What’s in a word? When it comes to “service,” it can be a lot.
You wouldn’t think a simple word like “service” could have people scratching their heads. And yet there’s one use in particular that seems to be creating some confusion: it’s the meaning of “service” in the term “Identity as a Service.”
At Simeio, our business is Identity as a Service — commonly abbreviated as “IDaaS.” Now, when many people hear the term “Identity as a Service,” they inevitably draw a parallel to “Software as a Service” — or “SaaS” — and rightly so. At their core, the two concepts are very similar: to free companies from the cost and burden of owning, maintaining and managing the infrastructure required to deploy a specific capability by offering the same functionality on a subscription basis.
In the case of IDaaS, the capability we’re talking about is Identity and Access Management (IAM) — the combination of technologies and expertise that enables the right people (and only the right people) to access the right network resources for the right reasons.
With SaaS, there’s very little ambiguity over what “service” you get: the provider will host, manage and maintain the SaaS application, guaranteeing you a specific level of availability as prescribed in a service level agreement (SLA). But this isn’t the case with IDaaS. The confusion arises because different IDaaS companies can mean very different things by “service.”
For some IDaaS providers, “service” simply means that they provide the raw IAM capabilities but you are required to operate and manage them. It’s like hiring a gardening service but instead of mowing your lawn and trimming your bushes, they simply drop off a mower and a set of clippers and expect you to do the rest. It begs the question: can you really call it a “service” if the provider expects you to do the job of managing it?
Many IDaaS firms adhere strictly to the SaaS model in that they are pure cloud-based solutions. Indeed, for most people “SaaS” and “cloud” are virtually synonymous. So when we tell people that Simeio is an IDaaS firm that provides managed identity services using any combination of your IAM infrastructure or ours, in the cloud or on-premise, they often get a strange look on their faces. Isn’t it an oxymoron to say, “on-premise IDaaS”?
Of course, we don’t think so. We think it shouldn’t matter where your IAM systems are. What matters is how well your IAM needs are being met. To keep our analogy going, at the end of the day, when you simply want your lawn mowed reliably and expertly, whether the gardener uses his mower or yours doesn’t really matter much.
The other thing that varies wildly is the breadth and depth of “services” that are actually offered by firms that call themselves IDaaS providers — in other words, there is no single definition of what “IDaaS services” are. Many of these companies offer only a limited set of services — and by “services,” they really mean “capabilities” — such as Single Sign-On (SSO). Many are also limited to integrating with cloud-based solutions only; they don’t work with legacy applications or offer any sort of customizable integrations or workflows. Gartner calls these firms, such as Okta, OneLogin and Centrify, “web-centric IDaaS providers” to distinguish them from what it calls “full-featured IDaaS providers” such as Simeio.
Seven key questions to ask when choosing an IDaaS provider
In short, the lesson is that not all IDaaS firms are equal — far from it, especially when it comes to what they mean by “service.” So if you’re looking for a company to handle your IAM needs, you might ask these seven key questions:
- Do you offer a full, end-to-end set of enterprise-grade security and identity capabilities, including:
- Access Governance
- Identity Administration
- Privileged Identity Management
- Access Management & Federation
- Core Directory Services
- Security and Risk Intelligence
- Data Security and Loss Prevention
- Cloud Security?
- Do you provide these capabilities as a managed service backed by stringent service level agreements (SLAs)?
- Do you offer complete operational services including:
- Provisioning and de-provisioning
- Application onboarding
- System maintenance
- Incident/ticket resolution
- Software installations
- Enhancements and bug fixes?
- Do you offer advanced monitoring, alerting and reporting capabilities such as user behavior analytics to detect and prevent aberrant or unauthorized access attempts?
- Do you integrate with legacy systems as well as cloud-based services?
- Can I use any combination of your IDaaS platform and my own infrastructure?
- Are your solutions vendor and technology agnostic – that is, will you tailor the right set of solutions to meet my unique needs regardless of what company’s technologies are required?
At Simeio, we’re proud to answer “yes” to all of these questions. While the IDaaS industry may be confused over what “service” means, we’re not. Simeio is the leading provider of Managed Identity Services – the only true full-service provider – offering the industry’s most complete set of security and identity capabilities as a managed service. We’re committed to providing a higher level of service to ensure your complete satisfaction – nothing less will do if we dare say we offer Identity as a Service.
Vice President of Product Management