{"id":6962,"date":"2022-05-17T23:48:45","date_gmt":"2022-05-18T06:48:45","guid":{"rendered":"https:\/\/www.strata.io\/?p=6962"},"modified":"2023-09-28T22:00:02","modified_gmt":"2023-09-29T05:00:02","slug":"idql-hexa-new-identity-standard-policy-orchestration","status":"publish","type":"post","link":"https:\/\/www.strata.io\/blog\/governance-standards\/idql-hexa-new-identity-standard-policy-orchestration\/","title":{"rendered":"Introducing IDQL & Hexa: a new identity standard for Policy Orchestration"},"content":{"rendered":"
[vc_row][vc_column][vc_single_image image=”6987″ img_size=”full”][vc_column_text]What\u2019s especially valuable about IDQL\/Hexa is it coordinates consistent policy across cloud platforms and the tech stack. This open-sourced, vendor-neutral approach is needed to expedite adoption across vendors, developers, and business users alike.<\/i><\/strong> Each cloud platform that your enterprise adopts has its own proprietary set of policies.\u00a0<\/span>Then, looking up and down your stack, each layer \u2014 application, identity, data, and network \u2014 has its own version of the policies. So, there’s a multiplying effect with all of the different combinations making it hard to understand which policies are even in place and almost impossible to manage them.\u00a0<\/span><\/p>\n When we talked to our customers as well as IT leaders and decision-makers about this topic, we heard a common refrain: \u201cWe want to have a common policy set that is independent of the target systems,\u201d and \u201cthere isn\u2019t a common way to express policy across all the systems we manage, and that is a huge gap that should be addressed.\u201d<\/span><\/p>\n That\u2019s where IDQL and Hexa come in and what I\u2019m thrilled to be able to introduce to the world.<\/span><\/p>\n IDQL and Hexa are two sides of the same coin, each contributing their part to a Policy Orchestration solution.\u00a0<\/span>IDQL, or Identity Query Language, is the declarative, standardized policy language format that can be translated into a target system’s proprietary or bespoke access policy format.<\/span><\/p>\n On the other hand, Hexa is the open source reference implementation of the IDQL policy standard. Anyone can download and utilize the currently available connectors in the Hexa GitHub <\/a><\/span>repo<\/span>, or they can develop connectors for additional environments to expand the reach of Hexa.<\/span><\/p>\n Hexa is the open source project that makes IDQL operational <\/span>in the real world by connecting to target systems and performing the three main functions of Discovery, Translation, and Orchestration. Together, IDQL and Hexa perform:\u00a0<\/span><\/p>\n Policy discovery<\/b><\/p>\n Policy translation<\/b><\/p>\n Policy orchestration<\/b><\/p>\n The Hexa architecture implements a provider framework enabling connectivity to a wide range of cloud platforms and technologies. Hexa connectors, or integrations, invoke the publicly available APIs of cloud-based and other systems to discover, translate, and orchestrate policy, as described above.<\/span><\/p>\n IDQL and Hexa act together to unify the very fragmented policies that IT administrators, information security officers, developers, and application owners struggle to manage today. With a more cohesive approach, enterprises will have increased visibility and control over sensitive resources. They will be able to report on access settings more accurately and enforce business and security rules in a much more consistent manner.<\/span><\/p>\n By utilizing IDQL and Hexa, any enterprise will gain many benefits, including:<\/span><\/p>\n Developing and supporting industry standards has long been in the DNA of Strata and its founders. As co-authors of SAML, we know what it takes to collaborate with industry partners to bring a new standard to the market. This process starts with recognizing a need or gap within current identity standards when compared to the requirements of enterprise organizations.\u00a0<\/span><\/p>\n A core team of recognized industry pros was created to help refine the vision. Together, the IDQL format was defined, the first versions of the Hexa software were crafted, and preparations were made for submission to the Cloud Native Computing Foundation (CNCF).<\/span><\/p>\n
\n<\/i>– Jack Poller, Senior Analyst for Enterprise Strategy Group (ESG)<\/p>\n
\nCloud computing <\/span>offers many benefits<\/span> \u2014 agility, scalability, efficiency, and speed to name a few. Yet, it also creates big challenges for security and the administration of identity and access policies, especially with the rise of multi-cloud. Recent research reveals that the majority of organizations have at least three clouds and expect to <\/span>use four or more by the end of 2022<\/span><\/a>.\u00a0<\/span><\/p>\nWhat is IDQL \/Hexa?\u00a0<\/span><\/h2>\n
How do IDQL and Hexa work?<\/span><\/h2>\n
\n
\n
\n
<\/h2>\n
What are the benefits of IDQL and Hexa?<\/span><\/h2>\n
\n
\n
\n
\n
\n
\n
Why did the working group create IDQL\/Hexa?<\/span><\/h2>\n