These One Zillion Things Drive Us Nuts About IAM

Reading through Brian Iverson’s excellent blog post on what drives him up the wall about Identity & Access Management (IAM), I thought wow, only two things? And also, wow, I’m not sure I ever heard someone say they love IAM before? That’s awesome! What a positive outlook!

In the IAM world, we really are all on the same team, working towards the same goals—securing access efficiently, creating better digital experiences for end users (aren’t we all end users somewhere?), and maintaining our boundaries in an increasingly perimeter-free digital world.

An identity fabric architecture weaves the ecosystem together to make these goals materialize. The role an Identity Data Fabric specifically plays is bringing the data together—to satisfy the rest of the fabric’s insatiable need for information. This can include anything from user identifier and credentials, groups, and roles, to when you last logged in to such and such application… whatever is relevant to that platform in that moment, and delivered in the way required. This is the basis for identity-first security approaches like Zero Trust Architecture, which require complete and accurate information about users.

What “rest of the fabric”? Brian mentions a three- or four-part framework in his post, and that aligns with what we are seeing from our customers in the wild as well. What we often see making up this framework is: identity (lifecycle) management, identity (account) administration, access management (authentication, authorization, Single Sign On), and governance.

Identity Complaints A-Z

Within the organization, each of these categories is often handled by multiple products, from different vendors, and managed by different teams. What unites them? Well, first of all these solutions should work together (they don’t), and second they all rely on access to identity data.

The identity data is lurking on a deeper layer, underneath these different consuming solutions. And it is a mess. Did you forget about the data??? Well, don’t. Because it’s a hugely underestimated element when it comes to efficiently and securely managing identity. Sneaky sneaky.

Even sneakier, all these fabric elements are very persnickety when it comes to how they want the data delivered. They want to see it in their language, protocol, and format, and they want it in one location—but there isn’t a large organization in the world that has all that together. Well, unless they’ve deployed RadiantOne. 😉 In which case, they’ve built the basis for composability, allowing identity services to stitch together seamlessly to form a killer IAM tech stack.

Identity sprawl is a real pain. It’s the unforeseen roadblock when you’re trying to deploy an SSO solution, it’s the lack of visibility that creates gaps in your security posture, it’s what’s keeping your customers from having a sensical online interaction with your company… it’s what goes bump in the night (if you’re an IAM architect). You can’t address identity sprawl through integration, orchestration, and a bunch of connectors, because these methods operate at the application layer—key elements of the overall identity fabric definitely, but they don’t optimize the management of identity data itself, which underpins all of these other processes. If you don’t get identity (data) right, nothing else can work right.

Don’t worry… we serve up identity data on a silver platter

We couldn’t agree more that identity needs to be “at the center of managing access across disparate systems.” From there, everything starts to make sense. But hey, getting there is not exactly a walk in the park for organizations dealing with complexity, technical debt, identity silos, and what have you. Again, this is unless you have RadiantOne, in which case you can solve these problems within weeks or months.

Once you get identity (data) where it belongs, at the center, the payoff happens at multiple levels; administration, enforcement, governance… these become at once simpler, more robust, and more effective.

Connecting the Identity and Access in IAM starts with unified identity data. That’s the foundation for enabling the identity fabric and cybersecurity mesh– in other words, getting platforms to play nice together so you can focus on more important stuff. If you hate silos as much as we do, give us a call, book a demo, whatever feels right, and we’ll help you untangle identity so you can get back to business, baby!