Navigating the New Hybrid: Multi-Cloud, Identity Orchestration, and Security First IAM

Data Provided By and in Partnership With

The word “hybrid” used to mean one thing: a mix of cloud and on-premises environments. But times have changed. Today, hybrid is less about blending cloud and on-prem and more about multi-cloud environments that also include legacy systems. ( Yeah, those AS/400’s aren’t going anywhere)

The challenge?

This new hybrid world brings a host of problems when it comes to managing identities, privileges, and access controls. If you’re relying on your old playbook, you’re in for a rough ride.

Luckily our friends over at Strata recently published the State of Multi-Cloud Identity 2024, which gives some great insights into this new era of identity. It coincides perfectly with some of the discussions I’ve been having with customers about how to tackle identity in this new evolving world. You know I LOVE data and this report is FULL of some good data, so let’s dive into some interesting stats.

The New Definition of Hybrid: Multi-Cloud + Legacy Systems

Right now, 75% of organizations are managing two or more identity providers (IDPs), and 11% are juggling five or more¹ . That’s not just hybrid anymore—it’s full-blown multi-cloud. These environments span public clouds, private clouds, and those legacy on-prem systems we can’t seem to shake. This fragmented landscape makes identity management incredibly complex, and the stakes couldn’t be higher. From ensuring seamless access across platforms to dealing with downtime, the complexities of multi-cloud mean we need a new way of thinking about hybrid identity.

In a world where companies are trying to balance multiple IDPs, the familiar challenges arise: inconsistent security policies, lack of interoperability, and difficulties managing privileges. 65% of organizations say their top challenge in multi-cloud environments is managing access controls across disparate systems.

Let that sink in.

We’re talking about environments so complex that organizations are struggling just to keep up with who has access to what, in just one IDP.

The Shift from IT Administration to Security

Traditionally, identity management has been viewed as an IT administrative task—just one of those back-office necessities to keep systems running smoothly. But that thinking is outdated. Identity has rapidly evolved into a security-first priority. The shift is clear: instead of treating identity like a basic user directory, organizations are starting to see identity as the gateway to securing their most critical assets.

Enter Identity Orchestration and Identity Threat Detection—two game-changers in modern identity strategies.

Identity Orchestration: Simplifying Complexity

One of the biggest challenges with managing hybrid environments is the sheer complexity of dealing with multiple systems. That’s where Identity Orchestration steps in. Think of orchestration as the control tower for your multi-cloud identity systems. It automates and coordinates identity processes across different platforms—whether it’s cloud, on-prem, or hybrid—allowing organizations to standardize security policies, automate provisioning, and ensure that identities are managed holistically, no matter where they live. ( If you’re going down a multiple IDP architecture, or are currently in one, this is going to be important)

The key benefit? Interoperability. With orchestration, you can seamlessly integrate multiple IDPs and systems into a cohesive identity fabric. This means you no longer need to worry about inconsistent policies or the lack of visibility across platforms. 73% of organizations admit their current identity tools fall short in managing identities across multi-IDP environments . Orchestration solves that by simplifying the management of these systems, giving security teams a unified view and control of identities across the entire infrastructure.

Identity Threat Detection: Moving Beyond the Admin Role

The second pillar of this shift is Identity Threat Detection (ITDR). As identity becomes more central to security, it’s no longer enough to just manage access—you need to actively monitor for threats. ITDR focuses on identifying unusual behavior patterns, privilege escalations, or suspicious access attempts. 65% of organizations say better visibility would significantly improve their ability to detect and respond to identity-based threats .

This is where identity shifts from being purely administrative to becoming a frontline defense mechanism in your security stack. Identity threat detection tools help you monitor, in real time, how identities interact with your systems, whether it’s a user behaving suspiciously or an application acting outside its usual parameters. This shift is crucial for a zero-trust approach, where verifying identities and monitoring their actions in real-time becomes a core part of securing your infrastructure.

Rethinking IAM Strategies for the New Hybrid

With these new tools in mind, how do you approach identity in the evolving hybrid landscape? One thing is clear: the piecemeal approach isn’t working anymore. You can’t just throw solutions at individual pain points. It’s time to look at your IAM strategy holistically—and that means bringing everything from privileged access management (PAM) to identity governance, to threat detection, under one roof.

Privileged Access Management in a Multi-Cloud World

The new hybrid environment poses serious challenges for Privileged Access Management (PAM). Traditionally, PAM focused on securing elevated accounts in a single environment. But now, with users accessing multiple clouds, managing privileged accounts has become much more difficult. 40% of organizations admit they don’t have sufficient visibility into user behaviors , and when you can’t see what privileged users are doing across platforms, you’re one click away from disaster.

Cross-platform PAM strategies are essential. You need a solution that handles access in every environment—cloud, multi-cloud, and on-prem—all while providing real-time analytics on who’s accessing what and when.

Identity Governance and the Hybrid Problem

Now let’s talk identity governance. Governing identities used to be simpler—managing access for users in a centralized system. But with hybrid environments, governance becomes a massive headache. 73% of organizations report their identity governance tools don’t meet the needs of managing identities across multiple IDPs .

Hybrid environments demand identity governance tools that can enforce policies consistently across platforms. Without this, organizations risk compliance failures, slower operations, and increased vulnerability.

The Hybrid IAM Challenge: Complexity and Scale

Here’s the truth: hybrid environments—whether we’re talking multi-cloud or cloud/on-prem—bring an unprecedented level of complexity and scale to identity management. You can’t focus on just one area of IAM anymore. Trying to manage identities, privileged accounts, and governance independently is like trying to fix a plane while flying it.

Oh and I haven’t even mentioned non-human identity yet. I don’t want your head to explode. I care too much about you.

The only way forward is a unified strategy. Identity orchestration and threat detection need to be baked into your IAM architecture to give you the visibility and control you need across your entire infrastructure.

Tactical Steps to Get Started

Ok so that was a lot. I get it. Some of you reading this may be heaving a small panic attack right now. But don’t worry we’ll get through this. Let’s look at some actionable steps you can take to get started.

1. Assess Your Multi-Cloud Footprint

• Do a thorough audit of your current IDPs and cloud platforms. How many are you managing? What systems are they integrated with? Start by understanding your landscape.

2. Implement Identity Orchestration

• Look for tools that can automate and orchestrate identity management across your hybrid environment. This will streamline workflows and ensure consistent enforcement of security policies.

3. Integrate Privileged Access Management (PAM)

• Ensure your PAM tools work across all environments—cloud and on-prem—and provide real-time visibility into privileged user activities.

4. Automate Governance

• Automate access reviews, provisioning, and compliance checks across all systems. This will reduce manual errors and improve operational efficiency.

5. Prioritize Visibility

• Implement tools that give you real-time insights across your hybrid environment. As the report shows, 40% of organizations struggle to monitor user behaviors , so make visibility a top priority.

Conclusion: It’s Time to Step Up

Hybrid identity is evolving. It’s no longer just about integrating cloud and on-prem systems—it’s about managing identities across multiple clouds and legacy systems. The complexity is real, but so are the solutions. If you’re looking to dive deeper into the challenges and strategies for managing hybrid and multi-cloud environments, check out the full State of Multi-Cloud Identity report. It’s packed with insights, stats, and actionable advice that can help you get ahead of the game.

1  Strata.IO: State of Multi-Cloud Identity Survey 2024