September 29, 2016 By Anna Seacat 3 min read

Identity and access management-as-a-service, also known as IDaaS or cloud IAM, is becoming the go-to solution for CIOs, CISOs and CTOs struggling to keep up with the rapid advancements and changes in cloud, mobile and social. But because identity and access management (IAM) touches every corner of an organization, adopting cloud IAM is not a decision that these C-level professionals take lightly. Choosing the right IDaaS provider is paramount.

IBM Executive Dishes on IDaaS

The office of the IBM CIO recently made critical decisions around cloud IAM and IDaaS vendors. In the interview below, William Tworek, an executive architect in the office of the IBM CIO, described his team’s decision to adopt cloud IAM and how his team evaluated the various IDaaS providers.

Question: Bill, thank you for being willing to share your experiences in adopting cloud for your IAM environment. Before we jump into that, can you please share with us a bit about your role at IBM?

Tworek: At the time of this effort, my role was essentially as the CTO for IBM’s corporate identity and access services. My job was to update IBM’s approach in the identity arena to help accelerate IBM’s embrace of the cloud, both internally for its employees and externally for its customers and partners.

Can you please share more details about the challenge your team was facing and why it led you to consider cloud-based identity and access management?

As with most companies, our legacy identity services were behind the corporate firewall and based on older authentication techniques and protocols. Such services were also beginning to frustrate both our users and developers. They had become aged in terms of their end user experience, and a bit bureaucratic and process-driven in ways that slowed their adoption.

We quickly realized that to support the cloud, we needed our identity services themselves to move to the cloud. This was the only way we would be able to keep up with the velocity of change that occurs with a shift to the cloud, as well as the typical agile and DevOps practices that come with it.

Once you realized cloud IAM was a good fit for your needs, what selection criteria did you use to judge the various IDaaS vendors?

Once we decided to move to the cloud, our requirements really became those typical for any cloud effort. Speed of delivery and execution, a truly modern and mobile-friendly user experience, self-service adoption for our project teams and state-of-the-art security options were all key focus areas.

Which IDaaS providers were you formally considering? Why did IBM’s very own enterprise-level cloud IAM stand out as the best solution?

We considered all the leading players in the IDaaS industry and performed proof-of-concept efforts/pilots with many of them. Ultimately, what made IBM’s own IDaaS [Cloud Identity Service] stand out was the flexibility that the solution provides around authentication and security policies. Many cloud IAM products could deliver on our general cloud agility requirements, but finding the needed security options was much tougher.

We knew that externalizing our corporate authentication services would only be feasible if we could do much more than just authenticate the user. As identity becomes one of the sole security control points in the cloud, we needed to perform many other analytical and policy-based security checks at the time of auth. We found that only IBM’s Cloud Identity Service provided us with the needed flexibility and extensibility in this area.

Can you please share some immediate results you experienced after deploying Cloud Identity Service?

We went from onboarding less than 100 projects a year with our legacy corporate authentication services to onboarding literally thousands of projects virtually overnight with Cloud Identity Service. Even more, we did this while dramatically improving end user satisfaction and improving the security of our enterprise.

By using Cloud Identity Service, my team could focus purely on automating adoption, implementing the security policies desired and innovating on design-led user experiences — versus needing to worrying about the details of running an identity service.

Next Steps

Congratulations to the office of the IBM CIO for their successful adoption of IDaaS. If you are wondering how cloud-based IAM can reduce your costs and accelerate your business initiatives, visit the Cloud Identity Service website.

Get the IDaaS Buyer’s Guide

More from Identity & Access

Taking the complexity out of identity solutions for hybrid environments

4 min read - For the past two decades, businesses have been making significant investments to consolidate their identity and access management (IAM) platforms and directories to manage user identities in one place. However, the hybrid nature of the cloud has led many to realize that this ultimate goal is a fantasy. Instead, businesses must learn how to consistently and effectively manage user identities across multiple IAM platforms and directories. As cloud migration and digital transformation accelerate at a dizzying pace, enterprises are left…

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

4 min read - Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still heavily relied upon. Today X-Force released the 2023 Cloud Threat Landscape Report, detailing common trends and top threats observed against cloud environments over the past…

Artificial intelligence threats in identity management

4 min read - The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and hybrid work environments 74% are concerned about confidential data loss through employees, ex-employees and third-party vendors. Additionally, many feel digital identity proliferation is on the rise and the attack surface is…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today