- Identity Jedi Newsletter
- Posts
- The 45th Edition of the Identity Jedi Newsletter: Converged IAM Special Edition
The 45th Edition of the Identity Jedi Newsletter: Converged IAM Special Edition
SPECIAL EDITION: Converged IAM
Wednesday 7/26/23 - Identity Jedi Newsletter - Subscribe
Hey Jedi welcome to the 45th edition of the Identity Jedi Newsletter!
SPECIAL EDITION: CONVERGED IAM
Continuing the summer series of deep dives, this week’s Special Edition newsletter tackles the topic of Converged IAM. What exactly is it? Is it the right thing to do? Are we ready? Is it football season yet!?
Let’s get into it!
But first, there is no newsletter without you Jedi. We are well over 500 subscribers and still growing, and I’m ready to take this thing to the MOON! Are you with me? For so long, we’ve wanted a community where we could nerd out together about identity, and I think this is part of it. There is so much more I want to do and give to this great community, but we have to keep growing to get there. So you know what to do. Hit the share button below, tell your friends, family, cousins, and ex-neighbors!
IDPRO - Where all the Identity nerds hang out I often tell people that the Slack channel on IDpro is well worth the cost of admission. Come hang out and talk identity, connect with other passionate individuals, and be apart of a growing and pretty cool community, if I do say so myself. |
Special Edition Index
Deep Dive Links and Articles | https://www.csoonline.com/article/573065/6-signs-your-iam-strategy-is-failing-and-how-to-fix-it.html |
Commentary | Riding the Hype Train The Platform Wars: Converged Identity Inevitable? What does the customer want? |
Riding the Hype Train
A quick Google search for “Converged IAM” (CIAM) will greet you with a litany of articles and posts touting the greatness that is CIAM. ( Not to be confused with Customer Identity and Access Management…sigh….). Every vendor wants to not only tell you about it but of course, pitch how their platform is the pinnacle of CIAM.
But let’s get to the actual root of this shall we. Because, believe it or not, we’ve been here before. And news flash ....it fucking sucked.
GASP
I know, I know, the idea of having IGA, PAM, SSO, ( add your identity acronym here) is tantalizing on the surface, and it makes a LOT of sense. But let’s talk about WHY it makes sense, and the actual hurdles we have to get there:
Pros:
1) Identity is an orchestrated dance: From creating accounts to assigning access, to authorizing access, to requesting access, to authentication, and so on and so forth. Identity has a lot of moving parts, and one single solution does not solve them all, so it makes sense to have one place to orchestrate this movement of various parts.
2) Build Once Run Everywhere: The efficiency of being able to integrate an application ONCE into an identity platform is very enticing. You’ve set up provisioning, access request, SSO, and privileged management access in one shot. If you need to make a change, you go to one place. Wait…..you hear that? That’s the sound of SI’s screaming as they watch their revenue projections shrink.
Cons
1) All In One Platform means one good product and X shitty ones: Ok, maybe a little harsh, but let’s be real for a second. Current identity products struggle to give you features you want to solve ONE space in identity. Are we sure they can deliver on doing that for multiple? I have reservations, specifically because of my next point
2) Expertise to build all three in one: I don’t think there is a company that has the talent in all the spaces of identity to build a good product. Yup, I said it. The talent pool is too spread out. Now, can they build the talent? Yes. Can they do the whole “MVP” and build just what you need over time and slowly build the next great integrated platform? Absolutely. But it would have to be from the ground up. ( In my humble opinion). Because trying to take a current mature platform, and then transform it into a mashup of new functionality would be REALLY, REALLY hard. The tech debt alone would drown an engineering team for years. And we’ve seen this movie before. Oracle tried this, and the monstrosity offered to the market failed miserably. It was shot and fed to the hogs, and we rarely speak of it.
3) Migration path from siloed to integrated: Is a huge pain in the ass. Not sure customers will be willing to sign up for that 12 to 18-month rollercoaster IF they don’t have to. Good enough is always the enemy of great.
The only way I see this working is that a company must innovate. Either a newcomer to the scene who can challenge the status quo and build with an architecture for a complete platform in mind, or an incumbent willing to lean HEAVILY into restructuring and take the investment dollars to do so.
And because I can hear the detractors screaming now…If you’re a vendor and think you’ve got the solution, you’re welcome to try changing my mind. 😀
The Platform Wars: Converged Identity Inevitable?
15 years ago, a simple quote changed the path of the movie industry: “ I am Ironman.”
The Ironman movie came out and started a 15-year run of superhero movies around some of our favorite Marvel Superheroes. Culminating in 32 movies, and three of those movies make it into the top 10 highest-grossing films of all time. At the center of this run was one villain behind the strings looking to change everything
I wonder if Converged Identity is our Thanos, but not the kill half of all life in the universe.
We’ve been marching toward this path of convergence for a while. First, partnerships between identity companies, then integrations and acquisitions.
Standards and API-first architectures allowed for easier and faster data exchanges. Thus creating more areas of concern to manage, but also making it easier to integrate products to handle them.
All these things lead us to ask: Wouldn’t this be simpler if it was all in one system?
Live long enough and you’ll see that history tends to repeat itself. Especially in technology, what’s old becomes new again. Think cloud computing is awesome? Google “SunRay Thin Client”
Microservices architecture. Yeah, it was once called “SOA” services-oriented architecture.
The difference is; usually, technology improves and offers a vastly different aspect, and/or we’ve reached the threshold of pain in which the current way just has to be replaced. But SOMETHING has to be the driving factor, and while I’m a fan of Converged Identity, I’m not sure we know what that thing is just yet, but I believe it’s coming.
Yeah, but what does the customer want?
Do we really know? Like, really have an understanding of what the customer wants from an identity platform? I’m positive we know what they need, but we humans don’t always buy the things we need; we tend to buy the things we want.
I think this is because identity is such a twisting and turning topic to talk about; I’m not sure enough customers actually know what they want or how to articulate it.
AND therein lies the problem.
Before we go off and build ( too late, I know) and promote the bigger and better mouse trap, I think we need to take a step back and make sure we really understand our customers, and they truly understand us. Let’s face it; we use a TON of acronyms, constantly create new standards, and call our products the same thing that we call the business process. It’s a tad confusing.
Now I’m not saying we don’t innovate; I’m saying we do think a little smarter, and look to build conversational style ways of engagement and build tech that can actually grow and change with the customer.
Ever felt like you were gaslit on the value of tools you tried to leverage? It’s ok, this is a safe space. Well, if you have, or even if you haven’t, join me as I sit down with Johanna Baum of S3, and Aidan Parisian of Fastpath to talk about fresh and innovative approaches to identity management, governance, and GRC. |
Identity Jedi Show Podcast
UPDATE:
The Identity Jedi Show Podcast is getting its own Youtube channel! And man, do I have some good things planned for this channel! All the great content you know and love today and a new LIVE SHOW in which YOU can be a guest star. I’ll be answering questions from the community, and offering you a chance to come and join in on the conversation. Of course, I’ll also bring guests, and some EXCLUSIVE content just for my premium members. My team an I are still building out the rollout plan, but the channel is up and live now; you can go subscribe, hit the bell for notifications so you don’t miss any updates, and get ready for some awesome content.
What did you think of this weeks newsletter? |
The Last Word
Converged Identity is coming, and in some cases, already here. ( I see you Cross Identity, Okta, OneIdentity, etc). But are we just repeating the mistakes of old, by cramming solutions together, or are we truly innovating and creating a purpose-built platform? Some of these current vendors have decades-old architectures, and that’s a lot to change overnight. Ultimately I think it’s the right call to build an all-in-one platform, but there are a lot conversations we need to have about what that should look like, how we shift the conversation, and what new things this platform should bring to this industry. I see a lot of marketing and chest pounding, but I don’t see a lot of “evolutionary” thinking.
Just my four cents.
Till next week
Be Good to each other, Be Kind to each other, Love each other
-Identity Jedi
Reply