Virtualization Technology News and Information
VMblog's Expert Interviews: One Identity Talks Security and Risk Management in Hybrid Cloud

interview one identity 

Currently, 90% of organizations worldwide rely on Microsoft's Active Directory solution to authenticate and authorize users on their networks.  Yet while Microsoft's launch of the cloud-based Azure Active Directory (AAD) and Office 365 have since fueled steady growth in enterprise cloud adoption, many adopting this cloud-based directory still find themselves firmly planted in on-premises environments, leading to vast inconsistencies - and glaring gaps in security.

I recently spoke with Jackson Shaw, SVP of product management at One Identity, about this very topic, which is an area where his company is attempting to help organizations tackle those very security gaps.  One Identity recently rolled out a new release of its Active Roles product - the first update since One Identity and its solutions spun out from the Dell umbrella last fall. Active Roles 7.1 is said to help organizations seamlessly manage risk-related issues in on-prem, cloud-based and hybrid enterprise ecosystems and overcome the limitations of subpar native tools.

VMblog:  What is the driving force behind the increased enterprise adoption of hybrid cloud deployments?

Jackson Shaw:  The increase in enterprise adoption of hybrid cloud environments is driven by digital transformation -- the investment and adoption of innovative technology solutions intended to enhance competitive differentiation and fuel business growth. In today's modern enterprise economy, the first step towards digital transformation can occur through cloud adoption. Because cloud adoption is a long process and cannot be thoroughly achieved overnight, while digital transformation is in effect, hybrid cloud adoption is a reality and will continue to be the reality for several years to come.

VMblog:  How do enterprise productivity applications like Office 365 play into the proliferation of hybrid cloud environments?

Shaw:  According to recently published Microsoft data, Office 365 is the company's fastest-growing commercial product, with approximately 70 percent of Fortune 500 companies purchasing the service in the last 12-month time period. Strong Office 365 adoption has translated into strong adoption of AAD. This drive has created an industry-recognized trend called "hybrid AD" due to the fact that, although the drive towards the cloud is significant, the vast majority of organizations still leverage their current on-prem AD deployments and will do so for the foreseeable future. As a result, organizations will require a seamless solution to ensure that management and security is accounted for in both the cloud and on-prem AD environments, ideally from a single interface.

VMblog:  What security challenges do organizations face as they go through a digital transformation and add new cloud capabilities to their legacy environments?

Shaw:  The steadily rising appetite for cloud-based productivity tools like Microsoft Office 365 and Exchange Online has driven quick adoption of Microsoft's AAD - yet many adopting the cloud still, by necessity, have their feet firmly planted in on-premises environments, leading to vast inconsistencies in administrative processes and security execution.

Security challenges also arise from instances of shadow IT. For example, line-of-business specific departments such as Marketing or Sales, are leveraging cloud-based systems and solutions without explicit IT approval. Although these systems and applications are intended to help drive LOB departments forward, they are inadvertently also creating security gaps.

Coupled with the shortcomings of native and other third-party solutions, the rise of these hybrid AD/AAD environments has led to millions of enterprises struggling with dangerous gaps in security and crippling inefficiencies, due to gaps in IT skills, shortcomings of tools, and unnecessary duplication of efforts.

VMblog:  What sort of education around proper security and management is necessary for IT teams that are leading efforts around hybrid cloud deployments?

Shaw:  Managing Active Directory is hard and native tools don't make the lives of IT pros any easier. Time and effort are wasted when trying to manage user accounts, group memberships, and other attributes in Active Directory with manual processes, native tools, and cobbled-together scripts. In addition, and most importantly, security for Active Directory is difficult. Left unchecked, the AD Admin account has limitless power and lacks individual accountability - if the Admin rights fall into the wrong hands, an enterprise faces serious risk.

While certainly attractive, many organizations find themselves coming up against roadblocks as it relates to adopting the cloud-based Microsoft Azure - this is due in large part to the fact that the cloud version of Active Directory (Azure AD) is entirely separate from on-prem AD and cannot natively be managed and secured with the same tools and processes. The results are inefficient identity administration, inadequate security, and lack of unity across the on-prem and cloud environments. The vast majority of organizations maintain a hybrid AD environment (either by choice or necessity) and find that securing and managing that environment is fraught with risk, escalating inefficiencies, and redundant error-prone processes.

When considering the move to a hybrid cloud deployment, enterprise IT teams must consider solutions that will help overcome management challenges, close security holes and reduce risk for BOTH AD and AAD.

VMblog:  How does One Identity help IT teams address challenges around hybrid cloud deployments?

Shaw:  One Identity, a recognized leader in identity and access management, recently launched a new release of its Active Roles solution that helps to mitigate the challenges many organizations face around managing complex hybrid AD environments. Thousands of users already leverage Active Roles to manage on-prem Active Directory; now, Active Roles 7.1 delivers a single management console, purpose-built to help organizations overcome these time-consuming challenges. Active Roles 7.1 customers can leverage a single unified platform for consistent administration and security of both on-prem and Azure AD, enabling a seamless hybrid cloud implementation.

VMblog:  What do you predict will be the next wave of cloud-driven enterprise trends in the coming years?  Will security and risk management continue to play a driving factor in these trends?

Shaw:  The cloud will only grow, and as it does, its on-prem counterparts will shrink. However, the process will take time and, for most organizations, will be a slow and gradual process. Consequently, any new security solution should fully embrace the cloud - without ignoring the on-prem world -- i.e., security solutions must be purpose-built with intentions of seamless implementation and operation within a hybrid environment. As the cloud continues to proliferate, in turn, the overall security perimeter will shrink -- and as a result, the "new" security perimeter for consideration will be related to controlling access to applications and data in hybrid environments.

In the future, organizations will have the ability to take the best of on-prem security and extend it to the cloud, and take the best of cloud security and efficiency and apply it back to the on-prem environment.


Published Monday, April 10, 2017 7:31 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2017>