Page 8 – Radiant Logic | Unify, Observe, and Act on ALL Identity Data

Four young professionals sit outdoors in a row, dressed in business attire. Two are looking at mobile devices, one holds a tablet, and they appear engaged with their technology, with trees and blurred buildings in the background.

Going Cloud or Hybrid? You Need an Identity Data Fabric

July 6, 2022/in Blog Lauren Selby/by Josue Ochoa

It’s no secret that a company’s digital transformation requires the move of some (or many!) operations to the cloud. And lots of organizations have had such a move on their to-do list for some time. With so many benefits to going “cloud-first”, why all the hesitancy?

Making the move to the cloud is easier said than done for enterprise-level companies who depend on legacy and on-prem systems to get work done. To add to the complexity, these companies often plan to take advantage of several different cloud-based services too—and if they’re not currently, they will be.

These organizations often get stuck in a hybrid cloud environment for some time—and they’ll likely remain hybrid forever. Critical services remain heavily reliant on legacy and on-prem infrastructure. Unfortunately, these environments are heavy in silos that don’t integrate easily with each other, the cloud, or modern identity access management (IAM) systems and security approaches.

Successfully migrating and maintaining a complex environment in and across the cloud (AWS, Azure, and/or Google cloud platforms) requires a layer of abstraction to sit between the sources of identity data and the IDaaS (Identity-as-a-Service) solution of your choice. Implementing a strategic identity architecture is the right step forward for cloud success.

Common IAM Challenges of Moving to Hybrid & Cloud Environments

In many cases, a company’s identity isn’t prepared for hybrid or cloud environments. Hybrid IT is much more complex when it comes to identity data integration. This presents many challenges when trying to migrate key applications into the cloud.

For example, identity attributes may be scattered across disparate systems, resulting in data silos. And these silos, coupled with data diversity, make it impossible for companies to see a clear picture of their user base, often resulting in serious security risks and compliance difficulties.

Another key challenge, especially in today’s work-from-home environment, is managing access across a growing number of devices. As new devices are used to access company applications and resources, security becomes increasingly important. Yet, silos make it nearly impossible to manage access at a granular level.

If your legacy data can’t be integrated with modern security protocols or if inconsistency in access policy exists across applications, you end up expanding your attack surface by introducing the cloud. As a result, there will be additional accounts that must be maintained and more entry points to secure.

Flexibility and scalability in identity data integration are more important than ever. Current IDaaS integration tools such as those from Microsoft and Okta are limited in scope. Finding a flexible, scalable, reliable, and cloud-ready identity data integration platform is paramount.

The Solution: An Identity Data Fabric

When identity data is sprawled across multiple on-prem and in-cloud repositories, a robust approach to relaying and using this information is exceedingly important. That solution is an Identity Data Fabric.

The Identity Data Fabric enables the abstraction of identity operations, making it easier for developers to secure and identity-enable their applications—without the need to understand the underlying identity infrastructure.

With access to identity data delegated to a specialized layer like the Identity Data Fabric, applications can meet operational needs such as authentication and authorization, while also protecting sensitive identity information.

Identity Data Fabric: The Foundation of a Strategic Identity Architecture

Preparing for a cloud migration requires data integration, normalization, and transformation. Any organization looking to migrate can turn to the TechVision Research reference architecture. According to TechVision’s report “Architecting and Managing Hybrid and Cloud-based Identiy Services,” an identity data service is a critical component for any identity architecture:

“Identity should ultimately be a ‘utility’: it should be easy to identify individuals, applications and things and provide access under proper security controls that are privacy centric.”

Going Further: Implementing an Identity Data Fabric

The RadiantOne Platform helps you create a flexible Identity Data Fabric. RadiantOne is a powerful platform that spans all sources (cloud-based or on-prem) and delivers identity however it’s required to facilitate secure access, efficient operations, and enhanced user experience.

The TechVision report says it best:

“Their solution is an intelligent identity data platform that acts as a broker between applications and identity stores that does not rely on simple replication or traditional batch synchronization. Instead, the platform virtualizes data silos to build a unified version of identity. A persistent data cache with automatic, event-driven refresh enables speed, scalability, and integrity in environments with high volume, data distribution and complexity.”

RadiantOne offers a modern directory for on-prem and cloud deployment, synchronizing to and from on-prem and cloud-based identity sources. It’s a universal connector, ensuring you’re never locked into one provider and helping you maintain control over your identity data.

A hybrid environment offers many benefits, including enabling you to take advantage of the cloud while maintaining your critical legacy environments. Taking stock of your identity resources ensures you can move forward in the current hybrid reality with confidence and success.

Learn More About Identity Architecture With Radiant Logic

You can learn more about developing and managing hybrid and cloud-based identity architectures by reaching out to our team today; we’re here to help.

View looking up at modern glass skyscrapers reflecting sunlight, with a bright blue sky and scattered clouds in the background.

Identity Data is the Key to Your Security Infrastructure

June 29, 2022/in Blog The Radiant Team/by Josue Ochoa

As identity sprawl accelerates and identity information is spread across a complex web of legacy, hybrid, and multi-cloud systems, your organization is unintentionally putting itself at greater risk. The lack of visibility across all these systems creates security gaps—offering more opportunities for misuse or negligence by employees, and opening the door for cybercriminals to take advantage.

According to one survey of security professionals, each instance of credential theft or misuse is prohibitively expensive. Employees who misuse credentials cost companies an average of $307,111, but the cost nearly triples to $871,686 if it involves an imposter or thief who steals credentials. Companies today simply cannot afford to spend these millions annually on investigation and remediation of credential incidents.

Many companies rely on a combination of technology and policies to mitigate their security risks. End users are often tasked with managing their various access information because they use many different systems–putting the onus on them to manage their own security, which is far from best practice. IT teams are tasked with deploying the right combination of technologies to manage identity and keep things secure—in an increasingly complex and difficult to manage environment.

When an organization finds itself with a mix of data sources (home grown or legacy,
on-prem, in the clouds, and so on), the identity infrastructure becomes difficult to manage efficiently, and security becomes exponentially more challenging. How can companies ensure that only authorized and approved users access systems and resources without putting all the responsibility on employees?

Zero Trust is the newest approach to the challenge of securely connecting users to IT resources. Let’s get into it: keep reading to learn what that means, and how to implement it, even with a complex identity environment.

Using Identity Data to Enforce Security Policies

If you’re a cybersecurity professional, you might wonder how you can authenticate and authorize users based on information sourced from multiple stores—to get finer-grained access control. When the identity data relevant to each user is spread across the infrastructure, there’s no one spot that a policy enforcement point can connect to,
to assess a complete set of information and enforce access policies. This is a common challenge when the organization has identity stored in different formats, accessible through different protocols, and lacks an overarching unified list of users. Most large companies have a decentralized environment so it’s nearly impossible to manage access centrally
and granularly.

All this complexity is difficult for IT and security teams to manage. An approach to simplify this complexity moves the responsibility for the security and management of identities to an Identity Data Fabric which can intelligently gather and manage the multiple identity sources required to extend access for users.

An Identity Data Fabric approach is the key to enabling a Zero Trust framework, making it easier and efficient to manage identity data across multiple sources through unified identity data. Let’s take a closer look at Zero Trust and how it can unlock better cybersecurity.

What is Zero Trust?

Zero Trust is an “architectural state of mind,” as Paul Simmonds, fellow analyst at KuppingerCole, explained at the KuppingerCole Cyber Security Leadership Summit.

It’s a security framework deployed at the enterprise level that removes implicit trust and enforces user and device authentication throughout the entire network.

In the past, companies have been too trusting of users and devices by default. “Traditional corporate networks typically give too many people too much access for no particular purpose,” the creator of the Zero Trust strategy told Computer Weekly. This led to unintentional abuse by internal users and made it easier for criminals to take advantage of the situations, with criminal insider threats now making up 23% of all security incidents, according to one survey of cybersecurity professionals.

The Benefits of Zero Trust

The Zero Trust security model means that no user, even if they are on the network, is trusted by default, as they could be compromised.

When implemented, Zero Trust frameworks:

Require identity and device authentication multiple times throughout the network so you can implement extremely granular security models
Limit the number of opportunities for criminals or bad actors to gain access to secure content by restricting the parties with privileged access to each segment of a network, device, machine, and information
Scale easily for today’s complex IT infrastructure models, including on-prem, cloud, and hybrid models, so every company can increase security
Reduce the responsibility of users to maintain their profiles because it can be seamlessly combined with other security measures behind-the-scenes

While Zero Trust can enhance your organization’s cybersecurity, such an architecture requires access to the richest possible set of identity attributes. But gathering the needed identity data has long been a major pain point for complex organizations with years of identity investments and no small amount of identity sprawl.

An Identity Data Fabric can incorporate decentralized identity data because it’s built to unify identity across heterogeneous systems. With an Identity Data Fabric, it’s easy to incorporate your disparate identity data and update your security posture in a scalable, manageable, and secure way. Here are three ways it helps you leverage your identity data to drive better cybersecurity.

1. Create a Common Identity Data Model

Before: User profile attributes are spread across multiple sources, making it inefficient or impossible to create a single source of identity truth. Users are described differently in each source and have duplicate info stored in each. Plus, there’s no efficient way to map or align the data.

After: An Identity Data Fabric unifies identity data to create a complete global profile no matter the number of sources. Security teams can use the common identity to create policies that enforce more appropriate access and maintain them more efficiently no matter how often the data sources change.

2. Enable Access Easily Across Diverse Data Stores

Before: Identity data sources use different identification and credential-checking mechanisms, making it challenging for application and security teams to navigate when building access systems. It’s difficult to efficiently authenticate users because there are too many protocols and schema elements to handle, given that each user may have profiles across multiple sources, creating unnecessary work for IT teams when trying to extend access.

After: The Identity Data Fabric enables a single location for applications to go to for authentication and profile information that’s integrated with each store in the identity environment—without extra coding or advanced technical work. It offers a more flexible way to integrate identity data into a common security model.

3. Create Granular Security Profiles More Efficiently

Before: Security teams have trouble managing existing and potential group members as this data is spread across multiple sources, and can often be out of sync, not up-to-date, or inaccessible. Users are often assigned generic, high-level profiles based on incomplete information, again leaving security gaps that can be exploited.

After: Identity data, and groups data, can be integrated from multiple sources easily and efficiently with an Identity Data Fabric, offering more opportunities for you to categorize and group users in detailed and flexible profiles—easily.

The Smart Way to Integrate Identity Data Into Your Security Strategy

Think it costs too much to integrate identity data into your security strategy? Think again. Dealing with a data breach could cost your company anywhere from $4.58 million to $11.45 million. If that’s not enough, consider Gartner’s forecast that by next year, 80% of the new digital business applications opened to ecosystem partners will be accessed through Zero Trust Network Access (ZTNA), putting the pressure on organizations to prep their infrastructures for ZTNA use.

Security approaches have evolved today, as have the tools and technology used to support them, and an Identity Data Fabric accelerates adoption and modernization of all these identity-secured solutions. Radiant Logic can help you integrate all your identity sources into a more comprehensive security strategy—in fact, we’re the unified identity foundation of the Zero Trust model. We’ve got the expertise and tools that can start you on a more modern and sustainable security strategy.

An Identity Data Fabric can radically simplify management of your complex environment—and enable quicker adoption of best security practices. Contact us today to learn more about how RadiantOne can help you accelerate implementation of your Zero Trust Architecture.

A woman in a green sweater sits at a desk, participating in a video call with six people displayed on her computer monitor, smiling and gesturing with her hands. Her workspace includes plants and a digital clock.

The Future of Identity: Why Context Matters in IAM

June 22, 2022/in Blog The Radiant Team/by Josue Ochoa

Delivering Identity and access management (IAM) is becoming more complex in a world with growing remote workforces to secure and sophisticated cyber-attacks. The traditional model of assigning access to users by role and then using a perimeter security approach to manage risk isn’t cutting it anymore—it’s costly, manual effort that’s not scalable and doesn’t address today’s requirements for flexibility. Companies use so many different applications, services, and resources these days, it’s nearly impossible to manage identity the way we’ve always done it.

What companies need today is more context—contextual identity data, that is—to enable
contextual access.

Context-driven access control is the emerging gold standard for addressing the ever-changing identity requirements for companies.

Whether your employees are remote, hybrid, or always working in the office, you need a solution that’s restrictive enough to protect your systems, yet not so restrictive it impacts productivity—and this can only be delivered by knowing your users well.

Context-based access leverages the factors that make up a user’s behavior and activity, such as geolocation, device type, work schedules, etc. to make intelligent decisions about what access should be allowed. Let’s say an employee who typically uses a laptop to work during daytime hours of a workweek attempts to log on to the corporate network at
3 AM on Sunday with an unknown mobile device. With context-based access, that logon attempt could be blocked automatically. However, if they tried to do the same thing at 9 PM on a Thursday, the system could still allow them in, but with restrictions since it’s atypical behavior—while alerting management.

Simply put, a context-aware access system minimizes the risk to your systems, data, and employees, consumes fewer IT resources, and enables high productivity across the organization.

Want to see how organizations can lay the foundation for contextual access, and how it facilitates the future of work for today’s modern companies? Keep reading. 😉

How IAM is Evolving

The traditional corporate security perimeter was becoming extinct even before the recent mass shift to remote working. People have gone from working within closely monitored and secured enterprise networks to a largely unmonitored and unsecured WiFi network at home…or at a coffee shop, or even in a different country. Employees working outside the traditional security perimeter, from a variety of devices, locations, and accounts, provides more opportunities for cybercriminals.

Identity is the new security perimeter—and it encompasses both humans and devices. By building and leveraging the context around each identity, IAM systems can better manage the many thousands of users involved in today’s enterprise networks, while mitigating risk at a more granular level. From temporary employees and contractors to full-timers that manage key aspects of the business process, all identities can be secured and managed with the right context.

Baking Context into IAM

Contextual access actually makes more sense overall since user access needs can change frequently. An employee working from home still needs to access the same applications, systems, and data as if they were at the company office, while one on a business
trip might not.

When contextual identity data about each person is available, enterprises can establish granular access control driven by unique attributes. Richer context gives you control over which applications, assets, and resources users can access based on rules
and policies.

How Does Contextual IAM Work?

Contextual access decisions can be enforced through risk scores, or levels, that are based on a combination of attributes such as location, device, access request type, time of day, and/or role. That risk level can then be used to determine the appropriate access.

Risk Factors

Risk scores can be based on multiple factors such as:

Location: Where is the request coming from? The main enterprise office or somewhere else? Where does the user’s profile indicate they should be making requests from, the local office or somewhere else in the world?
Device: What device type is making the request? A laptop inside the secure enterprise network or a smartphone on public WiFi?
Access request type: What type of activity is the user trying to do? Is someone just checking email, or are they trying to access high-value data?
Time of day: When is the request being made? Is it during regular business hours or outside of them? Is it during the user’s assigned work hours or at an unusual time like 3 AM?
User role: What role is currently assigned to this user? Is it the CEO or a temporary employee? An IT team member or long-term consultant?

For example, someone requesting access from a location where you don’t have any business dealings is high risk; someone requesting access from another area of your home country is medium risk; someone requesting access from a data center where you house technology is low risk. A contextual IAM system can then assess the users overall risk score in conjunction with other factors to dynamically grant appropriate access.

Dynamic Risk Level Assessment

But first, you have to lay the foundation for your contextual access system. It can only enable access for users with multiple changing factors if it has a source for that information—it can get that contextual user information coming from multiple systems through an Identity Data Fabric. An Identity Data Fabric unifies disparate identity data into a single source, with context about each identity available for consumption in one location. This capability becomes increasingly important as users move from one context to another or one work environment to another; implementing a unified identity data system today can facilitate such access.

For example, a doctor would need access to patient records at multiple locations across a hospital’s clinic network—but only during their appointed shift hours, and not in clinic locations where they are not practicing. The doctor’s information (title, assignments, shift data, authorized work locations, etc.) would need to be centrally accessible by a contextual policy engine to determine access.

The administrative efficiencies of a system based on unified identity data are also significant for the entire organization. New employees or those changing teams or roles can have their access updated automatically—with minimal intervention from IT or HR teams.

Optimizing IAM for the Real World

All of this sounds wonderful, but it also sounds like a lot of work—maybe even impossible—given that many enterprises struggle just to maintain their current IAM system. IT teams are already inundated with work, so how can they implement contextual access
at scale?

An Identity Data Fabric can play a key role here by unifying all identity data information and making it available wherever it’s needed to enforce contextual access rules. The solution uses model-driven virtualization to gather all this data from various endpoints and deliver it to contextual access engines.

The biggest hurdle for most enterprises to get started is pulling all the scattered identity attributes together in a way that makes sense and then delivering it to the access engine. An Identity Data Fabric makes that task easier by pulling together all the identity data across diverse sources into a fully reusable and consumable service.

How does an Identity Data Fabric Enable Contextual IAM?

The Identity Data Fabric takes care of the “heavy lifting” for integration, making it easily accessible to the specialized tools without having to laboriously hard-code connections between diverse data stores. This frees the IT team to take on more advanced security projects, such as determining the appropriate risk factors, regularly reviewing policies, and creating remediation policies for when things go astray.

It enables the enterprise to apply and enforce access management policies across the organization and apply simple and consistent permission management across numerous systems and users, making everything more efficient and secure.

It brings business-level controls and visibility to a previously mysterious IT security strategy and infrastructure, increasing the transparency of the whole process. The transparency makes it easier to prepare for audits and compliance reporting, while also reducing the IAM workload across the organization.

Context is the Key to Intelligent Identity Data Management

Identity management is crucial for minimizing risk, improving user experience, and accelerating business—but there’s no one-size-fits-all approach. Employees need different types of access at different times—without reducing their productivity.

An Identity Data Fabric, weaving together context from existing identity systems (wherever they operate, in the cloud or on-prem), allows enterprises to implement a more advanced approach to identity management sooner rather than later—without heavy lifting on the implementation side or becoming too hard to manage during daily use. It unifies identity data to enable seamless, secure access across the organization while IT teams and business leaders can focus on innovation. It’ll strengthen an enterprise’s security posture without getting in the way of productivity.

Learn more–get in touch and we’ll talk your ear off about the future of identity!

Long-exposure photo of swirling orange and yellow light trails forming overlapping circular patterns against a dark background, creating a dynamic, abstract effect.

What is Zero Trust and What Does it Mean for Digital Security

June 20, 2022/in Blog Ken Jochims/by Josue Ochoa

IT departments already have a lot on their plates as organizations struggle to stay ahead of the latest security threats to their digital data. The pandemic has highlighted the importance of securing connections far beyond the firewall to cover remote work, partner, and customer access. Also high on the agenda is the need to create positive user experiences for all your key stakeholders.

These issues are impacted by how IT is organized in most large organizations and to what degree they suffer from IT sprawl. Such sprawl is a direct result of siloed business units, geographical distribution, company reorganizations, mergers, acquisitions, and evolving business models. All of which accelerate the number and types of identities organizations must manage.

As IT sprawl grows, identity information is spread across a complex web of legacy, hybrid, and multi-cloud systems, creating larger attack surfaces. These sizable surfaces challenge keeping data and identities secure while ensuring that only approved access is granted to the right resources without putting all the work on the end-user.

What Zero Trust Means for Large Organizations With Complex Identity

In today’s perimeter-free world, Zero Trust has emerged as a way to accomplish all of these tasks and has become a key trend in cybersecurity. The fundamental tenets of the Zero Trust model assume that the network isn’t safe and that access to resources must be restricted until users prove their identity and access permissions in a series of progressive disclosures. To achieve this goal:

Every device, user, and network flow must be authenticated and authorized
Policies must be dynamic and calculated from as many sources of data as possible
Implementing this approach must deliver as frictionless a user experience as possible

Every device and user must be verified in a Zero Trust environment, regardless of where they exist. That means both within an organization and without in the case of partners and customers. This approach is very effective, especially for large organizations undergoing mergers, acquisitions, and reorganizations. These companies often merge various, disparate systems and legacy systems in different forms, such as cloud, web, and enterprise applications.

After a merger, when two organizations must find a way to extend secure access to new resources and users across the newly constituted organization, user information and applications are siloed and operate differently. The existing infrastructure and identity and access management (IAM) tools may be inflexible and have trouble meeting changing business needs or supporting new initiatives.

However, organizations can’t just get rid of this old system. Legacy applications depend on this data and can break if you try to move or alter it. What you need is a unified view of all that data. This allows you to see who has access to what and secure access, make better decisions, and quickly deploy new services.

Improving Security AND User Experience—At the Same Time

The typical approach organizations take to manage merged and legacy systems is to create custom integrations. However, this time—and labor—intensive process must be repeated for each data silo and application and requires ongoing maintenance and updating. In addition, any new initiatives that arise will need a single source of data—with all users, credentials, and profiles in the right schema, structure, and accessible via the right protocol. Without a single data source, IT teams face multiple manual processes that require an incredible amount of time and money to build and maintain.

A more effective solution is to create real-time access to all identity sources so the detailed, up-to-date attributes required for instant access decisions can be retrieved even if they’re spread throughout a fragmented infrastructure. This approach allows you to consolidate data from different sources into a single source of identity truth to authenticate and authorize every user with policies enforced by information dynamically delivered from as many sources as available.

Turn Zero Trust from a Buzzword to a Scalable, Operational Approach

Zero Trust is the new way to approach the challenge of accessing the right identity data—intelligently gathered from across many sources—at the right time to securely connect users to the resources they need. But complex infrastructures create obstacles to this reality in the face of legacy identity spread across hundreds or thousands of disparate sources. That’s where the RadiantOne Intelligent Identity Data Platform comes in.

The key to implementing a successful Zero Trust approach requires that authentication, authorization, and governance processes can instantly locate and utilize the exact identity data required when it’s needed. Once implemented, this approach can deliver an operational and scalable Zero Trust security model for your organization.

Harness Identity Data as a Driver of Zero Trust Architecture

The RadiantOne Intelligent Identity Data Platform integrates identity data—regardless of source or location—to form an infinitely reusable Identity Data Fabric to create a unified identity foundation for your IAM framework. RadiantOne acts as an abstraction layer between identity-consuming applications and required source identity silos, isolating consumers from the complexity of the infrastructure. RadiantOne unifies your identity data and organizes it contextually, making the data available quickly and securely via multiple protocols—LDAP, SQL, and web services. This approach lets you harness identity data to drive your Zero Trust Architecture.

RadiantOne unifies all identity stores, giving consuming apps a single point of access and delivering a single version of the truth. You can think of each application and data source as a spoke off of a hub, into which you can easily plug in a new population of users from a merger, or a new initiative, in a matter of hours or days, instead of taking months or years to customize.

The RadiantOne platform creates the foundation to deliver practical implementations of Zero Trust for complex infrastructures that enable enhanced security and better user experiences that can:

Authenticate all users with a single source for verification
Take multiple endpoints and domains and create a unified location for attributes from dissimilar underlying sources
Enable detailed policy design with contextual, complete views of information gathered from across the organization
Extend a Zero Trust Architecture approach to the entire infrastructure, with flexibility and support for standards that enable you to connect modern IAM architectures with legacy systems
Provide seamless yet secure experiences for a better overall user experience

RadiantOne lets you intelligently manage identity data to enable security and business development while securely connecting identity-consuming apps and resources at the right time, no matter where they are. RadiantOne bridges identity requirements across platforms and protocols, unifying identity data and creating a consistent, reusable resource for developers that drives a seamless experience for all users.

Radiant Logic is an industry leader in implementing commercial solutions of Zero-Trust Architectures. In 2021, Radiant Logic was selected by the National Cybersecurity Center of Excellence (NCCoE), part of the National Institute of Standards and Technology (NIST), as one of the technology collaborators to contribute to the NIST/NCCoE’s new Zero Trust Architecture project.

As part of this initiative, Radiant Logic will contribute to the development of a practical, general-purpose enterprise IT infrastructure based on context-driven identity data. “A Zero Trust approach relies on a strong identity foundation,” says Joe Sander, CEO of Radiant Logic. “We believe that offering a single pane of glass for context-driven identity data will accelerate interoperability and eliminate identity integration challenges, making identity the enabler of a secure enterprise architecture instead of a risk vector.”

Identity is the core of modern cybersecurity. Contact us today to learn more about how RadiantOne can help you manage identity data and build a solid foundation for your Zero Trust architecture.

A laptop and a typewriter are placed side by side on a split blue and orange background, with crumpled paper balls nearby, symbolizing the contrast between old and modern writing technology.

Moving Away from Legacy Is Hard, But an Identity Data Fabric Can Help

June 15, 2022/in Blog The Radiant Team/by Josue Ochoa

In most organizations, identity data already exists in multiple forms across diverse sources. This happens naturally over time. For most of us, it comes about as the company grows, new users are added, and new applications and software are adopted. There are also planned digital transformations and migrations to cloud structures that can cause multiple identity data stores. On top of that, there are mergers and acquisitions, where entire disparate organizations are brought together.

After the merger, companies are left with a mess of multiple data stores spread across the newly merged enterprise. Your identity system is now a complex web of information featuring multiple identity profiles—even multiple profiles of the same user—each one containing slightly different fields. You’re left with incomplete information in each store, which may even be out of date, out of sync, or in conflict with the information from another authoritative store.

While all of your data is valuable and necessary, it doesn’t necessarily connect easily together, and it can be difficult to access, understand, or deploy across platforms and new systems.

Many large organizations end up maintaining multiple, sometimes dozens of, disjointed and isolated identity data stores. This is a real drag on the organization. Having multiple data stores that don’t communicate can result in significant lost opportunities and increased security risks.

In a best-case scenario, companies spend a lot of time and money on the problem, resulting in complex integrations to connect users to applications according to the correct permissions. In the worst-case scenario, the integrations don’t work well (or at all), and the identity data becomes a lost opportunity.

Legacy Systems Can Be a Real Drag—on Progress!

Nearly every organization has one or more legacy systems that may be approaching the dreaded End of Life, already past the support window—or are simply not modern implementations. Such legacy systems might be obsolete because they’re not the latest version, or there might be more functional ones or newer technology available.

However, the pain and expense of upgrading or decommissioning such legacy systems are so great that they often remain in use in daily operations of large organizations or government agencies. Keeping them is not ideal because:

They are costly to maintain
They can present a security risk
They may not have good (or any) documentation or support, and IT may be unable to fix it if it goes down
The personnel to support them is costly, and these professionals could be better used elsewhere
They run the risk of disrupting services and causing downtime

The answer isn’t simply migrating to a new system. Sometimes the existing system must be maintained, but the answer is how to enable it to keep functioning more optimally. On the other hand, migration can cause productivity loss because the organization can’t take the time to shut down and migrate these high-volume programs. A successful migration needs to minimally impact business functions. Since this is hard to guarantee, it’s often put off until the need is critical.

Data Sprawl Equals Increased Risk

Most large companies have diverse identity stores. They create multiple profiles with every merger and acquisition, employee promotion or role change, or company reorganization. You can also have different schemas across Microsoft Active Directory (AD), databases, directories, or applications.

Organizations can end up with sensitive data siloed in diverse data stores. All of this makes identity management challenging because silos don’t readily interoperate. You can try connecting data stores with customized connections, workarounds, or insecure APIs, but those are usually breakable band-aid solutions that can incur ongoing maintenance costs.

This whole process can create a bad user experience. It also leads to additional complexity and security risk in your organization. Yet, with the valuable data in these apps, and the potential cost and downtime that can come from the modernization of the infrastructure, it’s no wonder many organizations are hesitant to deal with the problem immediately.

Yet while legacy systems are around, you have account complexity which can cause delays, require manual account research, increase the likelihood of role and privilege mismatches, and increase the risk of an attack. Whether you like it or not, you may be forced to figure out a solution.

The Complexities of Managing Identity Sprawl

Managing identity sprawl is complex enough that the identity and access management (IAM) solution industry is growing and is expected to be worth US $26 billion worldwide by 2026.

Implementing modern IAM generally demands highly specialized services to ensure IAM tools and platforms work correctly. Legacy applications and other identity stores make the process even more complex.

Professional services are not always successful in bridging diverse identity data stores and multiple user profiles. A drawback of using professional services is that they can still result in a patchwork of connections to applications and identity stores. This makes IT even more complex, with even more potential failure points. Another drawback is that when a solution does work, it’s costly. Large organizations may spend hundreds of thousands of dollars on the process before deploying the IAM platform.

A More Flexible Alternative: Identity Data Fabric Architecture

A simpler, more reliable solution is to resolve your identity sprawl with an Identity Data Fabric, giving you increased flexibility, lower costs, and enhanced visibility and control over user access.

An Identity Data Fabric radically simplifies complex identity management initiatives.

Radiant Logic’s Identity Data Platform acts as a broker between applications and identity stores. Instead of relying on simple replication or traditional synchronization, it creates “unified views” by integrating across any number of authoritative data sources, including directories, databases, and web services. The Identity Data Fabric architecture is designed to configure a connection once, then utilize the unified identity data feeds from the platform throughout the infrastructure.

RadiantOne enables easy migration off legacy systems where appropriate and helps maintain systems that still serve their purpose—retrofitting them with modern capabilities to extend and recapture value from these investments. Modernizing the infrastructure is made much simpler with an Identity Data Fabric approach.

RadiantOne in Action in Real-World Deployments

A large North American bank with over 1,000 branches and 90,000 employees turned to RadiantOne when they needed directory migration and identity simplification. Radiant Logic consolidated user access and provided additional visibility into user activities. They drastically reduced the costs associated with manual processes, particularly for legacy applications.

Another bank holding company with more than US $500 billion in assets also used this approach when it needed to support a massive merger while maintaining continued access to legacy apps, providing a single sign-on, and using web-based apps. Radiant Logic provided the solution for rapid deployment to the lower domains and production, which, from an IT perspective, was a clever solution that reduced the risk of a failed acquisition.

Identity Unification is Essential

Getting a grip on identity in your organization is no longer a nice-to-have. Identity sprawl can hold back your business and increase your cyber risk.

Radiant Logic’s identity unification approach offers a powerful identity enablement solution that can help organizations who are modernizing their identity sources, undergoing digital transformation initiatives, migrating to cloud services, or going through mergers and acquisitions and combining disparate data sources.

The Identity Data Fabric results in increased flexibility, lower costs, and enhanced visibility regarding user behavior. Overall, it streamlines the process of identity unification and can radically simplify complex identity management initiatives.

Ready to find out more? Contact us today.

A row of nine electrical cables of varying thickness and color, with exposed cross-sections showing different arrangements of internal wires and insulation.

Why it’s Time to Cut Ties with Your Legacy Directory

June 15, 2022/in Blog The Radiant Team/by Josue Ochoa

It’s almost impossible in today’s complex IT world to imagine a company that hasn’t grown by acquisition. In the highly regulated oil and gas industry, for one, it’s even more common to grow in a piecemeal fashion, pivoting and acquiring as needed to stay relevant and compliant. The downside to this growth strategy is the chaos behind the scenes. It’s best if you don’t look behind the curtain—you might become a little disenchanted by what you find. If you’ve come across Radiant before, you know we’re all about that one perfect unified identity data source to power your identity projects, but that doesn’t come together easily following a merger and/or acquisition.

An acquisition-based growth strategy usually means legacy IT solutions, held together by duct tape and a prayer, disconnected identity data, sky-high maintenance costs, and frustrated resources who are held back from delivering higher value contributions by sub-par tools. So instead of an all knowing and all powerful source of identity truth, you’ll likely find a tired, frantic IAM team pulling all kinds of levers to make things work.

A Gas and Oil Leader Gets Stuck in the Pits

In the case of one North American energy producer, they had to stand up competing overlapping architecture and infrastructure services to accommodate tactical business needs—band-aid solutions that took up time they would rather have used for more strategic, forward-looking projects. That meant more complexity, more overhead, a larger footprint infrastructure-wise, more complicated processes and little fiefdoms where every business unit had their own infrastructures. Their identity sprawl was getting seriously out of hand and budget—all the while still causing serious risk to the organization.

After years of growth by M&A, and feeling the pressures of market volatility—needing to improve revenue without an increase in staffing budget—they were left maintaining a very complex, very expensive identity system, based on end-of-life LDAP directories from Novell and Oracle, resulting in “punishing” and “ridiculous” bills for support. Maintaining duplicate identity information was a pain to maintain as well as frustrating to end users. It wasn’t just expensive—gaps and inconsistencies increased security risk and added drag to the team’s ability to respond to business requests—effectively lessening their agility as a company.

Trapped in the Past: Legacy Directories Require Paying a Lot for a Little

However, due the critical nature of these identity sources, many companies have felt like they have no choice to continue to prop up these legacy technologies—after all, when your identity infrastructure looks like a Jenga tower, you don’t want to pull out the wrong block and take down hundreds of dependent applications with it.

To add insult to injury, these aging directories don’t offer modern directory capabilities, like supporting REST or cloud deployments. However, many companies put up with this just to avoid the hassle and risk associated with directory migration—the possible downtime, the uphill budget battles, the time spent recreating synchronization and provisioning flows. So they keep you paying those maintenance fees, because it’s easy to go with what’s (sort of) working and maintain the status quo.

Benefits of a Flexible, Modern, Cloud-Ready Directory

It doesn’t have to be this way, and here’s where a modern identity platform—like RadiantOne—can make a world of difference:

An extensible, standards-based directory yields a future-proof storage solution, supports the hybrid reality most large organizations find themselves in, and accelerates crucial-to-the-business IAM initiatives like SSO, self-service, improving user experience—all while reducing costs and risk.

Investing in an identity platform with more than just a directory delivers much more bang for your buck than following the expensive upgrade path set forth by your legacy vendor. Radiant Logic continues to evolve our directory offering to keep pace with our customer’s requirements for scalability, flexibility, and performance.

And, there’s no risk: we provide the solution to ensure a truly seamless migration, with no impact to applications. With our Directory Migration module designed just for this use case, you can flip a switch and have a future proof directory (the RadiantOne Universal Directory) supporting these services. With our super scalable, quick to integrate, easily-designed Universal Directory, you may even be able to replace multiple directories with just one, as our energy producer customer did.

Gas and Oil Leader Finds the Solution: No Pain, All Gain

Back to our energy producer, the time to “right size” the environment finally came and they were able to level up to RadiantOne to get ahead of the grind. After years of point solutions as stop gap measures, they now had a WorkDay provisioning project that required a cloud-ready directory that pushed the replacement project forward—RadiantOne allowed them to significantly streamline the onboarding process for that new application—then they leveraged the solution for much more.

“It helped us with sunsetting and facilitated the migration from an end-of-life/support Oracle LDAP store to a centralized, unified Radiant view as well as replacing three additional Novell eDirectory LDAP stores with built for purpose business use, hosted by Radiant Logic, centralized and unified within a single platform, as opposed to having to spin up multiple platforms. It allowed us to rapidly ingest the changing landscape and adjust to change.”

They not only found a solution to decommission their legacy directory infrastructure, but also a simpler, consolidated identity data platform they could re-use to power all their identity projects and secure their critical identity assets. This enabled a major uptick in labor gains, allowing them to deploy their best personnel resources to new projects, while massively reducing risk and complexity.

Want to learn more about how Radiant Logic can help modernize your directory infrastructure to accelerate your business agility? Contact us or watch our webinar for more information.

Two people sit at a desk in a modern office, participating in a video conference with six colleagues displayed on a computer monitor. Laptops, charts, and stationery are visible on the desk.

Identity Sprawl Slams the Brakes on Zero Trust—Here's How to Accelerate Your Rollout

June 8, 2022/in Blog The Radiant Team/by Josue Ochoa

Identity sprawl is an issue for most organizations these days. It happens when companies have identity information spread across many locations, including legacy, hybrid, and multi-cloud systems. It’s often the result of mergers and acquisitions, when the new organization attempts to create a secure path forward, using resources from two already-complex systems. However, slow M&A integrations are not the only cause.

Identity sprawl can occur as a company grows over time, or after digital transformation efforts. When new systems are implemented alongside older systems still in use, the complexity of the infrastructure and the scale of the problem both grow exponentially. It can also become worse when a company transitions to having more employees working remotely—a challenge we’ve all become all-too familiar with during the pandemic.

Sprawl is more than just messy data; it also means your data doesn’t function as it should. The disparate systems and different identity records can’t be easily correlated, creating multiple stores featuring duplicative—or conflicting!—identity information, with no easy way to know which attributes are up-to-date and authoritative. To help combat the issue of sprawl, as well as make the best use of IT resources, businesses are increasingly relying on third-party Platform-as-a-service (PaaS) solutions and cloud-hosted microservices.

PaaS can help manage some of the problems with identity sprawl. However, it introduces its own challenges. Every system—whether cloud, enterprise, or legacy—has its own user data that it maintains in a different way. This decentralization creates a larger “attack surface” within the system, making your organization’s identity data more vulnerable to attack. In addition, existing infrastructure and identity access management (IAM) tools can be inflexible, and won’t always keep up with your changing business needs.

To overcome these issues, organizations often turn to manual processes to bridge systems, though this practice should be viewed as a stop-gap measure. There are many reasons why manual processes are not viable solutions in the long run, including:

Manual customizations are time and money consuming
They must be repeated for every initiative
They break or fail easily

Any new initiatives in your organization expect a single source of identity data, and your users expect single sign-on. However, when you are adding cloud applications controlled by another party, this becomes even more difficult and complex.

Enabling Zero Trust with an Identity Data Fabric

In today’s increasingly perimeter-free world, companies need a way to ensure that only authorized and approved subjects can access the proper resources. They need a comprehensive net or security fence to protect their data. The solution must be scalable and have no set boundaries. It also can’t put all the work on the end-user.

That’s where the Zero Trust model comes in. Zero Trust is the newest approach to the challenge of data security, designed to protect your company from advanced cybersecurity threats and data breaches, ensure compliance with increasingly stringent data security laws (think HIPAA, CCPA, and GDPR), and securely connecting subjects to the resources they need. The goal of Zero Trust security is to protect the company from advanced cybersecurity threats and data breaches, while helping the company achieve compliance with FISMA, HIPAA, PCI, GDPR, CCPA, and any future data privacy and security laws. At the heart of Zero Trust is data security.

An organization adopting a Zero Trust Architecture approach should take these key functions into account:

Authenticate all users
Authorize all users based on data from many endpoints or domains
Give a complete view of information gathered from these various sources
Extend Zero Trust Architecture to your entire infrastructure
Provide a better user experience (or at least don’t annoy users TOO much)

While those goals seem straightforward enough, there are challenges to implementing Zero Trust that keep organizations from jumping on board with it right away. Zero Trust is complex to implement. It can be costly. It also requires the ability to deliver the right identity data, gathered from across a multitude of sources, at the right time.

In other words, Zero Trust requires a unified source of identity data and that’s where an Identity Data Fabric comes in. You need real-time access to all identity sources—consolidated into a single source of identity truth—to make Zero Trust a reality.

RadiantOne Addresses the Need for Identity Integration

Identity is the core of modern cybersecurity. But, in most organizations, identity data is currently fragmented across physical and logical distribution sites. This may include data located on-prem or in the cloud, across platforms such as Microsoft or Unix, or across sources like Active Directory domains and legacy systems.

As highlighted by increasingly common multi-cloud deployments, identity data needs to be made available in the format requested, no matter where that is. RadiantOne ensures the right identity can be securely accessed by anything, anywhere, no matter where or how the identity data is stored.

Organizations can improve both security AND user experience, all at once, by managing identity data with a thoughtful approach. RadiantOne Platform unifies disparate identity data, safely connects subjects and resources, and bridges identity needs across platforms and protocols for a seamless experience. It lets you harness unified identity data and make it a driver of Zero Trust architecture.

Protect your data by extending digital security across the shared cloud. Contact us today to see how we can help you say no to identity data sprawl.

A winding road runs alongside a rocky cliff with cascading waterfalls on one side and a vibrant blue lake on the other, surrounded by lush green trees.

The Flow of Security and the Benefits of an Identity Data Fabric

June 6, 2022/in Blog Lauren Selby/by Josue Ochoa

Continuing our informal series on the centrality of (reliable and valid) identity data to an organization’s security strategy, we are looking at the “flow” of security through its four key “A” phases of authentication, authorization, administration, and audit.

The ability to fluidly extend access to digital services is crucial to business operations in many ways—workforce productivity, customer experience, mergers and partnerships… the list is pretty much infinite. The challenge is that managing and securing that access is increasingly complicated and difficult in a world where cyber attacks are seemingly continuous and continuously evolving, carried out by sophisticated bad actors, and very costly when successful. Building resilience and oversight into the access system is paramount. Constant vigilance doesn’t come cheap–your cybersecurity team needs a lot of tools to fend off these attempts. So how can you both: stop attacks, reduce resource costs and maybe even further your ROI all in one?

In their report on the topic, “The Flow of Security: Efficiency Relies on Identity Data,” Aite Novarica Group found that the “benefits of the flow of security start with and continually depend on the quality of identity data.”

The Flow of Security: Identity Data is the Source

Are you able to uniquely identify users with confidence? Automatically? Across multiple systems? And deliver that unique user’s entire breadth of information (or on the flip side, only a small subset of that user’s data) to consuming applications? That’s the foundation on which all good access decisions can be made.

First thing’s first, let’s review these four A’s in detail. Let’s establish and verify who or what this account represents (in the authentication step). From there, we need access to complete, up-to-date information about that user (like their role, their group memberships for example) to enforce authorization—what are they allowed to do? Administration is the process by which all of this is made possible—the overall system for setting up user access according to specified rules and policies, shuttling identities through their lifecycle stages (creation, provisioning, updates, deletion), and all the attendant activities. The audit stage investigates whether the system is working properly—and from there, improvements can and should be made.

The “flow” is not only about having rock-solid security posture (which of course will save the organization the costs associated with a breach), but also managing identity data and security efficiently to avoid other unnecessary expenses—the IT effort, helpdesk hours, and wasted time for workforce that an enterprise incurs when access can’t be delivered seamlessly.

A process for continual improvement of both security and operational efficiency starts at the data layer: when management of identity data is optimized, every process that relies on that data benefits. The report puts it more directly:

“It is pointless to improve, say, a cloud access control broker or endpoint protection software if the organization plays loosey-goosey with identity and authentication. Investing in super-efficient administration software or high end-network monitoring will be a waste of money if organizations don’t first unify and streamline identity data.”

Valid Decisions are Built on Quality Identity Data

The trouble is, complex and large organizations have equally complex and difficult to manage identity infrastructures—there’s an ocean of information available but it’s disorganized, disjointed, not easy to direct. So even that first step of gaining visibility into identity isn’t easy. Assurance that identity data is valid—accurate, up to date, sourced from the authoritative system and so on—is not guaranteed due to the challenges inherent with identity sprawl.

But—good news alert—there is a method for turning that wealth of information into something functional for the organization: identity unification. That’s where an Identity Data Fabric comes in, weaving together siloed sources of identity data into a universally accessible resource—so all steps on the “flow of security” are supported by valid, rich identity information. As noted in the report:

“Security controls, administrative procedures, and event logs are only as reliable as the identity and authentication of users and systems. Therefore, unifying identity data and managing it with excellence will ensure the benefits and savings of the flow of security.”

Security Benefits of an Identity Data Fabric

Identity integration is often the hidden “project within a project” for extending access and deploying new solutions. Our customers often find out midway through an initiative that a lack of interoperability will delay their projects for months. Meanwhile, security gaps remain open, access is not granted appropriately, and money is being wasted. But, with an identity data foundation that ensures data accessibility in place, “… organizations can reap several benefits: efficient and effective buying decisions, excellent security processes and controls, resilient security posture, and moderate expenses.”

As found in the report, the benefits of an Identity Data Fabric follow four themes: resilience and oversight, end-user productivity, revenue growth, and extending business service.

This is why having unified, good-quality identity data is so foundational for security—everything “upstream” relies on its accuracy and accessibility. The report makes it clear:

“Any improvement in the quality and management of identity data enhances all security investments.”

Even something simple like stronger authentication makes a huge difference. According to the report, “Strong multifactor authentication—sometimes as simple as using an app on a phone to validate a login request—reduces the likelihood of phishing by 70% to 90%.” But of course, that’s IF you can add MFA to all your applications, including legacy applications. An Identity Data Fabric ensures you can extend best IAM practices to every application, even non-standard ones that don’t support modern protocols.

Why does the Identity Data Fabric approach work while other solutions that try to completely centralize identity data fail? Because it lets local systems manage identity the way they are meant to, while intelligently pulling in what is needed for use at the global, abstracted layer: “Bringing all identity data into one centralized system for better management is not practical given the countless applications, formats, protocols, programs, and geographies in play. However, virtualization can unify identity without centralizing it.”

All security decisions stem from identity, so identity data needs to be complete, valid, and available to security enforcement engines. Evolving the practice of security within your organization should begin with optimizing identity data management to see the maximum benefit of investment in security tools.

A person’s hand holds a large, gray, rectangular hammer with a short, patterned handle against a plain blue background.

When All You Have is a Hammer...

May 31, 2022/in Blog Lauren Selby/by Josue Ochoa

…Everything looks like a nail. Isn’t that the saying?

In the world of identity management, we have many sub-categories that compliment each other, such as Identity and Access Management (IAM), Identity Governance and Administration (IGA), Privileged Access Management… and so on. These categories may have some overlap in their offerings, but each performs a necessary task “the best“—and we need contributions from them all to build a complete, mature identity architecture. Each component has a role to play in keeping the organization secure, functional, and agile.

Despite the ongoing convergence of IAM, no one platform is yet able to “do it all”—different tools are optimized for particular challenges. The trend of composability illustrates the value of having different (interoperable) components that specialize on their respective functionalities, but work in concert to deliver on a greater technical goal.

Zero Trust Architecture is a great functional example of this concept—Zero Trust is not a product that can be bought off the shelf but rather requires a number of functionalities combining seamlessly to deliver least privilege access. In a recent webinar, we explored the topic of Zero Trust—what it is, what it isn‘t, and how to get it—with founder and principal analyst Martin Kuppinger of KuppingerCole Research.

Valid Identity Data–Why You Need it for Zero Trust–and How to Get It

Identity data is the basis for any access or governance decision you’re going to make, so that data needs to be valid for your decisions to be right. So that is key to establishing a working Zero Trust Architecture. Getting to a state of having “good” identity data available to the rest of the ZTA components is a crucial role that the RadiantOne Platform plays.

In a recent report, “The Role of Identity for Zero Trust,” Martin calls out the need for identity data that is:

available
correct
consistent
current
comprehensive

Getting data that meets these standards is tough when faced with identity sprawl —organizations with a complex infrastructure often face the same set of challenges in getting their data “right.”

How can you get valid data when identity is spread throughout many different systems (across on-prem, the cloud, potentially multiple cloud platforms)? Whose role is it to transform what you have today, into a resource that works for multiple pieces? It’s easy to get confused about who does what in the identity architecture, so it can sometimes be useful to clarify what each layer brings to the table and how they work together. In this report, Martin lays out what an IGA platform can and can’t do… and those gaps are why it pays to have a unification layer supporting IGA and other solutions.

Now, back to my hammer metaphor. The problem of inconsistent, overlapping, disjointed, out of sync data can’t be solved by a hammer, it’s not a nail—you need a swiss army knife to deal with identity sprawl. The swiss army knife that is RadiantOne! RadiantOne has all the specialized tools required for optimizing your identity data management system to build out a foundation of good identity data. In turn, that data powers these other engines (IAM, IGA), and the overall structure of the Zero Trust machine.

To give an example, let’s look at getting consistent data from a distributed set of sources. First we need to bring all the data into a global model (from there, we can model different views of that data to meet application requirements, but I’m getting ahead of myself). There might be missing data. There might be no way of determining which accounts belong to which human people. You may not know which source is the “source of truth” for certain information (is HR authoritative for manager, or some other system?). The format of the attributes can vary across sources—California can be CA, California, Calif., or heaven forbid, “Cali”– but it all needs to read as CA in the final view. And there’s the structure of the data—does the schema that defines the attribute name refer to the state as State, St, Province, or something else entirely? What about multi-value attributes, how are those handled? And it goes on and on.

These are nitty-gritty integration challenges that require the finesse of a specialized toolkit– and aren’t addressed by IAM or IGA solutions.

What Siloed Identity Data Means for Zero Trust

It means you’re in danger!

When an organization finds itself with technical debt and identity sprawl, some MORE of the problems they will typically see are: duplicate, triplicate, n-tricate accounts representing the same identity, a huge diversity in data structure and protocol (which leads to identity silos), and an inability to access in real time the information that is spread across a dispersed environment. What that means is you can’t authenticate and authorize users effectively. And that’s a critical roadblock for delivering Zero Trust.

Intelligently managing identity data is the crucial starting point for security—as Martin says, identity is the most important element within Zero Trust:

“Identity is ubiquitous in the Zero Trust model. It is a key element of Zero Trust, because it is about verifying that someone or something with a digital identity is entitled to access networks, systems, applications, and data. With that central role of identity for Zero Trust, the quality of identity data as well as its availability across the broad range of sources for identity data becomes an essential capability for every business.”

Want an on-ramp to Zero Trust, better business decisions, and a modernized identity ecosystem at your organization? Look to your identity data and getting it right first. What’s needed is uniform delivery of good-quality data abstracted from a myriad of sources, which is what an Identity Data Fabric provides—no matter how complex the infrastructure may be. Those duplicative user accounts need sophisticated correlation to detangle, the diverse schemas and data formats need mapping and translation, the aggregated data needs to be put in a highly performant store to deliver reliable, fast run-time access.

Thinking long-term and acting strategically by getting the right tools for the job ahead will pay dividends when you’re pulling together the many components that make up a mature, secure IAM program (since they all rely on having that accurate, available, fresh identity data).

To learn more about getting good data and what practical steps to take to implement ZTA in your organization, reach out to Radiant Logic today.

A black and silver compass resting on a rough stone surface outdoors, with blurred green trees and bright sunlight in the background.

This Just In: The 2022 KuppingerCole Leadership Compass for Identity Fabrics

May 26, 2022/in Blog Heather MacKenzie/by Josue Ochoa

KuppingerCole just released their 2022 Leadership Compass for Identity Fabrics, which they define as “comprehensive IAM solutions built on a modern, modular architecture.” As always, the team at KuppingerCole has done a masterful job in evaluating the strengths of the vendors, and we appreciate their efforts to put clarity around the term “identity fabrics.”

The report identifies Radiant Logic’s unique position to provide identity data integration within an identity fabric framework. Here at Radiant, we’ve always been clear that we are a component of a comprehensive identity fabric approach, providing accurate and actionable identity data to the rest of the fabric so that those functions can make the best possible decisions. The Leadership Compass identifies that as well:

“While RadiantOne for itself does not provide everything needed for a comprehensive Identity Fabric, it adds capabilities that are commonly lacking in other vendor’s solutions. With their ability to integrate and standardize information from many sources and to flexibly federate with a variety of such systems, RadiantOne is a valuable addition specifically for large and complex environments that struggle with insufficient identity information quality.”

The report also provides helpful differentiation between Radiant Logic and other vendors who play complementary — but distinct — roles in the identity fabric.

KuppingerCole has long supported the important role of identity data in today’s IAM architectures. In a November 2021 report “You can’t use & secure what you don’t know. Time to free identities from their siloes,” Martin Kuppinger wrote about identity data serving as the foundation for modern identity fabrics:

“These solutions help turn identity into such a key business enabler, and address the fragmentation of identity data as well as the lack of reliable data. The RadiantOne Platform is a solution that fits in between the various sources of identities, and the central identity services that form a comprehensive Identity Fabric. RadiantOne delivers Identity Unification capabilities required for the Identity Fabric.”

Earlier this month, KuppingerCole released a new report “RadiantOne: Identity Integration for ZeroTrust and Digital Transformation” and accompanying webinar looking at the role of identity data in Zero Trust. According to the report, Identity Data Integration and Identity Information Quality are fundamentals for Zero Trust, and “With identity data sprawling across a wide range of systems, providing the data at the right place, on-time, integrated across sources, and in the required quality is still an underestimated challenge in IAM.” When this data lies in silos, across a wide range of sources, RadiantOne “creates a unified view on the identities that can serve as the authoritative source of truth for the dependent services that utilize identity data for verification within the Zero Trust infrastructure of an organization.”

We’re thrilled to see the IAM community embracing the identity fabric framework, and we look forward to working with our customers and partners to make your IAM infrastructure even more secure, flexible, and adaptable.