IAM

You’ve got a powerful ERP solution that helps with resource planning and does a great job of it. There’s no doubt that its SAP.

But, while SAP has Single Sign-On (SSO) to its own solution and to apps that connect with it, it is left outside of the scope of SSO and Provisioning that connects all apps within your Identity and Access Management solution.

SAP is a thick-client app, and pretty much nobody wants to integrate with these kinds of apps. They rationalize that, someday in a distant future, thick-client apps will be entirely replaced by web-based apps, and therefore that their solutions are future proof.

But this future is not very likely and is not the real reason that the bulk of the industry has no solution for these apps. It is because thick-client app support is cumbersome and expensive to develop – and because developing such as solution has a poor ROI as only a small fraction of all business apps are of this kind. It is monumentally cheaper to just provide IAM for web-based apps and bottom-lines are padded nicely.

But you need support for thick-client apps. A security system is only worth its weakest link. Certain industries like banking and manufacturing choose to use thick-client over web-apps for security reasons. It’s safer to use apps that are local when important financial information is being processed. Devices used in the manufacturing industry also must function on thick-client apps because they are not networked by design. And even if you do not fall in one of these categories, you still use apps like SAP. With such a critical app left out of your SSO solution, your security and productivity fall to a lower rating.

ILANTUS Niche Identity, Compact Identity and Cloud Identity solutions all integrate seamlessly with SAP and other thick-client apps. We hold several patents for the technology that enables us to do this and we are the only vendor in the industry who can properly SSO and Provision to thick-client apps.

ILANTUS cares about security and about improving the productivity of your organization. We engineer our products based on 18 years of experience serving customers and know what makes a solution real and viable. That’s why we developed thick-client support, and that’s why you should choose us as an IAM vendor.

Most Identity and Access Management solutions have a rough usage of features of around 50%. They are built with one thing in mind – to improve bottom-lines by catering to the common denominator of customers. These are ‘one-size-fits-all’ solutions and the features that they include are what make products just ‘useable’ by all possible kinds of customers. There is no R&D for catering to specific needs. Often, these products are developed with glitzy features that represent the latest trends – not features that form a solid IAM foundation and serve the real needs of organization. These products have a low overall usage of functionalities, a lack of tailored features (for your industry or size segment), and a heavily bloated price as SMBs pay the same price for solutions that are designed for the pockets of large enterprises.

Here’s a fact that supports these statements: despite the still-quite-prevalent use of thick-client (desktop) apps such as SAP, next to zero vendors have solutions that integrate with these kinds of apps. The latest trend in Information Technology is the Public Cloud, and because every organization uses Web apps (almost every organization uses thick-client apps too, in truth – just to a lesser degree), vendors only support these kinds of apps and encourage customers to migrate to the cloud. While the Cloud is a powerful (and rapidly becoming essential) technology, it goes without saying that this mentality is not one of serving customers needs by researching what their requirements are and developing their products accordingly. It is a mentality of trying to cater not to real needs but trying to attract customers with the pretense of ‘the latest technology.’

ILANTUS refuses to be party to this kind of behavior. Born in 2000 of a genuine recognition that organizations need data and identity protection and streamline IT security, we have learned from our countless customers that what really works is what is really needed. We realized that the SMB segment was overpaying grossly for solutions that were not built for them. We decided to develop Compact Identity. Compact Identity is public-cloud compatible but is not just another cloud solution. Sporting on-premise and private cloud compatibility too, it was built for SMB pockets and requirements from the ground up. It possesses patented thick-client Single Sign-On capability which is entirely unique in the industry, and with a 95% overall usage rate of its features that are essential to SMB IAM, it is the only product of its kind. It is rich yet simple and agile but powerful and is built with SMB budgets and IT staff limitations in mind.

Why pay more for features that you will never use while missing out of features that you absolutely need? Don’t become a victim the archaic, seller-centric mentality that plagues the vendor landscape today. Compact Identity promises a superior solution at a fraction of the price.

State of the Industry and What It Really Should Be Like

The Identity and Access Management industry is running low on trust now. The industry seems to be flourishing, but is everything really chipper? The CEO of of ILANTUS reveals that “Only 1% of customers in this industry are getting what they need at the right price. Organizations are not getting their entire IAM problems solved.”
The naked truth is that the industry would not exist if it were not for bad actors. If hackers and cyber-criminals did not exist, there would be no IAM. This is not an industry that is based on providing goods and services that people naturally need or want. It is born out of a dark necessity.
Cybersecurity, IAM included, ought to be an industry that is not centered around making profits – it should be based on what’s right. It should be about good people protecting other good people. It needs guardians who feel passionate about serving the greater good – not businessmen who are after a quick buck. The landscape is upside down now. There seem to be many vendors that are selling great products. But it is just a matter of time before, like the pharmaceutical industry, people start getting riled up about organizations who are not thinking about public betterment but only about profits. And even if that time comes decades from today, it is a matter of principle and ethics that participants in this industry start bearing the flag of goodwill and caring. It is simply absent today.

And Justice For All…

ILANTUS was born not of an untapped business opportunity but of the recognition that people need protecting. The Enron scandal and the Sarbanes-Oxley Act (SOX) that followed were the real cause for the emergence of this industry. The purpose of the act was to “protect shareholders and the public from fraudulent practices in enterprises.” ILANTUS recognized not an opportunity to mint money, but a genuine need. We entered the domain with the purpose of setting ourselves about to solve the problem of cybersecurity and fraud. This is why the company has existed as long as it has and despite extreme financial turmoil. We have a vision and a purpose that is meaningful. We want to serve and protect.
ILANTUS started out as a service company – implementing solutions from behemoths such as IBM and BMC. In 2012, we felt that the needs of organizations were not being served by the solutions that existed. We start developing our own products. Difficult as it was – especially since we were not doing too well financially at the time – we started moving our resources into creating products that would be genuine cures for the malady of cybercrime.
6 years later, we are now ready with a suite of products that serve pretty much all use-cases. Our solutions have been thoughtfully developed and innovation not for innovations sake – but for keeping ahead of bad actors – has been core to what we have created.
We now say around the office with a smile, ‘round pegs for round holes’ and ‘cybersecurity for everyone and cybersecurity for each’. This is our bloodline – our essence. Organizations and their customers deserve to operate freely for their honest causes of enriching the economy and providing goods and services that people need. We can’t have blackhats running around ruining everything for everyone.
We do not price competitively – we price for your needs. Even the smallest of organizations can afford our products because we want them to. Nobody is ever turned down, and the quality of our service is the same whether you are a small startup or a Fortune 500 company. Our vision is a world where cybercrime is thwarted where it stands, our mission is to provide powerful and cost-effective solutions that suit the needs of different segments, and our goal is to do this quickly and effectively.
We at ILANTUS believe in our company and its direction. We know the needs and that we have fickle and determined opponents. We stand to serve and protect and care about what we do.

The Identity and Access Management market is still defining itself in terms of products, services and sellers. While, like in any industry, there are already market leaders, newcomers, and niche players, not all vendors (even the top ones) here offer everything possible that all organizations might need. Exercising discernment in the selection of a seller and/or a technology here is of extreme importance.

Here are 3 simple tips for evaluating an IAM vendor:

1) Be aware of who you are and what your needs are. Match vendors based on this information.

Technologies and vendors that are not industry standard can often suite your requirements much better. You must know, clearly, what kind of company you are (size, sector, organizational structure and goals).

For instance – if you are a small or medium sized organization and in a high threat industry (perhaps you process very sensitive data), you might want a cost-effective IAM package with powerful modules for Single Sign-On (SSO) and Password Management plus Access Governance (since your insider threats will be as big or bigger than outside ones.)
Not all players offer all of this, and those that do are often too expensive since they typically sell each module as a separate solution.

Likewise, an organization in a high staff-turnover environment will need an able Lifecycle Managementsolution. Here, you must look for a vendor that specializes in this area.

Another example is if you are looking to migrate your IAM environment to the Public Cloud, you will need to find a company that specializes in what is called Hybrid Identity. Such a company alone will have the tools and knowledge to integrate your old technology seamlessly with the Public Cloud.

These are just a few examples, but do your research, ask your potential seller to help you identify your needs, or even hire an IAM consultant so that you really know what you need and who can provide it.

2) Look for quality delivery of the core functionalities that are essential to you.

Vendors may pad their armor with hyped-up functionalities such as support for BYOD, Mobility, Big Data etc. However, you might need to assess whether their modules for basic SSO, Password Management, Lifecycle Management or Access Governance possess adequate depth.
For example – provisioning to Active Directory® and cloud applications may not be the most important thing if you need a quality Workflow Approval feature or enterprise application connectors.

You may also use a lot of thick-client apps in your organization. Many industries such as Manufacturing, Banking BPOs and Pharma use such apps daily. To support these apps, technology is required that is uncommon in the industry today. You will need to find a quality niche vendor in this case.

3) Ask about implementation times, procedures and for case studies.

Businesses in this industry often fail to deploy and sustain their solutions not because of flaws in their products but due to inexperience and a lack of services capability.
IAM systems often need extensive implementation. Some companies are extremely slow, taking over a year to implement their solutions – watch out!

The IT industry is full of solutions that may sometimes have a division between the creation of the product and its implementation. Find out if your vendor is the creator of the product that they are offering to implement, and vice-versa – ask if they are going to implement the product they are offering you or outsourcing. In most cases, you want to buy a solution that has been created and is being implemented by the same business. The total cost is often much lower, support and implementation times are reduced, and troubleshooting is much easier.

With Identity becoming the newest (and final) attack surface for hackers, IAM is your last line of defense and will soon become an absolute necessity. The consumer Identity and Access Management (IAM) market is expected to grow from USD 16.00 billion in 2018 to USD 37.79 billion by 2023. As your organization boards this train, keep in mind these 3 tips from IdentityInsider. It will orient you correctly in your search phase and save you the frustration of choosing the wrong vendor.

We all have it and we all suffer from it: Password Overload. Six out of ten businesses say that remembering passwords has a negative effect on user productivity. Password overload is a real problem not only when it comes to being able to remember all those passwords, but it is a password security risk that can put an entire organization in danger.

In a recent Digital Guardian survey, 30% of the respondents told the survey that they had too many passwords to count. And no wonder because the average email address in the US is associated with 130 accounts (think about that and how many accounts you are associated with!). And as we all know, difficulty in remembering passwords can not only drive us crazy, it also drives a risky behavior.

So, what’s your behavior when it comes to finding a way to remember passwords?
Could your habits be a threat? Do you have a tendency to reuse old passwords? Do you write down all your passwords on a piece of paper? Do you keep them in a file on your computer? Do you keep them in a file on Drop Box? Do you save them as contacts on your phone? Do you have an opportunity to use a password manager? Is your behavior risky?

It is clear that people rely on a multitude of tactics to remember their passwords for the many digital services they access. Far too many users rely on outdated and insecure password practices because remembering passwords is so hard, people often use the same easy password for multiple accounts and that’s a hacker’s dream – 90 percent of employee passwords can be figured out in six hours, according to Entrepreneur.com while 68% of people want their companies to provide an extra layer of security.

According to industry analyst Gartner (http://www.gartner.com), the midsize enterprise operational environment is not “a simplified variant of large enterprises. They need most, if not all, of the IT capabilities a large enterprise needs, just at a lesser scale”. Gartner expounds that “midsize enterprises need to execute within the bounds of a limited IT budget (usually less than 20 million.)” The IAM industry is still in the Dark Ages when it comes to midsize organizations. Vendors have been turning a deaf ear to the needs of the segment as it is easier to create generic products than it is to create options. ILANTUS illuminates this black shadow with Compact Identity.

Compact Identity is a revolutionary product that has been created specifically for SMEs and their typically tight pockets. It fulfills all of Gartner’s recommendations for ‘IAM for the midsize sector’ and goes a mile further. Compact Identity is a compressed IAM solution that is not just a ‘simplified variant’ of large enterprise IAM.

Compact Identity sports Single Sign-On, Password Management, User Lifecycle Management and Access Governance modules. Other vendors will require you to purchase multiple products – often from different developers – to meet all your needs. You will typically pay an arm and a leg – and buy features that you do not need and miss out on features that are tailored to your size of organization.

Here are some other facts from Gartner. They say that “1 in 4 midsize enterprises does not have a dedicated information security role in-house” and that “<50 in IT Midsize enterprises are faced with organizational design and staffing limitations (usually fewer than 50 people in IT.)” Compact Identity is built to suit such environments. Due to its simplified user experience and automated architecture, it requires minimal IT skill and personnel involvement to function optimally.

Another fact is that “security is always listed as a primary challenge for midsize enterprises Year on Year.” The challenge is the availability of solutions that fit SME budgets and that are built for them, and not for large enterprises.

One last ringing truth is that “midsize enterprises are increasingly being targeted by advanced attacks from sophisticated hackers.” This is a reality within our ‘age of opportunity’. Large enterprises are no longer the kingpins that they once were – and nor are they any longer the sole target of malicious attacks. Your midsized company is also a potential target. The only solution is to recognize this new landscape and realize that IAM is no longer a luxury.

Finally, Gartner asserts that “’good enough’ security exposes midsize enterprises to unacceptable risk levels; exceeding ‘good enough’ security impacts budgets.” Compact Identity provides ‘good enough’ security with ‘more than enough’ features.

ILANTUS is unique. We care about providing solutions suited to your needs rather than to common, overarching requirements. We honor your uniqueness with Compact Identity.

Gartner predicts that by the end of 2018, $93 billion will be spent every year on cybersecurity. And yet, breaches have risen by 45% in 2017. These numbers are not in sync. IAM is of emerging importance within the field of cybersecurity and according to Forrester, global spending on it will exceed $13 billion by 2021.
The main reason for this discrepancy is a slip between the cup and the lip – the adoption of the purchased and implemented cybersecurity solutions is low.
No matter how much is spent on IAM technology, it is useless if employees do not utilize it.

The main reason for low adoption is the same reason humans as a race are slow to change – behavior simply holds inertia.

Combating this inertia is a matter of perseverance and creativity. The invention of Single Sign-On and Auto-Login from a Windows Login are already on the right track. Patience and tenacity aside, the use of technologies that are designed with simplicity and user-friendliness in mind can go a long way in encouraging adoption.

A secondary reason is that existing systems are still quite cumbersome and rely too much on help-desks. The element of bureaucracy and the wastage of time and energy involved in dealing with help-desks can be discouraging. Multi-Factor Authentication (MFA) increases security exponentially but also adds more steps between a user and his access. Biometrics are now becoming cost-effective but are still not an industry standard.

Time and creative inventions from vendors are required to bridge this gap.