TOP 20 QUESTIONS TO ASK BEFORE SELECTING AN ENTERPRISE IAM VENDOR

Similar documents
INTEGRATING PING IDENTITY SOLUTIONS WITH GOOGLE IDENTITY SERVICES

A UNIFIED APPROACH TO DELIVERING EXCEPTIONAL CUSTOMER EXPERIENCES

BUYER S GUIDE: CUSTOMER IDENTITY & ACCESS MANAGEMENT (CIAM)

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and Getting Started with Multi-factor Authentication Solutions

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

EXECUTIVE SUMMARY CLOUD READINESS. Securing Access to Your Private Cloud

CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON

E-BOOK SECURITY BY DESIGN HOW IDENTITY HELPS YOU BALANCE SECURITY AND CUSTOMER EXPERIENCE

SafeNet Authentication Service:

GETTING CUSTOMER IAM RIGHT

INTEGRATING HORIZON AND CITRIX APPS IN A DIGITAL WORKSPACE

CHOOSE THE RIGHT IDENTITY & ACCESS MANAGEMENT SOLUTION

SECURE SSO TO OFFICE 365 & OTHER CLOUD APPLICATIONS WITH A CLOUD-BASED AUTHENTICATION SOLUTION

Identity and Access Managementas-a-Service: Protecting Digital Relationships

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

STREAMLINING USER PROVISIONING WITHIN JIVE USING ACTIVE DIRECTORY

A Guide for Application Providers: Choosing the Right Integration Partner

Statement of Direction

Optimizing Active Directory to Better Suit a Hybrid Environment. Gary Savarino Solution Consultant Active Directory Subject Matter Expert

RSA Identity Management & Governance

JourneyApps. Platform. The Competitive Edge In Industrial Digitalization. Copyright of JourneyApps 2018 All Rights Reserved

An Enterprise Architect s Guide to API Integration for ESB and SOA

Fujitsu End User Services Delivering a service as mobile as your people need to be

Secure information access is critical & more complex than ever

GDPR and Microsoft 365: Streamline your path to compliance

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

ENABLING THE BUSINESS WITH SOCIAL RELATIONSHIP PLATFORMS

DLT AnalyticsStack. Powering big data, analytics and data science strategies for government agencies

Fujitsu Workplace Anywhere Delivering a service as mobile as your people need to be

Disrupt or be disrupted

WHITEPAPER. Mobile SSO & the Rise of Mobile Authentication

API 360: The Complete API Strategy Model for the Enterprise

4/26. Analytics Strategy

MIGRATING AND MANAGING MICROSOFT WORKLOADS ON AWS WITH DATAPIPE DATAPIPE.COM

How Opaa! Food Management is retaining customers, improving childhood nutrition and empowering teamwork with Microsoft 365.

Tascent Enterprise Suite Multimodal Biometric Identity Platform

Moving Forward with ERP and the Cloud

Cloud Customer Architecture for API Management.

Moving to the Cloud: Benefits, Risks & a Case Study What is this Cloud thing?

ForgeRock Identity Management

Identity and Access Management. Program Primer

Securely Manage the Complete Identity Lifecycle of People, Services, and Things

The business owner s guide for replacing accounting software

The Future of NAS is Object

Modernizing Cyber Defense: Embracing CDM. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Microsoft 365 Migration

Enterprise Mobility Suite

Realize More with the Power of Choice. Microsoft Dynamics ERP and Software-Plus-Services

INSIDE THIS ISSUE. Whitepaper

Mobile & Online Banking

BUSINESSOBJECTS EDGE PROFESSIONAL

Modernize Your Device Management Practices Using The Cloud

BUSINESS OBJECTS CRYSTAL DECISIONS PROFESSIONAL

PNC8.2. Transforming today, taking care of tomorrow

WHITE PAPER GOOGLE AND SALESFORCE

Accelerate Business Success with Oracle Cloud Infrastructure

FINACLE SERVICES: API MANAGEMENT USING CA API GATEWAY

The business owner s guide for replacing accounting software

Enterprise Mobility: Are You Ready?

Oracle Cloud Blueprint and Roadmap Service. 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Fujitsu Workplace Anywhere Delivering a service as mobile as your people need to be

Meridian Server TRANSFORM ENGINEERING DATA INTO ACTIONABLE ASSET INFORMATION

Embracing SaaS: A Blueprint for IT Success

Receive and file information technology services report IT providing an update on the city s Enterprise Resource Planning (ERP) systems.

The Leading Low-code Application Platform For Modern Work Management

IBM Cognos Analytics on Cloud Operate and succeed at a new business speed

Optum Performance Analytics

GETTING CUSTOMER IAM RIGHT

UNDERSTANDING THE NEED FOR A HELP DESK SOLUTION. How to select the right help desk solution for your organization

SECRETS FOR SUCCESS how to thrive in an evolving retail market

IDENTITY IS THE CENTER OF OMNICHANNEL SUCCESSFUL BRANDS KNOW THEIR CUSTOMERS AND OPTIMIZE THEIR EXPERIENCE. WHITE PAPER

Future-proof your mobility strategy with Dell Enterprise Mobility Management

Case Study: Broadcom Limited

Azure Marketplace. Service Definition 2018

Bluemix Overview. Last Updated: October 10th, 2017

SaaS løsninger reintroduserer siloene, hvordan utvide og utvikle løsningene på tvers av og i samspill med, SaaS løsningene?

ARE YOU GOING DIGITAL WITHOUT A NET?

IDENTITY AND ACCESS MANAGEMENT SOLUTIONS

Prepare for GDPR today with Microsoft 365

The Composable Business

Trendwatch: The 5 essentials of unified communications.

Azure Marketplace. Integration Solutions

ACCELERATING DIGITIZATION THROUGH NEXT-GENERATION INTEGRATION

Small Business CRM Evaluation Guide

Cloud Data Integration and Data Quality: Extending the Informatica Platform to the Cloud

Workspace ONE. Insert Presenter Name. Empowering a Digital Workspace. Insert Presenter Title

SAP S/4HANA, THE NEXT GENERATION BUSINESS SUITE

Identity and Access Management

Reimagine the Power of Your Ecosystem

Explosive Growth Is No Accident: Driving Digital Transformation in the Insurance Industry

Pivotal Ready Architecture by Dell EMC

Streamline Physical Identity and Access Management

BT Strategic Sourcing. Accelerating your business performance

The Hybrid Enterprise: Working Across On-premises, IaaS, PaaS and SaaS

The Portnox Sphere Partner Program Guide

PEOPLE POWER IMAGINE TECHNOLOGY BUILT AROUND YOU A QUIET REVOLUTION IN

Office 365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107

Transcription:

TOP 20 QUESTIONS TO ASK BEFORE SELECTING AN ENTERPRISE IAM VENDOR

The need for a robust and flexible enterprise-grade identity and access management (IAM) solution has never been greater. IAM is increasingly becoming a strategic IT priority driven by business demands that include a more mobile workforce, a diverse application portfolio including more cloud-based apps and support for the unique needs of customer identities and devices. Of course, all of this must be provided at scale, with high performance and while ensuring stringent end-to-end security. Today s business drivers have exposed critical gaps and deficiencies with legacy IAM solutions, advancing a wave of initiatives to modernize IAM. Considering that IAM solutions have traditionally enjoyed a long enterprise lifespan, enterprises are being careful in today s rapidly evolving landscape to ensure that any new IAM solution is able to address both current and projected needs. Over the past 12 months, we ve responded to thousands of RFP questions from dozens of enterprises seeking to procure a future-proofed IAM solution. Based on the experience and insights gained, we ve created a list of the top 20 questions to ask before you select an IAM vendor. We invite you to use this guide to make an informed decision about which IAM vendor and solution provides the best fit for your organization. 1 Can your single sign-on (SSO) solution support my hybrid IT environment? Enterprises have an increasing variety of applications in the cloud and on-premises, including SaaS, legacy, custom and mobile apps. They need an enterprise-grade SSO solution that supports them all seamlessly, including pre-built connectors for popular SaaS applications, integration kits, token translation capabilities and, of course, support for a broad range of industry standards. This also includes the ability to SSO from a mobile device to your on-premises apps, not just to SaaS and cloud-based apps. 2 What types of adaptive authentication policies are available? One-size-fits-all authentication that forces all users through the same process, particularly at the expense of user productivity, is unnecessary given today s adaptive authentication policies. Enabling a superior user experience, while remaining highly secure, these policies can examine a variety of factors device, network, geo-location, time of day and more to intelligently determine the appropriate level of authentication necessary for a given situation. Ask IAM vendors what specific adaptive authentication policies exist in their solution. 3 What multi-factor authentication (MFA) options are supported? Today s enterprises want strong authentication options for an increasing range of high value transactions and use cases. Inquire about the specific types of MFA services supported by IAM vendors, including use of mobile devices, push notifications, SMS, biometrics and soft or hard tokens. Be sure to ask whether MFA services can be accessed via APIs, SDKs or both, and what types of MFA policy controls are available to balance strong security with user experience. 4 Do you provide access management across a variety of application types? In today s digital age, you need secure access management across a variety of applications and services. Legacy WAM solutions designed for web apps no longer meet these broader enterprise needs. Ask your IAM vendor if they provide secure access management across mobile, cloud, APIs and other endpoints, as well as web applications. Additionally, does the IAM solution offer a range of deployment options, such as agents and reverse-proxies, to ensure flexibility for different situations? Is the IAM solution designed to deploy seamlessly in the cloud, on premises or both? 2

5 What range of authorization and access policy controls do you provide? Not all applications are created equally, and not all situations demand the same security. Ideally, enterprises would allow end users to remain as productive as possible, while maintaining the highest levels of security. Flexible access policies can be created to allow for these two requirements to coexist. Your IAM vendor should provide policy controls to grant access based on device, network, user/group, resource type, user behavior and more. This gives users fast and convenient access to resources when conditions and context allow and, conversely, it allows you to step up authentication measures when suspicious activity is detected. 6 How do you monitor, track, delegate or revoke access? Large enterprises need to manage access for many employees across many different applications. Ask a prospective IAM vendor how an administrator can handle this. Dashboards can help admins monitor user behavior, while APIs can ease integration and allow for automation with other tools. Dive deeper into the details by understanding how administrators can empower user groups to perform some functions. Lastly, understand the different methods available to revoke or suspend access when suspicious activity is detected. 7 Do you offer directory solutions with cloud and on-prem deployment options? Enterprises inevitably have existing identity directories. A modern IAM directory solution should be able to support a wide range of coexistence, replacement and migration needs, including the flexibility to deploy new directory solutions either on-premises or in the cloud. This includes the flexibility to support structured and unstructured data types and the ability to bi-directionally sync data to and from heterogeneous data sources, including from local directories to cloud directories as needed. 8 How is identity and profile data migration, sync and replication handled? Consolidating and managing identity data can be a significant challenge within a large enterprise. Your future IAM solution should provide multiple options to consolidate disparate identity data silos, including schema mapping, one-time migrations, bi-directional sync and ongoing replication. Some solutions on the market provide only simple import/ export capabilities. They aren t designed for the more complex migration or coexistence scenarios found in the enterprise. 9 How do you govern access to sensitive identity and profile data? Identity data needs to not only be secured from breach, but data access must also be governed to comply with an increasing range of industry, geographic and corporate regulatory constraints. These governance controls must ensure that apps and data consumers only receive the information they need and nothing more. Ask IAM vendors how they govern access to sensitive identity data, including methods used to centralize policy controls and audit their enforcement. 10 Does the vendor provide tools, best practices and professional services for migration to the new IAM solution? IAM vendors with a record of success in migrating users and data to their new solution will have more advanced tools, best practices and professional service to make this easier for new customers. These migration tools and solution accelerators are key to ensuring a smooth transition with zero downtime and quicker time-to-value. Also, consider that migration efforts are not always one-time events. IT consolidation efforts or M&A activity can renew the need to migrate IAM systems in the future. 3

11 What range of deployment options (IDaaS, on-prem, hybrid, etc.) are supported by the vendor? If you re like most enterprises, your application portfolio is spread across on-premises data centers and one or more clouds. You may want your new IAM solution deployed in a variety of ways, including IDaaS (vendor manages the solution in the cloud), managed service provider (third party manages the solution in the cloud), cloud-deployed (you deploy and manage in the cloud of your choice), on-premises (deployed in your data center) or any combination of the above. First, ask a prospective IAM vendor if they can support these hybrid IT deployment options. If so, clarify which specific MSP partners, IDaaS capabilities and automated cloud deployment tools they can provide to you. 12 What level of training is required to use your product? Does deployment require a team of highly trained specialists? What range of industry standards are supported? You want to know if the solution offers easy-to-use administrative user interfaces and is able to support more complex enterprise use cases out-of-the-box. Also, does the vendor provide high quality product documentation, training options and a range of consulting partners? Asking these questions will help you determine if an IAM solution will deliver a successful post-sale implementation experience and continued operational ease-of-use. 13 How comprehensive is the vendor s partner ecosystem and how well would they support your specific needs? A healthy partner ecosystem signals confidence in an IAM vendor and the technology they are using. IAM is evolving quickly, and there are many technology and consulting partners offering valuable niche capabilities, as well as more comprehensive solutions. Inquire about an IAM vendor s range of technology and consulting partners to gauge its reputation and capabilities. 14 How customizable is the solution? Although smaller organizations may be satisfied with an IAM solution that caters to the lowest common denominator, large enterprises require more advanced functionality and customization for their unique needs. Ask the IAM vendor about the ability to customize an implementation and the variety of use cases available out-of-the-box with administrative consoles, as well as the breadth of integration options. Can the look and feel of user interfaces be rapidly and easily skinned to match the corporate brand? Are administration options executable via APIs? Remember to think about needs you may have in the future as well. 15 What proof-points do you have for large-scale deployments and product performance? Enterprises need proven solutions that can scale and perform. Nothing proves that better than customer references of production deployments. Large-scale customer IAM deployments can be a good indicator of a battle-tested solution, as they are often required to manage tens of millions of identities, while delivering high performance and low latency to provide a good customer experience. In addition to strong customer references, ask the vendor for product testing data, including performance tests and security penetration tests. 4

16 How does the IAM vendor address the end-to-end security of their solution? Security is a key tenet of any IAM solution. The best IAM vendors should be able to detail the end-to-end security features of their solution. The many security topics to explore include secure authentication methods, secure access management, identity data management and integrations to third-party security solutions. Understand how the vendor s IAM solution secures identity data end-to-end while in transit, at rest, during replication and at backup. Ask what encryption algorithms are supported, how regulatory compliance requirements can be met and what features exist to limit everything from external DoS attacks to insider threats. Dive into what policy controls are available for the solution (password policies, data access governance, adaptive authentication and more), and ask if log files are secure and tamper proof. If you re currently using a SIEM solution, validate that the IAM solution can integrate via APIs. 17 What range of standards does the IAM solution support? Large enterprises typically require support for a broad set of standards, including the latest standards to support modern applications and services, as well as older standards to integrate with legacy assets. A sampling of modern and legacy IAM standards ranges from SAML, OAuth, OpenID Connect, WS-Federation, WS-Trust and SCIM. Understand your current needs, and look for IAM solutions with broad standards support to ensure future interoperability as well. 18 What is the IAM vendor s commitment to developing and adopting emerging standards? The IAM industry is evolving rapidly. This includes the creation of new industry standards to support changing industry and geographic regulations, strengthen IAM security, and address new market opportunities. IAM vendors that lead or actively participate in the development of standards are on the cutting edge of new approaches and solutions. Ask an IAM vendor if they contribute to standards development and, if so, what current initiatives they are supporting. 19 Does the vendor s longer term strategy align with your objectives? IAM solutions often have a long lifecycle, so it s important to align with an IAM vendor that shares your direction and longer term vision for identity and access management. The IAM market is filled with diverse vendors that have targeted a specific niche or segment of the market. Many IAM vendors also shift focus over time, such as targeting small companies initially and then moving up market to larger enterprises. Make sure you understand both the historical, current and desired future market position of your IAM vendor so you are assured a good match years later. 20 Understand the vendor s product roadmap. What opportunities are provided to influence it? A strong IAM vendor will regularly share insights into their product roadmap and provide multiple opportunities for you to influence it. This includes providing access to the IAM vendor s product leaders and a range of regularly scheduled forums, like customer advisory boards, city tours and other regional events. Look for an IAM vendor that prioritizes customer feedback and uses it to make ongoing product improvements and investments. WANT TO DISCUSS THESE QUESTIONS IN GREATER DEPTH? IAM solutions are becoming increasingly important for the success of key digital business initiatives. But selecting an IAM solution robust enough to meet current and future enterprise needs is a complex endeavor. For more information on IAM vendor selection criteria, contact Ping at sales@pingidentity.com or reach us by phone (+1 877-898-2905). ABOUT PING IDENTITY: Ping Identity envisions a digital world powered by identity. As the identity security company, we simplify how the world s largest organizations prevent security breaches, increase employee and partner productivity and provide personalized customer experiences. Enterprises choose Ping for our identity expertise, open standards leadership, partnership with companies like Microsoft, Amazon and Google, and collaboration with customers like Boeing, Cisco, Disney, GE, Kraft Foods, Walgreens and over half of the Fortune 100. Visit pingidentity.com. 5 #3274 09.17

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback