The document discusses the evolution of identity management (IDM) systems, highlighting the need for contemporary solutions to meet modern requirements. It emphasizes the advantages of utilizing existing technologies creatively, such as multi-tenant designs and automated rollouts. The importance of iterative feature deployment is underscored, suggesting that starting anew may not be as beneficial as optimizing current systems.

1. SPINNING NEW THREADS WITH
EXISTING IDENTITY SYSTEMS

2. 2
About iC Consult
FOUNDED IN 1997
120+ EMPLOYEES
OPERATIONS IN 4 COUNTRIES
2 SERVICE BRANDS

3. Times have changed
3
NowThen
HR

4. Cloud Use Cases
Shift in the design center
• High scale & high availability @ low cost
– Rapid deployment to dozens of environments
– On-demand change in capacity
– Multi-tenancy
– Personalized app presentment on login
– Data firewall & data sharing
– Frequent, iterative rollout of features
– Account creation flows
• Vetting through private (not corporate) email
• Device registration on a personal device
• Password reset with auto-login
• “Page 2” functionality
• Multiple personas (i.e., business & consumer)
– Custom UI for users, admins, and CSR’s 4

5. Architectures have changed
NowThen
Corp
Data
Center
Corp
Pla-orm
Elas1c,
Virtualized
Compute
Service
PaaS
App’s
1
2
3
• Always
on
• Unscheduled
elas1c
compute
• New
features
rolled
out
bi-­‐weekly
• Very
low
overhead
Packaged
IDM
Products
Out-­‐of-­‐the-­‐box
UI
UI’s
…n

6. Meanwhile, IDM products have changed little
• Existing products are what they were
• Core architecture unchanged
• Standards and practices are evolving
– But many of the new protocols are “bolted on” to existing architecture
• Scale, performance requirements outpacing
product improvements
6

7. So is IDM as we know it out of its league?
7
Current Requirements
IDM Products

8. Shipping products will never meet contemporary needs
IDM Products:
– it matters less what you use than how you use it
8

9. We’ve helped companies solve contemporary problems
with existing technology
• Multi-tenant LDAP design
– Product teams were surprised by the approach, but
endorsed it in the end
• Progressive profile creation
– From low-barrier to validated accounts
– Validation UI’s
• Automated rollout
– Reduces errors and saves time
– Iterative feature deployment
• API-level access controls
9

10. In Summary…
• For identity and access products, creative and
destructive processes are ongoing
• Starting over rarely saves time or effort
• Use the technologies available to the best of their
abilities

11. IAM EXCELLENCE
iC Consult Americas LLC
222 S. Main Street, Suite 500
Salt Lake City, UT 84101
E-Mail: contact@icconsult.com
www.icconsult.com