How to Modernize your Legacy IAM System
If you have been asked to minimize your growing identity and access management (IAM) costs or support new business initiatives such as digital transformation, it might be time to modernize your legacy IAM.
A contemporary customer identity management platform expands on the conventional capabilities of a legacy IAM system to support current business initiatives while enhancing the overall security posture and simplifying maintenance and deployment costs. Keep reading to know how to modernize your legacy IAM:
Have an Application Inventory
Understand the inventory of applications that your legacy system is managing. If this has been already documented in a human-readable format, then you are ahead of the curve. But, if you haven’t you can take advantage of identity management tools that offer capabilities to export applications under management to help you get the inventory.
Prioritize Applications you Want to Migrate
Experts recommend that you start with the low-hanging-fruit applications and going to the hardest ones. Low-hanging-fruit apps are those with supportive owners who wish to get off legacy for different business reasons. Also, they include applications that have the least number of customizations. Because the process is both business and technical in nature, ensure both stakeholder categories are involved. Establish a set of repeatable prioritization criteria based on the priorities of your company and use this to iterate through your application inventory.
Document the Use Cases that Require Migration
These cases are those used by the IAM platform for the applications. For Single sign-on (SSO), these use cases should be the authentication policies, attributes that must be returned and any authorization policies. But, they can also be complex things such as custom plugins. For identity management, the use cases could include understanding the involved workflows and the tributes mapped out from sources to target.
Add a New Layer of Value
This can be done by extending the use of case to enhance security, user experience, performance, and privacy. Try to avoid retrofitting legacy architecture and customizations into the new system. Use this opportunity to see the reason why you have made such customizations and determine their relevance. In case a legacy application should be left as it, think about using an identity gateway to modernize around the application until a migration is completed. For applications that you can migrate, embrace capabilities such as intelligent authentication, progressive sign-up, and others. Apart from getting the necessary business buy-in, this step is important to help ensure users will better accept such changes.