Modernizing application identity at scale

Many organizations are facing the challenge of modernizing their apps to meet compliance requirements, support digital transformation, and respond to mergers, acquisitions, or divestitures.

However, the scale of the number of apps can be enormous, with hundreds of business-specific apps serving different business units and functions distributed across international operations — not to mention accumulated legacy apps from M&As.

Why is app identity modernization so hard?

Compounding this, tight time frames for these projects put intense pressure on meeting milestones, especially in divestiture scenarios with strict transition timelines.

Additionally, many apps simply can’t be rewritten, making the manual approach impractical from a timing and cost standpoint. Commercial off-the-shelf applications are often closed source, making it impossible to rewrite them to upgrade the identity provider to a modern identity technology.

Custom enterprise apps require about six months of custom coding (adding up to $150,000 per app) to rewrite the app to work with a different identity provider, making it extremely challenging to modernize and improve the security of hundreds or thousands of apps without rewriting them.

Related reading: Highlights from the State of Multi-Cloud Identity Report 2023

Step-by-step guide to modernizing application identity

How can organizations modernize and improve the security of thousands of apps without rewriting them? The solution is Identity Orchestration. Here’s a step-by-step guide to modernizing application identity using Identity Orchestration:

Step 1: Inventory your apps and identity providers, including the platforms and technologies each app uses. This will help you understand the current state of your identity environment and identify areas that require modernization.

Step 2: Analyze and classify the applications so you can prioritize the modernization project. Rank the apps by how mission-critical they are and whether they support standards-based identities like OIDC or SAML, or whether they have legacy-based identities such as HTTP headers and cookies. This will help you prioritize which apps to modernize first and what tools you will need.

Step 3: Analyze and classify the identity providers based on whether they are modern or legacy — and whether the identity system runs in the cloud or on-premises. This will help you understand the different identity management systems in use and identify opportunities for consolidation.

Step 4: Integrate your identity management providers using an abstraction layer (identity fabric). This layer will act as a single pane of glass for all identity-related activities, streamlining the management and maintenance of your identity environment.

Step 5: Use identity orchestration software to decouple the apps from identity management providers and then orchestrate the user session from the legacy identity provider to the modern identity provider. Do this in prioritized groups of apps, starting with some initial successes, and then expanding to more apps. Identity orchestration can do all this without the need for custom coding.

Step 6: Use this process to deploy advanced security capabilities like passwordless authentication to your legacy and unmanageable apps. With identity orchestration, authentication options can be upgraded with an easy rollout to your apps. This will improve the security of your applications while reducing the complexity of your identity environment.

Benefits of modernizing with Identity Orchestration

If you choose to augment your modernization project with an Identity Orchestration solution, there are a few additional benefits you could see, which include the following:

• Eliminating the need for custom coding, reducing the time and effort required to migrate to modern identity systems.
• Making it possible to simplify and reduce infrastructure costs by retiring legacy identity systems to break lock-in and expensive license extensions.
• Improving the security of applications by supporting modern identity providers, passwordless authentication, and a consistent access policy for all apps.

Related reading: Overview of the Total Economic Impact™ of the Maverics Identity Orchestration Platform

By following the steps outlined above, organizations can modernize their identity infrastructure in a controlled fashion while improving security and reducing costs associated with rewriting applications.

This article was originally written by Eric Olden and published by Forbes Technology Council on May 3, 2023. View the article on Forbes.