{"id":1357,"date":"2022-10-05T06:00:59","date_gmt":"2022-10-05T13:00:59","guid":{"rendered":"https:\/\/www.strata.io\/?p=1357"},"modified":"2023-10-06T08:23:51","modified_gmt":"2023-10-06T15:23:51","slug":"hybrid-identity-fragmentation-across-on-prem-and-azure","status":"publish","type":"post","link":"https:\/\/www.strata.io\/blog\/identity-access-management\/hybrid-identity-fragmentation-across-on-prem-and-azure\/","title":{"rendered":"Addressing hybrid identity fragmentation across on-prem and Azure AD"},"content":{"rendered":"
[vc_row][vc_column][vc_column_text]<\/p>\n
[\/vc_column_text][\/vc_column][\/vc_row][vc_row el_id=”s1″][vc_column][vc_empty_space height=”30px”][vc_column_text]<\/p>\n
Chances are pretty good that you’re right in the middle of a cloud migration or hybrid identity plan of some sort. The recent Flexera State of the Cloud Report found that 93% of enterprises have a multi-cloud strategy, and 87 percent have a hybrid cloud strategy<\/a>. Fifty-nine percent of enterprises expect cloud usage to exceed prior plans due to COVID-19.<\/p>\n Meanwhile, during this transition, users, apps, and data spread across on-premises and cloud platforms. Enterprises are squeezing the last bit of life from legacy identity systems before they reach end-of-life. Each cloud platform brings its built-in identity system to the party. The legacy identity systems aren’t flexible enough to solve cloud identity challenges. Unless rewritten, often at a high cost, on-premises apps don’t support the standards used by cloud identity systems. Siloed, fragmented identity<\/a> is the unanticipated result of running hybrid infrastructures.<\/p>\n Building i<\/a>nteroperability between on-premises identity systems, which tend to be proprietary, and cloud systems, which support open standards, is complicated, labor-intensive, hard to maintain, and manual. Additionally, ownership of the hybrid identity solution is unclear at most companies, and politics get in the way of effective and efficient implementations. The bottom line is that identity fragmentation holds back cloud migration and digital transformation, and companies are in great need of a solid hybrid cloud strategy. <\/span>[\/vc_column_text][\/vc_column][\/vc_row][vc_row el_id=”s2″][vc_column][vc_empty_space][vc_column_text]<\/p>\n Delving further into the management of hybrid identities<\/a> and hybrid cloud and on-prem strategy, we see that users, profile data, and attributes are duplicated or scattered across on-premises and the cloud.<\/span> Specifically, decades-old tools and processes manage the allocation of on-premises identities across disparate systems: LDAP directories, databases, in-house HR systems, and Active Directory. Cloud providers manage identities using modern practices, standards, and APIs, but each cloud provider’s APIs expose unique ways to manage users, attributes, roles, and policies.[\/vc_column_text][vc_empty_space height=”12px”][vc_column_text]<\/p>\n [\/vc_column_text][vc_row_inner][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner][vc_column_text][\/vc_column_text][vc_separator][vc_empty_space][vc_column_text]<\/p>\n [\/vc_column_text][vc_column_text][\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner][vc_column_inner][vc_empty_space][vc_column_text]These are the characteristics of a fragmented identity system. This fragmentation leads to confusion for administrators, poor user experiences, a lack of executive visibility into access policies and how they are enforced, and a weakened security posture.[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row el_id=”s3″][vc_column][vc_empty_space][vc_column_text]<\/p>\n Strata and Microsoft work together to transition on-premises applications to use Azure AD as the principal identity repository and provide authentication and access control for on-prem apps. Strata extends Azure AD to protect these on-prem apps with no app rewrites and no user experience changes enabling secure hybrid access<\/a> which is far more enterprise user-friendly. <\/span><\/p>\nChallenges Managing Hybrid Identity<\/h2>\n
Let’s look at what happens when three different users (Alice, Bob, Carly) and profile attributes are created and managed in different identity systems spread across on-premises and the cloud.<\/h4>\n
\n
Now let’s look at this from the perspective of the applications.<\/h4>\n
\n
Secure Hybrid Access with Strata and Azure AD<\/h2>\n