While attending the recent Gartner IAM Summit in London, OneLogin’s David Meyer, VP of Products, took a few moments to sit down with Tony Morbin, editor-in-chief, SC Magazine UK, to discuss a variety of topics around Identity and Access Management (IAM).
During the interview, Meyer and Morbin discussed the following topics.
Why do companies need to have an IAM strategy?
“An IAM strategy lets companies ensure that the right people can access the right things at the right time….The IT landscape for companies is changing rapidly. First they started to adopt a lot of cloud applications. So you needed IAM in the cloud. And then they started to have workers work from places other than the office very frequently. And then they you had to make sure people were secure when they were not connected to the domain at headquarters. And then people started to all work on devices. And all these fundamental changes means that you need identity management running from the cloud because that’s the only place that all these things connect to.”
Isn’t the cloud a less secure option?
“It’s a common myth. An outdated myth really that the cloud is less secure than on-premise….Cloud systems like Amazon are incredibly secure. There is no way you or I could gain access to those systems. But you or I, if we spent our time, and did social engineering, could walk into almost any of these offices in London by just being persistent.”
How can companies implement a cloud IAM strategy?
“A company has to decide what their goals are and where they want to be as an organization a few years from now and then begin the journey. The nice thing about a cloud identity solution, like OneLogin, is that we can connect to all of your existing enterprise systems. So if you have an identity provider on-premise, we can federate with that and extend that to all of your cloud apps. That’s often the first step people take. And then they start doing more and more in the cloud and making the cloud the master. And when the cloud is the master we can provision these new identities into your on-premise systems. So you start from syncing your on-premise stuff to the cloud. And then you start driving things from the cloud and pushing things down. And progressively you can connect all of your existing on-premise apps as well to the cloud identity system. And when you’re ready you can sever your ties with the past and start decommissioning your on-premise systems.”
To learn more about how OneLogin provides Identity and Access Management (IAM) Without Compromise, check out this whitepaper.