FB pixel

Overcoming last mile identity management challenges

Overcoming last mile identity management challenges
 

By Steve Lay, Senior Sales Engineer at Strata Identity

Managing identities across an enterprise is a daunting task. A proliferation of users, applications, devices, and clouds introduces formidable barriers to both IT operations and security. Nowhere is the situation more challenging than at last mile access, where authentication butts up against the harsh realities of business — and cybersecurity.

In many cases, the last mile is where frameworks break down, and problems pop up. A mix of proprietary protocols and approaches — different applications often rely on different tools and standards — leads to challenges for network architects, developers, IT groups, security staff, and others. Enforcing policies across legacy and multi-cloud applications can prove tricky and time-consuming.

Fortunately, there’s a way to sidestep the pain caused by last-mile identity challenges. Identity orchestration has the power to abstract identity and policy data from applications without making any code changes while introducing a framework that fully supports all modern identity standards.

This approach typically lowers costs, improves operational efficiency, and boosts security. It also frees software developers and other teams to tackle higher-value tasks.

Lack of standards introduces risk

At the heart of the challenge is a simple fact. A typical enterprise runs hundreds or even thousands of applications. While each software package has authentication and other security protections built in — anything from basic password logins to multi-factor authentication (MFA) or passwordless technology — there’s no uniformity across the stack.

All of this results in a lack of standardization across authentication and authorization mechanisms. Within legacy applications, the result is a lack of support for modern identity protocols such as OAuth, FIDO2, and SAML. In addition, many enterprises struggle to integrate data from individual apps with identity management systems.

In the cloud, the complexities expand further. A diverse and decentralized application ecosystem often leads to varying levels of identity protocol support across cloud providers and inconsistent enforcement of identity policies across cloud apps.

Either way, organizations frequently find themselves addressing tedious tasks, including the need to make modifications to apps, often through direct coding. The problem is especially common for non-standards-based applications including forms that rely on headers, local account authentication (LDAP or database typically), or other proprietary mechanisms.

Again, as all the connection points multiply, particularly in multi-cloud environments — organizations often find themselves struggling to keep up. What’s more, overhead and technical debt continue to accumulate.

Identity orchestration as an instrument for change

Tackling the last mile challenge is paramount. Unifying policy enforcement for hybrid environments is critical. Identity orchestration can rein in the chaos. This abstracted framework — which floats free of all the individual apps and systems — serves as a virtual traffic cop. It supports all modern identity standards and ensures that the right policy is applied at the right place and at the right time.

With this last mile enforcement framework in place, an organization can deploy modern security methods such as MFA or passkeys on a widespread yet granular basis. It can enable and disable accounts based on specific concerns, criteria and events. What’s more, identity orchestration closes many of the entry points that hackers and attackers use to enter a network and do damage.

An enterprise can also adopt standardized identity protocols like OAuth, OpenID Connect and FIDO2 — and even combine and intertwine them in highly strategic ways. This makes it possible to deploy modern technologies more strategically and swap them out universally when newer protocols appear. What’s more, nothing ever touches the actual application.

Getting to Zero

The result is best practice policy enforcement, authentication and access control at enterprise scale — with Zero Trust and least privileged models in place. In addition to the enterprise achieving significant gains, customers, business partners, employees and others all potentially benefit.

With identity orchestration, an organization can unify the management and enforcement of proprietary and incompatible identity policies across both legacy IT and multi-cloud frameworks. Suddenly, the last mile of identity management and authentication becomes more secure and less complicated to administer.

About the author

Steve Lay is Senior Sales Engineer at Strata Identity. He has more than 16 years of customer-facing experience in identity management with SailPoint, Sirius Computer Solutions and IBM.

DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Groups reject expiry date for digital ID cards in Kenya as govt defends move

Some civil society organizations in Kenya say they want an explanation from the government with regard to the institution of…

 

Idemia forensic software extracts human faces, tattoos for investigative leads

Even when a facial recognition system is integrated within a state or federal investigative agency, human intervention is necessary. In…

 

Nearly three quarters of U.S. adults worry deepfakes could sway election: Jumio

The hour is ripe for political deepfakes. The U.S. presidential elections are still four months away, and the campaign has…

 

Controversial US privacy bill rewritten again, but path still unclear

The already controversial American Privacy Rights Act of 2024 (APRA), which was originally introduced in April by U.S. Senate Commerce…

 

Selective disclosure and zero-knowledge proofs: Examining the latest revision of ETSI TR 119 476

By Sebastian Elfors, Senior Architect at IDnow In July 2024, the European Telecommunications Standards Institute (ETSI) published an updated revision of…

 

Contractor needed for project to identify civil registration hurdles in Chad

A request for the Expression of Interest (EOI) has been launched for a consultancy firm to identify challenges that stand…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events