Legacy Identity Management Solutions End-of-Life – An Opportunity to Modernize IGA Program
Legacy identity management software and/or homegrown solution & processes served a purpose. Now many such software, solution, and processes are beyond their prime time. We discuss the why and what to look for to address the question of upgrade vs. modernize.
Businesses have spent years of time, dedication, and a huge sum of money to put in place user lifecycle solutions. These could be homegrown solution & processes, (now legacy) commercial identity, management software, or a hybrid of commercial solution with support of homegrown processes.
Despite all these efforts, there still could be lingering manual & semi manual processes or use cases that are not supported by these solutions. Furthermore, unless a software company continues research and invests into their product, what used be a leading and “cutting edge” user lifecycle solution from a few years ago will be stale and no longer satisfy changing needs of today’s organization or reduce risk. Many of the legacy commercial identity management software have stopped innovating a while back and most have been going out of support. Customers who are using legacy identity management solution - such as Oracle Identity Management 11g - are grappled with a key decision; either upgrade to another version or continue using out of support product which could increase cyber risk.
Legacy solutions architecture and integration capabilities are not relevant in today’s cloud first and hybrid distributed networks. CISOs and CIOs are looking to stay compliant, reduce risk, reduce operational costs, avoid bloating the technical team, and still keep up the momentum with changed needs of identity management including compliance, automation, advanced reporting, role based access control (RBAC) and risk driven decisions. Legacy solutions which has not keep up are not suited to address these priorities or may not support all use cases that a business has needs for.
With legacy solutions going end of life or have become stale without any new features, we recommend to use that as opportunity to rethink the next 2-5 year roadmap. The CredenceIA team has encountered modernization questions a lot, and we have successfully migrated our customers from legacy solutions, such as rip-replace from Microsoft MIM, Oracle Identity Management (OIM), IBM Tivoli (ISIM), NetIQ, CA IdM, to next generation cloud solutions such as Saviynt and SailPoint.
Do know that in most cases, due to a significant difference in product architecture, connector configuration, way development is done, there is no automated way to migrate to a different solution in less time – regardless of claims. Planning and executing migration or ground up IGA solution that meet or exceed objectives require approach that show result versus only a sales pitch.
Modern IGA solutions allow organizations to practice Zero Trust principles that enable organizations to address several key use cases related to automation, proactive risk reduction, segregation of duties (SOD), RBAC, governance, compliance, integration capabilities with cloud applications, and effective integration with user behavior analytics solutions (e.g. Splunk) among others.
We recommend that the CISOs and decision makers who are using any legacy solution and are considering where to go next should take the opportunity to consider looking at the current leaders in Identity Governance (IGA) solution. Before talking to the vendors and possible system integrator (SI) for IGA modernization, we suggest to do due diligence. We have helped organizations with such workshop and "mini strategy" to help then identify the purpose, technology and priorities.
The due diligence is focused on what matters now and for next 2-5 years. This research will also help with building the business case, identifying stakeholders and overall organizational level needs, wants that will help lay out a robust plan for modernization. As a starting list, here are some of the focus areas to think how well they are addressed today versus could be with IGA solution:
What are the organizational goals: focuses on what are priorities i.e. compliance driven program vs. risk driven vs cost savings vs end user focus or little bit of all? Its exercise in finding the purpose of modernization and why legacy solution needs to retire.
What works today, and what are gaps with current technology: focuses on applications, integration patterns, technology needs, what processes works , what are the priorities etc.
Know your users and their voice: purpose and technology can only go so far if user input is not taken into account. Don’t forget user training as w/o it many programs fail to realize intended benefits
What are the use cases:For example
User data centralization,
The availability to support wide range of applications and connector,
User self service
Ability to allow metadata enhancement (e.g. improve Incomplete/non-business friendly descriptions),
The ability to do “one click” disable of user or termination,
The ability to allow temporary access,
The ability to know who has access to what,
Data completeness & accuracy
Want to discuss further?
We offer customized and streamlined options from planning to building to operations. We help customers with advisory, implementation service, unique Identity Governance (IGA) QuickStart, the prioritization of use cases and a plan that continue to show incremental progress.
If you have legacy solution and/or are considering ways to get better result from your existing implementation, Contact us to find out how CredenceIA can help you!