What is Identity-as-a-Service (IDaaS)?
We’ve heard of many new jargons in the world of cloud such as Platform as a Service (PaaS), Software as a service (SaaS) and Infrastructure as a service (IaaS). The latest to join this list is Identity as a Service (IDaaS).
First off, why do we need IDaaS? As more companies adopt the cloud in a big way, there is a need to strike a balance between cloud identity and on-premise identity, not to mention the management of both. This need can be filled by IDaaS.
In addition, it can also lower the cost of owning Identity Access and Management (IAM) solutions. And that’s not all. IAM faces many challenges with respect to both business and technology. For example, the concept of Bring Your Own Device (BYOD) is catching up around the world. Under this idea, users can log in from any personal device into the office network to work. Obviously, this has raised many concerns about security and identity management.
Other segments such as administration, auditing and authentication are creating their own technologies to provide accuracy and cost efficiency. These technologies have also contributed to challenges in IAM because poor identity management practices open the chances for hackers to enter into the system and compromise the company in a big way.
There have already been a few incidents that have cost the respective companies thousands of dollars in loss and a ruined reputation. A case in point is Dropbox. In 2012, an employee had reused a password on an internal system that was earlier used on LinkedIn. This was cracked by hackers and they entered the company’s network with this employee’s credentials. It is estimated that they stole 68 million records along with their passwords, all of which was sold in the black market. In 2016, it came to light that all these Dropbox accounts and their passwords were posted online.
This incident goes to show how an employee’s login credentials, and the identity management as a whole, can protect a company’s assets from hacking and possible misuse by hackers. Since 2012, cloud adoption has grown in a big way, thereby raising the bar for identity management.
All these aspects have together led to the emergence of IDaaS. Already, it’s proving beneficial to companies as it not only adds an extra layer of protection to the overall authentication network, but also helps with regulatory compliance. Since the standards for compliance have become stricter than before due to many hacking incidents, this IDaaS can take the burden off a particular team since they are in tune with most compliance standards.
In addition, the cost of extending an on-premise solution to the cloud has come down as these modules can be applied separately on the resources that are in the cloud and on-premise.
From a service provider point of view, these above features are the baseline of any IDaaS platform. They have to innovate and come up with additional features that will make these platforms more appealing to clients. Also, these solutions should support cross-platform authentication such as portable biometric technologies to make it truly useful for end-clients.
It’ll be interesting to see how IDaaS shapes up over the next few years.