It’s hard to argue against the cost savings, agility and efficiency of the cloud delivery model. Despite these clear benefits, organizations should take care to acknowledge that building a bridge to the cloud is not without risks.

While developing the world’s most complete cloud-based enterprise identity and access management (IAM) solution, I repeatedly encounter organizations poised to take unnecessary risks as they bridge IAM infrastructure to new cloud, mobile and social use cases.

What are the biggest risks to avoid when bridging to the cloud? In my experience, they are:

  1. Incompatibility or integration issues;
  2. Global security and compliance issues; and
  3. Unforeseen costs.

1. Incompatibility or Integration Issues

When one of our current clients first approached us, it knew cloud/mobile-first initiatives were in its future but still had over 100 legacy enterprise applications that required IAM over a long transition period. It also had several line-of-business IAM requests from both internal departments and external partners. The client needed a future-proof IAM solution that could not only protect the legacy enterprise applications, but also serve as a strategic platform for protecting future cloud and mobile applications.

Although this organization was considering both IBM Cloud Identity Service and niche cloud IAM providers, it discovered an inherent risk by going with those niche providers. Those vendors had an incompatibility or inability to integrate with the more than 100 existing enterprise systems, ranging from those in business partner relations, materials purchasing, human resources, order management and customer relations — all of which were necessary for years to come while the enterprise completed its cloud and mobile strategy.

The other vendors might have been offering slick products, but they are predicated on cloud/mobile-first strategies. Those vendors could only have handled part of the requirements, not all of them.

Get My Cloud TCO Assessment Now

2. Global Security and Compliance Issues

The use of IAM by one of our Fortune 10 clients to provide a more personalized Web experience for millions of its global customers demonstrates that IAM is no longer a cost of doing business but a business enabler. IT teams in smaller organizations realize this trend as well, especially when new business opportunities need IAM support.

If these new opportunities include globally expanding the ecosystem of identities and assets, a business can be taking a considerable risk with niche cloud IAM vendors. They may lack capabilities and experience in the global marketplace where compliance with local data privacy and security regulations is a must.

An organization can avoid risks in global security and compliance in two ways. First, choose a cloud IAM vendor who is able to offer a horizontally and vertically integrated management strategy spanning a global infrastructure platform, cloud software and professional services. Only such a vendor can assure end-to-end control of the service on a global scale.

Second, ensure that the cloud IAM vendor’s claims about having a depth of experience in global security and compliance is validated by both the market and analysts.

3. Unforeseen Costs

We recently had a government organization inquire about the costs of IBM Cloud Identity Service versus the competition. On the surface, we were told the competition had a lower cost of entry. But as with any service, there is a near-certain risk of additional costs associated with introductory-level pricing schemes.

Getting the most out of your money should be a given when comparing the prices of cloud IAM vendors. If the price seems low, be wary: You are likely paying for only one or, at best, a few basic IAM features.

Buying these shallow features today will force your team to source and pay for additional products from other vendors in the near future. You can virtually eliminate this risk by selecting an enterprise-level cloud IAM with a full set of premium IAM capabilities, which can be used in combination or à la carte as they become necessary. This one-solution approach allows you to intelligently isolate costs and fund investment dollars toward only those IAM capabilities that are in demand for the organization.

Take the Next Step Toward the Cloud

There are specific risks involved in bridging your IAM infrastructure to the cloud. You can avoid these risks by choosing a cloud IAM vendor capable of seamlessly integrating with both internal on-premises systems and external cloud applications. Your vendor’s expertise in security and compliance can also minimize your organization’s risk, especially when new business opportunities expand the ecosystem of identities and assets into the global marketplace.

Finally, to reduce the likelihood of facing unforeseen costs, choose a scalable, future-proof solution that allows you to turn on new features as you need them.

More from Cloud Security

Why Are Cloud Misconfigurations Still a Major Issue?

Cloud misconfigurations are by far the biggest threat to cloud security, according to the National Security Agency (NSA). The 2022 IBM Security X-Force Cloud Threat Landscape Report found that cloud vulnerabilities have grown a whopping 28% since last year, with a 200% increase in cloud accounts offered on the dark web in the same timeframe. With vulnerabilities on the rise, the catastrophic impact of cloud breaches has made it clear that proper cloud security is of the utmost importance. And…

Charles Henderson’s Cybersecurity Awareness Month Content Roundup

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends and data, and the intricacies of their organization’s incident response plan. What does all this fear and uncertainty stem from? It’s the unknowns. Who might…

How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell

IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. Google Cloud Shell is a service that provides a web-based shell where GCP administrative activities can be performed. A web-based shell is a nice feature because it allows developers and administrators to manage GCP resources without having to install or keep any software locally on their system. From…

How IBM Secured the 2022 US Open

Throughout the US Open Tennis Championship, the infrastructure for and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to take immediate action. However, with such a large volume and variety of data, security analysts need to know where to focus their attention. As the host of the digital platforms and official digital innovation partner for the US Open Tennis…