IDaaS is Identity-as-a-Service. The definition of IDaaS refers to Identity and Access Management (IAM) capabilities deployed as SaaS (Software-as-a-Service managed by a third party). For this reason, IDaaS is also called SaaS-delivered IAM by Gartner.
As a brief background, IAM is a wide-scoping term that extensively deals with management of digital identities (whether individuals, organisations or things) and their roles and privileges within networks, applications, and digital services. IAM is used to ensure users are who they claim to be, and have access only to the applications, services or resources that they have the right to access. As with IAM, the term IDaaS covers both internal (employee IAM) system identities and external (CIAM, Customer IAM) system identities.
So, let’s look at some key questions around IDaaS – including capabilities, the drivers behind adoption, and which organisations choose this SaaS IAM method.
What can IDaaS offer my organisation?
IDaaS covers a range of identity management capabilities, and typically includes essential, standardised features like simple customer registration / login screens, Multi-factor Authentication (MFA), Single Sign-On (SSO) (see this blog on What is SSO?), and self-service user account management. It can also make it much simpler to support existing digital identities from third party Identity Providers (IdPs) like Banks, national IDs, service providers like Google, Facebook, LinkedIn, and identities that exist in enterprise directories.
Identity-as-a-Service is a cloud-based, managed service, meaning that an organisation employing SaaS IAM would not need to worry about managing deployment, security, configuration and maintenance in-house. Maintaining inhouse IAM is costly – there are hardware, network, development and expensive expertise costs to consider – more on the benefits of the SaaS IAM approach later on.
IDaaS is an ideal solution to get an app/service to market quickly, but without compromising on the security of the identity management components. However some companies’ identity needs may go beyond SaaS IAM capabilities. Ubisecure, for example, offers IAM deployment choices from Identity-as-a-Service, to private cloud (Platform-as-a-Service), to IAM software deployed on-premise in the organisation’s datacenter.
Why would my business need IDaaS?
Safeguard against data breaches
The vital function of Identity-as-a-Service is to better secure and use identity data and identity credentials, and to secure system access to privileged users only. This includes both internal and external users – like customers, partners and contractors.
Most breaches occur due to the theft and unauthorised use of identity credentials or weak access control workflows. Identity-as-a-Service helps strengthen the ‘identity as the perimeter’ concept by enforcing policies about credential management and introducing stronger levels of authentication when circumstances demand them.
Data privacy has recently been (and will remain) a much-discussed topic, with data breaches making news headlines every day. Data breach scandals damage an organisation’s reputation, no matter what size, driving away business – not to mention huge regulatory fines (such as those as a result of GDPR non-compliance).
Compliance with regulation
And it’s not just breaches that constitute regulatory non-compliance.
Organisations must ensure that they are transparent about their data practices and give users control over their own data – again, made possible with SaaS IAM through features such as self-service account management.
The benefits of IDaaS do not only represent cybersecurity team priorities – they also cover usability and customer experience priorities, which could fall under many departments’ jurisdiction – such as marketing.
For example, it can be leveraged to create the easiest registration processes for customer facing applications on the market – a crucial point in converting visitors to customers – giving users intuitive sign-up and authentication options, such as support for existing digital identities (social, enterprise, federated, national etc.). Identity provider options will vary between SaaS IAM solutions.
Once a customer is registered, having them hop between connected applications using the same identity is then possible using Single Sign-On, another core IAM capability.
Expertise on demand
IAM is a complex subject matter, built on many standards (i.e. OpenID Connect, SAML, OAuth, WS-Federation). Plus, the standards and their implementations are constantly evolving. This represents considerable cost to the organisation trying to keep up.
Embedding IAM capabilities into your application with SaaS IAM means your developers don’t have to reinvent the wheel doing what the IAM provider has already successfully achieved for many customers; they can just plug-in all the necessary pre-existing expertise via APIs. This dramatically reduces time and money spent on in-house development, and the risk of it going wrong.
It is this ‘expertise on demand’ that has driven SaaS growth across many industries in recent years, and identity is no exception. Gartner estimates that SaaS IAM will augment or replace 60% of software-delivered IAM implementations globally, up from 20% today, and will be the chosen delivery model for more than 80 per cent of new access management purchases globally by 2022 (source: Gartner Magic Quadrant for Access Management, August 2019).
If you’re wondering whether your organisation could build an IAM solution in house, or whether it would be better to buy an IDaaS solution from a provider, check out this free white paper to help you decide – Build vs. Buy: IAM.
Choosing an IDaaS provider
Compared to building in-house IAM, Identity-as-a-Service can greatly reduce your organisation’s Capex and Opex investments. It will also reduce development time and time it takes to get an application to market. Finally, it will also reduce your risk; getting identity wrong comes with severe brand damage and regulatory penalties.
If you’re ready to evaluate Identity-as-a-Service solutions, watch this 1-minute video for a taste of Ubisecure’s IDaaS solution:
Free IDaaS Trial
To experiment with SaaS IAM and build identity management into your application quickly and easily, Ubisecure provides free IDaaS.