We’ve reached a tipping point in identity management. To be effective, IT must drive improvements to their identity management systems that deliver an all-in, comprehensive identity model. This ensures that users truly have a single identity that is tied to all their data, devices, and applications. While the concept of single sign-on (SSO) has been around for a long time, the underlying technology has shifted in response to the growing number of cloud-based point solution and vendor management internal applications. Additionally, the days of user PCs being locked down and secured in an internal directory service are gone. Mobile devices are now a standard employee tool and seen as table stakes for the next generation of workers.
The major challenge to IT is that legacy identity provider systems, such as Microsoft Active Directory, were not designed to extend to cloud or mobile devices. This causes a majority of mobile and cloud-based platforms to not integrate with legacy LDAP identity providers. Without identity solutions available that could accommodate the growing number of unique systems requiring identity management, shadow and the business units consuming the service, handle identity management independently of IT with minimal oversight, auditing, or guidance. This is something IT can not let continue as it poses a massive security risk.
It needs to be fixed now as the challenge will only increase if the, maintain the status quo stance is taken. The ever-increasing number of point solutions and mobile devices will make it exponentially more difficult to control how employees access company resources. This can be viewed as technical debt that gets harder and harder to pay down as time goes on. The more IT leaves control of identity management in the hands of users and does not update identity tools, the greater the debt becomes.
This establishes the point that SSO is an all-or-nothing proposition. If not treated as such, the technical debt and risks will never fully reduce, causing harm to your organization. One such example is a hospital that was held for ransom by intruders, who gained access to their systems by trying the default usernames and passwords that were assigned to core networking devices. If IT cannot safeguard identity management correctly, how are business units supposed to? BreakFree understands now is not the time for analysis. The technology to solve these problems has existed for some time now; Imprivata, Okta, and Azure AD all provide excellent solutions to start and it is important to implement these now. Utilizing our Accelerate service offering, BreakFree can rapidly deploy these solutions. Once in place, this technology ensures all new services coming online do not add to the technical debt. This frees IT to focus their efforts on paying off the identity technical debt associated with hundreds, sometimes thousands of applications that have isolated and localized identity management systems. In other words, plug the leak then empty the ship of water.