App Identity Modernization

Modernize your apps and get off the identity treadmill

Feet running on a treadmill |

Imagine you’re a software developer in a large organization. You’ve just spent months, maybe even years, rewriting code for hundreds of applications to meet the latest identity practices. Countless hours and significant resources were poured into this project, and finally, it’s done, and you’re ready to move on to the next challenge. But then the security landscape shifts. New authentication protocols emerge, and suddenly you’re back at square one.

It’s like being on a treadmill that never stops.

App modernization never ends if it involves rewriting code 

The above scenario is an unfortunate reality for many organizations. As identity practices continually evolve, developers must rewrite code to accommodate new authentication protocols. This process can take months and cost millions of dollars, especially when hundreds or thousands of applications are involved.

In the cloud-focused world of securing applications and data, an unrelenting arms race has developed between attackers and defenders. Unfortunately, the attackers often have the upper hand. To keep up with the latest threats, organizations must support new identity standards and adhere to security best practices such as passwordless and multi-factor authentication (MFA) to minimize their attack surface.

However, the dynamic nature of these standards and best practices presents a significant challenge. It’s like trying to hit a moving target while running. Thankfully, there are solutions and strategies an organization can deploy to overcome these challenges and finally step off the “identity treadmill.”

Navigating the ever-changing landscape of identity standards

Let’s delve into the fluid nature of identity standards, the time-consuming process of retrofitting applications, the impact on developers and innovation, the historical evolution of identity practices, and the challenges of introducing new best practices

Fluid nature of standards and best practices

The key issue about identity standards and best practices is they are not static — they continually evolve in response to the changing threat and technology landscape. As they change, applications must be rewritten to adapt to these new norms. 

The time-consuming process of application retrofitting 

Adapting to identity standards is not a quick fix; it can take months to retrofit just one application to meet the new standards. This constant cycle of adaptation and retrofitting is a treadmill that many developers find themselves stuck on. 

Impact on developers and innovation

Developers dislike the identity treadmill because it diverts their attention and resources from innovative new projects and forces them to focus on application rewriting – updating and modifying an existing app to incorporate new features, technologies, or standards to improve its performance, security, or compatibility. 

This constant adaptation cycle stifles innovation and distracts the organization from investing in new business use cases. Ultimately, it’s a lose-lose situation for both the developers and the organization.

Evolution of identity practices

Historically, identity practices have evolved from simple passwords to hashed passwords to second-factor authentication and more. With constant evolution, developers often have to rewrite software that is still useful and in demand to keep up with security and identity best practices.

The challenge of introducing new identity best practices

One of the most significant challenges associated with this constant evolution is the introduction of new identity best practices. Recent examples include the layering of OpenID Connect (OIDC) in Continuous Access Evaluation (CAE), and the expansion of Fast Identity Online (FIDO) into passkeys. While beneficial in enhancing security, these new practices require substantial system changes.

Golden gate paradox: an analogy for constant updates

It’s like painting the Golden Gate Bridge: there is always a spot on the bridge that needs painting, so the work never stops. They just keep painting it — the part they are painting looks brand new, while the rest looks old, faded, and chipped.

Organizational implications of identity modernization costs 

The implications of these changes can be frustrating for organizations. Many have just recently “modernized” their identity systems, investing significant labor and capital in the process. Now, they find themselves needing to once again overhaul their systems to accommodate the latest best practices.

Remember, identity modernization isn’t just a financial investment; it’s a commitment of time and human resources. 

Worse is the realization that their newly modernized systems are already outdated due to the emergence of new best practices. 

This cycle can be particularly challenging to manage from an organizational perspective. Stakeholders, such as executives or board members, may question the need for continual investment in system updates, especially if they’ve just approved significant expenditures for modernization. 

Convincing stakeholders of the necessity for further changes can be a difficult task, requiring clear communication about the evolving nature of security threats and the importance of maintaining up-to-date systems.

The labor, capital, and time required for these updates can strain resources, and there’s always the looming question: “Is this worth doing?”

Getting off the identity treadmill

Despite the challenges described above, leveraging an innovative identity management solution is an effective strategy. Businesses and app developers should look for a platform that offers a comprehensive approach to managing identity and access across multiple clouds and on-premises environments. 

A best-of-breed solution supports new identity standards and security measures without the need to rewrite applications.

These solutions provide a unified identity layer that abstracts the complexities of identity and access management. The identity layer allows applications to interact with a consistent identity interface, regardless of the underlying cloud or on-premises environment. Meaning, applications can support new identity standards and security measures like MFA without extensive retrofitting.

How Identity Orchestration ends the cycle and enables innovation

Strata’s Maverics platform, for example, offers a range of features designed to enhance security and streamline identity management — including support for passwordless authentication and MFA as well as advanced features like risk-based access control and adaptive authentication. 

Identity Orchestration should be vendor-agnostic and work with all clouds and identity services. Organizations can keep pace with evolving identity standards and implement more robust security mechanisms without constant refactoring. This approach saves time and resources, and allows developers to focus on innovation. 

The cloud security arms race may be relentless, but organizations can keep pace and gain an advantage with the right strategies and tools.

Sign up today and try Maverics for free. You’ll be able to secure any app with any identity provider fast. 

Modernize any app with any IDP in minutes. Join the 'Orchestration Kitchen' workshops.

Topher Marie

CTO & Co-founder