Adaptation of Cloud with IAM requires certain approach with respect to security. This article looks at the aspects of IAM and cloud to accommodate into enterprise security.


The emergence of cloud computing and its services has defined how cloud systems should embed security and should look at the concepts of Identity and Access Management (IAM) while approaching enterprise security. With the adaption of IAM into cloud, and as enterprises migrate to heterogeneous and distributed systems, the relevance of IAM is more than ever before. In an enterprise security eco-system, compliance and security are crucial components and the investment in IAM is made in the conventional enterprise system as well within the advent and usage of private and public cloud infrastructure systems.

In a recent report ‘2014 Enterprise IT Buyers survey’ conducted by Gigaom Research states that security remained the crucial factor for several hi-tech enterprise companies not choosing or investing in cloud services. The recent intrusions of ‘iCloud’ and the stunning disclosures of Snowden about US-NSA’s PRISM project has added the fear-factor for several enterprises and government sector not migrating to cloud platform. The integration of IAM into cloud platforms and enterprise security system could be the right answer to enterprises not adopting the cloud citing security reasons. It has been observed that in several instances, the data is actually more secure in the cloud system when the relevant security models are enforced.

IAM – Force Multiplier

IAM should be considered as the combination of force multiplier for businesses and security technology. In other words, it means that those who implement IAM should focus on business process and also the various other components involving security. Considering the earlier days, this is a new trend where security was viewed as a technical entity for the Information Technology team to sort the issues and business drivers was altogether neglected.

Enterprises which adopt strategic IAM capabilities can drastically bring down the costs of Identity Management components and tends to drastically be more responsive towards supporting new business process. Almost all the latest applications designed on the cloud will integrate the IAM component. In addition, IAM would be a crucial component of all existing applications which tend to move to the public cloud.

Centralized IAM Approach

When enterprises are migrating to larger distributed cloud based systems along-with the IAM, the cloud has its own challenges and advantages. While moving towards the cloud based technology, there is a greater need for centralized IAM specifically across verticals, group of users, or across different geographic locations. The concept of centralized IAM is to accommodate every sub-IAM-systems which are present at the local cloud and enterprise level with a core-repository of all valid identities that is connected to a large distributed and hierarchical IAM system.

The advantage of such a centralized IAM system within the framework of distributed cloud system is the capability to rapidly include identities for resources which are present outside the direct control of enterprise. This ensures that both the entities are valid and possess valid credentials. For example, a data analytics service delivered through the cloud can be identified faster and validated using a centralized IAM system as opposed to having to define, locate, and validate that specific service into company’s own IAM system. Another advantage of centralized IAM system is that it ensures less expense on enterprise security by relying on trust model.

The common challenge with a centralized IAM is the same that most of them had raised in earlier years that enterprise-IT system does not trust any data that is not present in the data center specifically the security servers. In-order to overcome this challenge, enterprises has to follow the same practice of fetching the identity out of data-centre and centralizing it in the cloud system. Even though the process of centralized IAM would be slow in adoption, it would be widely accepted by the enterprises in the coming years.

A Quick Word

As more enterprises migrate to cloud services, organizations should see IAM through the prism of enterprise security for optimization of business process. The integration of both private and public cloud with the IAM to secure enterprise system is crucial as businesses now are concerned more about retaining customer’s trust.