First published to the Microsoft 365 Blog on May 22, 2018
Many of the customers I get the privilege to talk with are well along the path to connecting their on-premises systems and applications to cloud services. And for the majority of them, hybrid identity is the first stop of destination cloud. Why is that the case? Because nearly every large enterprise has applications that need to remain on-premises –
So I often get asked for my recommended approach to implementing a hybrid identity strategy. Every organization is different of course, so that’s not a simple question to answer, but no matter what your specific business needs and issues are, we want to make easier for you to plan and execute on every step of your cloud identity journey.
To help with that, we’re going to publish a series of blog posts where we’ll share what we’ve learned from working with 10’s of thousands of organizations as they’ve taken this journey with us.
Based on all these experiences, we have a pretty good handle on what works and what doesn’t work and we want to share it with all of you. There are multiple elements to establishing secure and productive identities in the cloud. We have broken them all down in stages to help you map your business priorities and understand what to implement when. The stages are standardized, modernized and transformed, and we’ve written them to help you create a complete hybrid identity solution that can support a wide variety of business goals.
Over the next several weeks, we’ll walk you through the Eight Essentials for Hybrid Identity that will help you set a solid foundation and learn about the latest technologies, so you can take your strategy to the next level.
To start off, I want to address the first essential to any hybrid identity strategy –
#1 Identity as the control plane
Today, analyst firms report that the average enterprise’s employees collectively use more than 300 software-as-a-service applications (and some estimates are much higher). And that number is rapidly expanding. Between the hyper growth of these apps, the rate at which they change and the business demand to harness new cloud capabilities for business transformation, it’s challenging to keep up. What we’ve learned from customers is that relying on an on-premises identity solution as the control point makes connecting to all these cloud applications a nearly impossible task. Then add on all the user devices, guest accounts, and connected things and you have a major management and security nightmare.
A hybrid identity can help bring order to this chaos. With cloud-based identity as the control point, you can help users be more productive by providing access to apps and devices that are on-premises or in the cloud from virtually anywhere and do so with incredible agility. Just a month ago, during an onsite visit, one of our largest customers shared with me that their average time to onboard and secure a new SAAS app with Azure AD is only 3 days, down from the 60 days it previously took with their on-premises IAM system.
Azure Active Directory makes it easy for you to create a central directory that can connect to all your hybrid resources. You can use the same identities that you set up on-premises with Active Directory to extend to cloud apps and devices –
How do I get started?
With identity as your control point, you can unlock new capabilities such as single sign-on, self-service options for your users, automatic account provisioning (and de-provisioning), conditional access controls and compliance policies, secure collaboration with partners, and more. In the upcoming blog posts, you’ll see how to implement this mindset across these areas and learn about some of the exciting things our engineering team is building to accelerate your transformation.
Download the Hybrid Identity Digital Transformation Framework whitepaper to get a baseline for where your company is and get a sneak peek of the topics we’ll cover in this series.
I hope you’ll enjoy the upcoming blogs in this series and find them useful!
And as always, would love to hear any feedback or suggestions you have.
Alex Simons (@Alex_A_Simons)
Director of Program Management
Microsoft Identity Division