enough to work within any infrastructure—whether cloud-based, on premise or hybrid. This means from an IGA product perspective, the IGA solution can be fully hosted in the cloud and has been validated to run successfully on cloud. The Access Assurance Suite from Core Security is AWS certified.

It also means being able to integrate with other cloud applications—something Core Security has been doing for a long time. In fact, we have one of the most robust list of connectors for cloud-based applications, including: 

• Office365
• Azure AD
• ServiceNow
• SalesForce
• Workday
• Oracle HCM
• Ultimate Ultipro

Flexibility to integrate with other applications is essential—whether it represents a mix of cloud-hosted or cloud-based. Core Security prioritizes an integration focus and has successfully enabled virtually every integration requested by customers. Ultimately, it’s best to look for an IGA cloud provider that understands the challenges of balancing security with flexibility, that integrates seamlessly with other applications, and that ensures any third-party applications not in the cloud are still appropriately governed through a unified deployment.

Five Key Elements As You Consider Moving to the Cloud

If your organization is thinking of moving into cloud or expanding its cloud footprint, there are some key considerations you will want to take into account before you begin.

#1: Assess whether your core applications are compatible with the cloud: Make sure you understand if and how well your HRIS, CRM, ERPs, and other essential platforms will work within a cloud environment.

#2: Examine whether cloud-based versus cloud-hosted would be optimal for your organization: Identify whether native applications hosted in a cloud infrastructure versus a cloud-based environment that offers applications managed by a provider is preferred in your business.

#3: Ensure you understand the time and lift required for moving to cloud: Recognize the total cost of embracing a cloud approach, including implementation time and costs, resources required for infrastructure changes, impact on other applications, security challenges, training, and overall change management.

#4: Ensure your IGA solution is flexible enough to work with your needs: No matter the environment, cloud-based, on-premise, or hybrid, it’s essential any identity governance solution can support your overall approach.

#5: Start small, then expand over time: Any move to the cloud should start with small steps so you can determine how well the approach is working with you. Leading with a hybrid-first approach will enable you to evolve as your applications evolve and remain in lock-step with your IGA solution to govern user access accordingly.

A Real-Life Story of IGA and the Cloud

Many customers that we have conversations with have similar questions and concerns as they consider moving to a cloud or hybrid IT environment. Recently, we worked with a customer that was just beginning its cloud journey and was thinking of moving to Office365. Given that the organization’s current environment was completely on premise, key players in the organization recognized the enormity of what was being proposed.

The customer had numerous questions and concerns on making this change. The team wondered how to integrate with existing applications, like its HRIS, what the impact would be to Active Directory, how our IGA solution could work in a cloud and hybrid environment, and what the scope and timing for such a project could look like.

We took the time to discuss with them their goals and future vision—and we helped them navigate uncertainties, giving them insight and expertise on where to start. We provided options for managing the access of users within a hybrid environment and we helped them understand how they could provision and deprovision access within a complex IT infrastructure.

More than anything, we helped the organization realize that cloud is a beginning, it’s not an endpoint. And while many of the questions from the customer were high level and not drilled down on the role of cloud-based IGA, we helped the team understand the full magnitude of what this type of engagement would entail.

So no matter where you are and no matter how hesitant you may be in adopting cloud for your business, experts from Core Security are here to help you navigate through this important change in your organization—mitigating identity-related access risks no matter where they may come from.