Cloud Identity Is ‘New Normal’ Replacement for On-Prem Tools

With the rise of work-from-home, SaaS, IoT, cloud, mobile and edge computing, the traditional on-premises identity and authentication systems are becoming obsolete, giving way to cloud identity

Today’s data center has very little in common with that of a few years ago.

The old model of on-prem servers surrounded by a tough, secure perimeter is out. Today, data centers are not just on-prem but in the cloud and on the edge and everywhere in between.

“Then there’s the added complexity of mobile, SaaS applications, bring-your-own-device programs and the Internet of Things,” said Gorka Sadowski, chief strategy officer at cybersecurity vendor Exabeam and former Gartner analyst. “Not to mention COVID-19, a human virus that has forced everyone to work at home on who knows what.”

All these trends have burst the perimeter wide open, he told Data Center Knowledge.

“It’s all the Wild West,” Sadowski said. “In fact, it is widely accepted that identity is the new perimeter.”

As a result, traditional on-prem identity solutions, such as locally managed Active Directory, and associated systems and processes are being replaced by cloud identity alternatives. The result is an identity authentication system that is more scalable, secure, user-friendly, manageable and plays well with all of a company’s cloud providers.

“Web-based authentication and identification take on an important role when developing an overarching access and authorization strategy, especially as remote work, IoT and all ranges of new edge devices are brought online,” said Liz Miller, vice president and principal analyst at Constellation Research.

Today’s data center has very little in common with that of a few years ago.

The old model of on-prem servers surrounded by a tough, secure perimeter is out. Today, data centers are not just on-prem but in the cloud and on the edge and everywhere in between.

“Then there’s the added complexity of mobile, SaaS applications, bring-your-own-device programs and the Internet of Things,” said Gorka Sadowski, chief strategy officer at cybersecurity vendor Exabeam and former Gartner analyst. “Not to mention COVID-19, a human virus that has forced everyone to work at home on who knows what.”

All these trends have burst the perimeter wide open, he told Data Center Knowledge.

“It’s all the Wild West,” Sadowski said. “In fact, it is widely accepted that identity is the new perimeter.”

As a result, traditional on-prem identity solutions, such as locally managed Active Directory, and associated systems and processes are being replaced by cloud identity alternatives. The result is an identity authentication system that is more scalable, secure, user-friendly, manageable and plays well with all of a company’s cloud providers.

“Web-based authentication and identification take on an important role when developing an overarching access and authorization strategy, especially as remote work, IoT and all ranges of new edge devices are brought online,” said Liz Miller, vice president and principal analyst at Constellation Research.

That doesn’t mean that every enterprise is transitioning completely to cloud identity. Many have legacy systems that they need to support, regulatory requirements that require on-prem infrastructure, or other concerns.

“Quick returns can be had by selecting to migrate small but important groups of users or a few applications at a time,” said Mike Kiser, senior identity strategist at SailPoint Technologies.

That can provide a company with a growing knowledge base and comfort with the new technology, he told Data Center Knowledge. “And proving return on investment along the way.

Identity-Based Security Technologies

Companies deploying zero-trust-based cloud identity solutions typically also use strong authentication and fine-grained policy controls to replace simple passwords and credentials.

That helps protect against credential-based attacks, said Jasson Casey, chief technology officer at Beyond Identity, an authentication vendor.

Another security technology is identity detection and response.

This augments traditional perimeter-based defenses, such as firewalls and intrusion detection and prevention systems, or endpoint security.

Vendors in this space include Attivo Networks, CyberArk and Microsoft CloudKnox.

Read the full article by Maria Korolov on Data Center Knowledge and ITPro Today.