Monday, October 8, 2012

IDM in the cloud

Recently there was a very interesting discussion around cloud based IDM vendors at Wisegate. The question that was posed was what are the current cloud based IDM alternatives. There is a number of vendors out there but my three favorites for a US based corporation would be:

Lighthouse security
A quite mature solution based on the IBM security stack (formerly Tivoli Identity Manager and friends) with a quite nice custom GUI.

Sena systems
My old employers at Sena offers a hosted turnkey IDM solution based on the Oracle stack. This solution is built on top of a very mature service offering that Sena started working on way back in 2006.

Identropy 
Very interesting solution architected by Nishant Kaushik (ex Thor, ex Oracle).

A couple of years ago cloud based offerings was a quite new thing and most vendors did not offer it. Today you can get this offering for most of the major products and most of the bigger implementation players will have a cloud offering in their portfolio.

The main draw for most customers of cloud based implementations is that you avoid having to install and maintain an often complex, temperamental and finicky IAM installation. There is a significant element of economy of scale of running a number of very similar IAM installation in a data center compared to running just one so this makes a lot of sense.

The second advantage a cloud based implementation offers is that it usually supports a standardized set of requirements instead of offering a basically unlimited configurability that most major IAM stacks will offer. This means that the implementation time is much shorter and the implementation cost as well as maintenance cost is much smaller. The downside is of course that you have to accept the use case and the requirements that already are in place. Sometimes you have the ability to do some limited configuration but you definitely aren't able to write custom code.

As a general rule it is easy to burn three times the license cost on professional services in an IAM engagement so there is a huge financial incentive to go with a standard cloud implementation rather than a custom local installation.

IAM as a service is clearly taking a bigger and bigger mind share and as corporations becomes more and more comfortable with running things in the cloud it is likely that the mindshare will result in a bigger and bigger market share as well.