{"id":4228,"date":"2021-06-07T13:51:38","date_gmt":"2021-06-07T20:51:38","guid":{"rendered":"https:\/\/www.strata.io\/?p=4228"},"modified":"2024-02-02T10:31:36","modified_gmt":"2024-02-02T18:31:36","slug":"5-step-identity-app-migration-from-siteminder-to-azuread","status":"publish","type":"post","link":"https:\/\/www.strata.io\/blog\/app-identity-modernization\/5-step-identity-app-migration-from-siteminder-to-azuread\/","title":{"rendered":"How to migrate from SiteMinder to a modern identity provider in 5 steps"},"content":{"rendered":"

[vc_row][vc_column][vc_column_text]\"Image[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]Some versions of SiteMinder<\/a> have reached their end of service<\/a> or end of life (EOL) date. Many customers <\/span>running on end-of-service versions have been left with the decision of either migrating to a new, modern identity provider or staying and dealing with the hefty lock-in fees.\u00a0<\/span><\/p>\n

If you\u2019ve been avoiding that elephant in the room, you\u2019re not alone.\u00a0<\/span><\/p>\n

In this post, we\u2019ll look at the\u00a0<\/span>challenges keeping enterprises<\/span><\/a> from migrating their apps and identities off legacy identity providers like SiteMinder. We\u2019ll also introduce Strata\u2019s 5-step process for app and identity migration from SiteMinder. <\/span>This process will give you a clear path forward so you can put your mind at ease.<\/span><\/p>\n

Apps on legacy IDPs are incompatible with modern identity systems<\/span><\/h2>\n

According to the\u00a0<\/span>2023 State of Multi-cloud Report<\/span><\/a>, 79% of enterprises use two or more identity providers (IDPs), an 18% increase from 2022. They are also having to manage a hybrid state of on-prem and multi-cloud.<\/span><\/p>\n

Only one-fifth of enterprise organizations in the report have been able to get the majority of their workloads off legacy, on-premises identity systems to the cloud, and just 20% believe they will ever be able fully to move to the cloud.\u00a0<\/span><\/p>\n

The harsh reality for many enterprises is the consistent struggle with identity modernization<\/a> barriers like source code and resourcing, with 78% of respondents still facing those hurdles. Why? Because moving apps and identities is hard \u2014 since old, on-premises systems aren\u2019t built for modern cloud systems. Traditionally, before an app could be moved, the code needed to be rewritten to be compatible with a cloud system. For some apps, it simply isn\u2019t possible to recode.<\/span><\/p>\n

What are the challenges of moving applications off a legacy, on-premises IDP?<\/h2>\n

Migrating apps off legacy systems<\/span><\/a>\u00a0like SiteMinder is difficult and riddled with complications.\u00a0<\/span>Here are a few of the challenges you\u2019ll deal with:<\/span><\/p>\n

Apps are stuck in legacy, on-premises systems
\n<\/b>The first big challenge is that apps are stuck. Since you started developing apps, hundreds \u2014 if not thousands \u2014 of applications have been installed and integrated with your company\u2019s legacy identity environment.<\/span><\/p>\n

These applications can\u2019t be moved to the cloud, because they\u2019re tied into the legacy IDP and running on-premises. It would take a major code rewrite to make the apps adaptable to the cloud.<\/span><\/p>\n

Modernization can be lengthy and costly
\n<\/b>The second challenge is the cost \u2014 both time and money. It\u2019s incredibly expensive to rewrite applications, and it typically takes at least six months per app. Those numbers add up quickly, especially with hundreds or thousands of applications.<\/span><\/p>\n

Sometimes it isn\u2019t even possible to rewrite applications because you don\u2019t have source code. Even if you custom-built the application, you may not have the technical bandwidth or a team with the knowledge to rewrite the application.<\/span><\/p>\n

Moving apps to the cloud is complicated
\n<\/b>Each application uses a different language to handle the user session, so IDPs can’t speak to each other. In the modern world, apps use SAML or OpenID Connect, while legacy systems use headers, cookies, and Kerberos.<\/span><\/p>\n

The challenge here is that there are many different ways that the application expects to consume identity; it\u2019s just not a straightforward path.<\/span><\/p>\n

Should you use a \u201cbig-bang\u201d or \u201clift & shift\u201d approach to migrating apps and identities off on-prem IDPs?<\/h3>\n

There are two ways to approach an app modernization project: \u201cbig-bang\u201d or \u201clift-and-shift.\u201d A big-bang approach may seem like a good idea when there is a need for speed, but it almost always backfires. Inevitably, there will be a hiccup, and you\u2019ll have to start from scratch.<\/span><\/p>\n

The lift-and-shift approach involves moving apps and identities incrementally. Not doing everything all at once allows the two worlds of the cloud and on-premises to coexist. From this perspective, you need to be able to work with both identity systems simultaneously.<\/span><\/p>\n

The 5-step process for app and identity modernization<\/h2>\n

Identity Orchestration is a new approach that automates the modernization of applications and users to the cloud.\u00a0<\/span>Our 5-step process for app and identity modernization includes:<\/span><\/p>\n