Strata Identity today announced the general availability of a platform for orchestrating the management of identities spanning multiple applications, directories and cloud services.
Eric Olden, Strata Identity CEO, said the Maverics Identity Orchestration Platform provides IT organizations with a framework to declaratively implement and manage policies based on identities that is core to any zero-trust approach to securing IT environments.
There is no shortage of ways to manage identities within any enterprise IT organization, Olden said. The challenge is finding a way to federate the management of identities that, today, reside in everything from Microsoft Active Directory (AD) to individual custom applications, said Olden.
The Maverics Identity Orchestration Platform is designed to enable IT teams to declaratively apply policies on any platform via integrations with Microsoft Azure AD, Okta, AWS Identity and Google Cloud Identity services, Olden added. There is no need to master a complex set of application programming interfaces (APIs) that are liable to break, he added.
The platform itself can be deployed in an on-premises IT environment or in the cloud. Integrations with legacy, cloud-native and software-as-a-service (SaaS) applications is achieved using standards-based protocols or HTTP headers and sessions. There is no need to absorb the cost of complex custom integration to connect applications that employ different identity technologies, noted Olden.
In addition, as part of an effort to lift and shift an application to the cloud, the Maverics Identity Orchestration Platform makes it possible to also migrate identities attached to an application without making any changes to the underlying code, said Olden.
Olden, a co-author of the original secure access markup language (SAML), said the need to manage identities at a higher level of abstraction across a distributed computing environment has been an issue hiding in plain sight for decades. Now, however, it’s more visible since organizations are more aggressively embracing zero-trust as an IT architecture. Zero-trust, of course, is not a new idea. It’s just becoming easier to implement and orchestrate using software versus trying to lock down a hardware device.
Of course, the COVID-19 pandemic also is forcing the zero-trust issue. Historically, IT organizations assumed that every device behind a corporate campus firewall could be trusted. However, with more employees working from home, it’s more feasible to launch a phishing attack that compromises the credentials of an end user. In short order, malware is moving laterally throughout an IT environment. Thwarting those attacks requires implementing a more advanced approach to managing identities that is not as easily compromised. That’s especially critical as organizations launch digital business transformation initiatives that almost invariably present a rich target to cybercriminals. Most of those initiatives depend on application users having confidence in the level of security being provided.
The challenge is that identity management is only one critical piece of the zero-trust puzzle. A zero-trust architecture is not something that can be bought and implemented overnight. Rather, it needs to be carefully constructed, working backwards from the identity of a user, application or machine deployed at the very edge of what, today, is an increasingly extended network.