The Challenges With Legacy Directory Services
Organizations around the world pursuing Zero Trust, Cloud Security, and Digital Business initiatives are now constrained by IAM and customer IAM (CIAM) solutions built on decades-old LDAP directory services. These older directories aren’t designed to work with modern cloud-based APIs and identity protocols such as OAuth, OpenID Connect, and SCIM. They aren’t optimized for the emerging Zero Trust model that depends on directory-enabled APIs for access to any and all resources. And yet, they are still used to support most, if not all, of the applications and services in conventional organizations’ IT environments. Many IAM teams would like to replace legacy directories, but must first untangle production applications’ complex dependencies on the directories’ schema, operational models, or custom integration “glue.”
Once-popular LDAP directory solutions such as Sun/iPlanet, CA eTrust, Novell e-Directory, IBM Directory Services, and Oracle Internet Directory are reaching end-of-life status. When this happens, customers are at risk of running unsupported directories at the center of their cybersecurity infrastructure. Other older directories, though still supported, are overly expensive and unfit-for-purpose due to the rapidly changing IT and application landscapes.
Coupled with this, organizations are in the throes of migrating decades-old Microsoft Active Directory (AD) architectures to Microsoft Azure AD (AAD). This creates a significant amount of work to ‘clean up’ the often poorly governed AD structure before it can be migrated to AAD. In summary, many organizations are now faced with significant directory modernization challenges.
Our Solution: Directory Migration
We offer a Directory Migration service to help you establish modern directories integrated with identity services that will be:
- Cloud-aware and integrated, making use of current and emerging cloud-based IAM services that extend directories (such as Azure AD, the Okta Universal Directory, and the PingDirectory) into as-a-service models.
- Designed and deployed to enable Zero Trust security by serving up scalable runtime authentication and contextual authorization services.
- Exposed using standards and modernized integration points such as abstraction layers and API gateways.
- Deployed on viable, supported, and cloud-aware microservices-based platforms that can replace the existing directory infrastructure with minimum service disruption.
- Made cost-effective through intense fit-for-purpose solution evaluation, design, and deployment recommendations.
The goal of our offering is to rapidly assist your organization to migrate away from end-of-life, overly expensive, or unfit-for-purpose directories. With our 30 years of Directory Services design solution and IAM deployment expertise, we can help you discover requirements and dependencies, plan a successful directory migration, and make the right decisions for modernizing your organization’s internal and customer-facing directories.
We can fast-track your Directory Migration program by coordinating a focused current-state investigation, business, and technical requirements capture, and solution evaluation steps augmented with well-designed instruments we have developed over many engagements. Depending on the size of the organization, the number of locations, and availability of resources, we can typically complete a directory migration plan in four-to-six weeks.
Benefits Of Migrating & Modernizing Your Directory
At the conclusion of the engagement, we provide your organization with:
- Documented business and technical requirements for modernizing and future proofing your directory service and integrated identity capabilities.
- Vendor evaluations and recommendations with insightful rationale.
- A risk-informed action plan with clear instructions on where to focus in the next 30-60-90 days.
- Clearly articulated success criteria for each action in the plan so that you’ll know exactly when each action has been successfully completed.
- An infrastructure that enables Zero Trust, Cloud Security, and Digital Business initiatives.
Can we help you explore opportunities for directory migration?