Many scenarios call for a migration from one Identity and Access Management (IAM) system to another. But how do you know when it’s time to move on? Let’s look at 8 common examples of when migration is required and the drivers behind them:
- Your in-house developed solution has become unmanageable…
…and is taking too many developer and support resources from the core business. Many companies fall victim to developing and maintaining in-house tools, consuming untold expert resources that could be working on truly unique core business logic that differentiates your products and services from that of competitors. Companies that recognise this issue should look for modern developer-friendly tools and components, that do all the heavy lifting and provide clear API integration points to the local business processes. This moves projects forward faster, gets services to market quicker and frees up developers to add true value to your business. Find out more in our white paper on Build vs Buy: Customer IAM.
- Your legacy system has performance, usability or scalability issues
As companies grow – and the user accounts, roles and attributes grow with them – they may find that their once-adequate IAM system no longer performs at scale. Slower logins, painful management or simply hitting system limits may force a company to seek a replacement.
- You want to simplify environments
Complexity has a cost. Simplifying an enterprise architecture across an organisation and consolidating services can reduce costs on multiple levels: risk of failure and licencing costs can both be reduced. A highly siloed organisation may have multiple services performing the same functions in different business units, that could be combined into an organisation-wide platform with a new IAM system.
- Your costs for licensing models, hosting and maintenance are too high
Cost models that once seemed attractive may, quite suddenly, become unattractive or even unsustainable. Changes in policy or business models may cause product vendors or hosting services to adjust or renegotiate contracts. Or changes in your own organisation – such as expansion into new regions, large increases or decreases in user or transaction volume – may suddenly swing the cost structure in such a way that the company must find an alternative. Maintenance costs of legacy systems can grow as the pool of specialists shrinks and talent moves to newer technologies. In the worst-case scenario, inability to find or attract staff to maintain and develop systems can lead to the risk of a critical business function becoming unsupportable.
- You need to maintain a standard operating environment during a merger or acquisition
When two companies combine, identity management can be a quick win to rapidly combine the services of two organisations. This allows customers of the acquiring company to use their current credentials and account to access the services of the acquired company, and vice versa. However, over time, maintaining two separate systems can become a burden – especially as rebranding of one of the services occurs, causing confusion over which account is which. Like other IT infrastructure, a desire to standardise the operating environment between both companies may involve migration of all users from one system to the other. In some cases, it may be an opportunity to migrate away from both platforms to a new solution. It can be a time to clear out in-house developed solutions which consume team resources and replace them with a product-based approach, which can be supported or even operated by external providers.
- You need better security and compliance from your IAM system
As laws tighten across industries, existing solutions may no longer adequately meet new requirements. We have seen this over the years with examples such as SOX, HIPAA, regional data protection regulations, financial services directives – and more recently, GDPR and PSD2. Such standards demand tighter data management, audit trails, encryption throughout data lifecycles, specific identity proofing and authentication requirements. Other examples are accessibility requirements or laws requiring personal user data to be stored only in – or always replicated to – the home jurisdiction of the user. The costs and risks of implementing these new demands as in-house development, or requesting customised changes to an existing solution, force IT departments to consider alternatives. It’s a good time to migrate to a product-based solution built by industry specialists and allow subject matter experts in your own IT department to work on systems of their own core competencies.
- Your current solution doesn’t offer certain software features
A system that once looked shiny and new may lose its shine if it doesn’t keep up with the latest integration methods and authentication capabilities. It may become costly, or even impossible, to integrate with more modern applications or new cloud services. It may also become incompatible with the way your team deploys environments, using techniques that weren’t used as recently as a few years ago.
- Your legacy system has become end-of-life and is no longer supported by the vendor
Sometimes, for commercial reasons, the software that is at the heart of your identity system becomes end-of-life and the vendor announces that support is ending as they change their own focus through restructure, merger or acquisition. Running non-supported software is an unacceptable business risk. In this case, it is important for business continuity to find a replacement solution – often preferably one that can be replaced with the least disruption possible.
In summary, across the different situations there are a range of motives for migrating an IAM system:
- Security – ensuring user data, projects and tools remain protected, by using proven best practices.
- Compliance – meeting requirements from industry regulators.
- Usability – keeping up to date with current user expectations and enabling modern technical integrations.
- Cost – often in the form of reducing work effort in maintaining legacy systems. Sometimes in the form of reducing hosting and licensing costs by seeking modern and optimised solutions.
- Architecture – simplifying technical deployment models, enabling architectures like microservice-based designed, hybrid-cloud or multi-cloud deployments.
- Performance – an organisation may have outgrown a solution that was never designed for the scale of users, organisations, roles or attributes that the business now has.
Read the next chapter in our migration series – ‘How to migrate your Identity and Access Management (IAM) system‘.
Whilst the task of migrating your IAM system may seem daunting at first, Ubisecure has tools and processes in place to simplify your migration to our Identity Server – with minimal business interruption. Contact us and book a time with our experts to discuss your individual situation and plan your IAM migration.