The Three Best Ways to Evaluate Cloud IAM

Do you have the arduous task of comparing cloud-based identity and access management (IAM) solutions for your enterprise? Are you underwhelmed by the stacks of white papers and IAM buyer’s guides? You may need a clearer idea of your organization’s ideal solution and some advice on how to narrow down your security choices.

Below are the three best ways to evaluate your cloud IAM options.

1. Complete Your Cloud IAM Picture

If you’re being held accountable for making a smart decision for your team, start by determining which vendors offer only a few basic IAM features and which solutions can serve as the centerpiece of your identity and access management strategy.

Sure, you may only need federated single sign-on right now, but what will you do when your boss wants that new IAM product to integrate with your organization’s complex, on-premises HR system? Can your cloud-based IAM vendor seamlessly handle that? Does it have robust identity governance and administration (IGA) capabilities to manage identities across a variety of heterogeneous enterprise systems? What about auditing and reporting?

Be careful of going with a niche provider today that will not be able to meet your enterprise needs tomorrow.

Key takeaway: Look for a cloud IAM solution with a robust set of on-demand IAM capabilities. You’ll look smart by being able to isolate costs now while having the freedom to scale up when needed.

Answering these 5 questions will help you decide which cloud IAM vendor is right for you

2. Friends Don’t Let Friends Farm Out Their Management Strategy

So you’ve found a slick cloud IAM product that has a low cost of entry. Now you’re done, right? Not so fast.

Have you checked into its management strategy? Most cloud-based IAM products do not represent an end-to-end solution. They rely on third parties for technology, infrastructure and professional services. But why should you care?

First, you should be wary of IAM technology that has been recently built from the ground up. How long has it been tested in the market? Is it robust enough to handle your out-of-the-box challenges? Next, consider what it could mean for your availability service-level agreement (SLA) if the vendor doesn’t control its own data centers, especially if access to critical business applications is being handled by the solution.

Urgent issues never seem to develop during normal business hours, but most cloud IAM vendors do not offer 24/7/365 support or professional services to give you a helping hand, nor do their services span the entire globe. You should search for a provider that is located where your business is and has a strategy in place for a quick response should something go wrong.

Key takeaway: Look for a cloud-based IAM provider that controls all aspects of its solution, spanning the cloud IAM software, infrastructure and professional services.

3. Consider All Costs

A low cost of entry will turn every head. But be careful to consider all costs — including your time and future expenses. If you buy a cloud-based IAM product to solve a here-and-now need today, how much more will you have to source and purchase in the near future when an ugly issue or business opportunity comes up? How much more will you have to spend to complete your IAM strategy?

It’s not hard to see how buying individual cloud IAM products and piecing them together as you go will not only force you into the role of system integrator, but also be very expensive. Is there a chance your organization will be rapidly adding the number of identities and assets? Will your cloud IAM solution give you the ability to quickly turn on new capabilities as they become necessary? Will you have to pay another vendor to cover your identities overseas?

Most cloud IAM vendors will become very expensive in the aforementioned scenarios.

Key takeaway: Look for a true enterprise-grade IAM technology that has scalable pricing when compared to those vendors offering only niche products or incomplete solutions.

Share this Article:
Ryan Dougherty

Security Strategist – Identity and Access Management

Ryan is the Global Security Strategist and Program Manager for Identity and Access Management at IBM Security Services. He is responsible for developing innovative service offerings, creating market-leading solutions, anticipating client needs and integrating breakthrough technologies within solution offerings, and supporting first-of-a-kind projects.