Content of Figures
- Figure 1 Today’s Identity Services must support three major deployment scenarios of business services
- Figure 2 IAM spans multiple areas, from administering the identity to auditing the access – comprehensive solutions must support the full breadth
- Figure 3 IDCS Overview (figure reproduced with permission from Oracle)
Commissioned by Oracle
Cloud services have become a reality for most businesses over the past few years. For most businesses, “cloud first” has become the norm, not the exception. As a result, more and more of the business workloads are shifting to the cloud, into as-a-service deployment models. This has created hybrid business systems for most organizations.
This evolution requires other IT services such as IAM (Identity and Access Management) to follow this trend. This critical authentication service should run wherever critical applications run that need to be supported and protected. There is no way to split identity services into disparate services for the “old” and “new” IT. There is a need for a hybrid IAM. While this tended to be an on-premises IAM with some support for cloud services, it is about to shift to cloud IAM with strong support for existing on premises business services with more and more business workloads shifting to the cloud.
Over the past years, a growing number of IDaaS (Identity as a Service) solutions have appeared on the market. However, many if not most of these are focused on some part of IAM, which is supporting Single Sign-On (SSO) of users and adaptive authentication schemes. Unfortunately, IAM is not done by authenticating a user. It is about managing the identities and their entitlements, it is about authenticating, and it is about authorizing access. IDaaS services that are just SSO and authentication services lack the depth that is required for successfully securing and governing business applications.
However, as the shift of business workloads is a long-term journey for most businesses, moving from on-premises IAM to IDaaS while delivering comprehensive support for IAM capabilities across all target systems, independent of their deployment model, is a multi-step journey as well.
Many of today’s investments into IDaaS don’t follow a well-thought-out strategy but are tactical: there appear some new cloud services, thus connectors or SSO are added. However, when looking at the mid-term IT strategy (commonly a “cloud first” or “cloud preferred” approach) and the mid-term IT reality, which is hybrid for most organizations, a well-planned approach must be taken.
Part of this approach is to start with a clear focus on and acceptance of the hybrid reality of IT. While “cloud first” might be the strategy, the reality is different. Moving to an “IDaaS first” approach is a consequent in the shift to as-a-service models. Thus, businesses need to decide when to best make this step and how.
Oracle Identity Cloud Service (IDCS) provides, together with additional offerings in the field of security and identity, a broad range of options for customers on their journey to the cloud. A specific strength is the level of integration with Oracle business applications and databases, which make IDCS a strong fit for these organizations.
- IAM challenges in supporting the hybrid IT reality of today’s businesses
- Limitations of IDaaS solutions focused on Single Sign-On and run-time aut ...
3 Hybrid Identity Services for Hybrid Business Systems
The hybrid reality of IT in most organizations requires a hybrid IAM that supports all business applications and services from a central point-of-cont ...
IAM must support all these models, in a consistent manner, and from an integrated set of identity services. Users must be able to access all services, ...Login Get full Access
4 Delivering Depth in Identity Services for Business Systems
Many of today’s IDaaS services are targeted on Single Sign-On and run-time authentication. However, without support for the administration of identi ...
There are various schemes for structuring IAM services. A common way is following the 4A approach, which splits the services into:
- Administration: ...
5 Supporting a Gradual Migration to the Future Cloud IT
There are different ways to migrate IAM to the cloud, supporting the future cloud IT. These need to be well-thought-out and can happen in different st ...Login Get full Access
6 Oracle Identity Cloud Service: Supporting the Hybrid Business
Oracle Identity Cloud Service is a comprehensive IDaaS offering with deep support specifically for Oracle business applications, but also beyond these ...
The service is implemented using a microservice architecture that is aligned with Cloud principles of Scalability, Elasticity, Resilience, Ease of Dep ...Login Get full Access
7 Action Plan for Shifting Identity Services to the Cloud
A migration strategy for moving from an on premises IAM to a hybrid IAM can take multiple stages. It might specifically start with building on integra ...Login Get full Access