Register for free and continue reading

Join our growing army of changemakers and get unlimited access to our premium content

Login Register

Tech Explained: Identity as a Service

How does IDaaS work, and how could it deliver a password-free world?

While we’re still trying to remember our passwords, tech is moving toward a password-free world, or at least a one-password world. The key to achieving this may be Identity as a Service (IDaaS) – cloud-based identity authentication that is built and managed by a third party. So, how does IDaaS work, and how could it deliver a password-free world?

How IDaaS Works

As more applications move to the cloud, software needs to deliver security and authentication within the cloud itself. This is because cloud computing brings many new requirements for managing user identity. For example, smart, connected devices in the Internet of Things (IoT) will need a way to manage authentication without users needing to remember the password for their toaster or lighting system.

In fact, for many types of businesses, cloud-based authentication is becoming important. A recent survey by Kleiner Perkins found that the average enterprise uses 91 cloud-based marketing services and 90 cloud-based HR services. It is not practical to remember separate login credentials for all of these, let alone have the IT department organise new credentials every time an employee changes devices. This is where IDaaS comes in.

Identity as a Service is related to identity and access management (IAM). These are protocols used by businesses to manage the network access privileges of individual network users and when they are granted (or denied) access. Those users might be customers or employees. Generally, IAM systems provide a single digital identity (such as a password or fingerprint) for each user. Once that digital identity has been established, it must be maintained, modified and monitored, using IAM software, for as long as the user has access to the network. 

There are a number of different tools available for providing IAM. Some of these include password-management tools, security enforcement applications, B2B applications, customer management systems, reporting and monitoring apps and identity repositories. IDaaS is a way to deliver IAM from the cloud.

While traditional IAM systems tend to be designed and managed in-house, IDaaS allows organisations to move the provision of complex, multi-factor authentication to the cloud. This not only saves companies money and time, it also allows even small businesses to meet the highest standards of security and regulatory compliance.

What IDaaS Is Used For

IDaaS can be used for a number of different applications. One use is adaptive multi-factor authentication. This is where users submit multiple factors, such as passwords and biometrics, to gain entry to the network. It is much more secure than single-factor identification (e.g. a password).

Another application is single sign-on. This allows users to sign in only once and gain access to all programs and resources they are authorised to use. 

A third application for IDaaS is a universal directory. This is a central, system which ensures that only those users with the right security permissions can access restricted data.

Benefits of IDaaS

A chief advantage of IDaaS is cost savings. Authenticating identity on site can be costly. It often requires a team to maintain servers, manage software, back up data, and more.

With IDaaS, users pay a single subscription fee. IDaaS also provides improved security, along with a seamless and secure process that can be used from anywhere. IDaaS also allows a multi-tenant model, where the vendor can issue updates, security fixes and performance improvements to every customer at the same time.

How Companies Are Using IDaaS

The advantages and cost savings make IDaaS attractive, and an increasing number of companies are developing cloud-based IDaaS systems.

For example, IDaaS start-up Okta provides cloud-based, adaptive multi-factor authentication using the firm’s own Okta Identity Cloud. This allows Okta to provide what it calls a ‘unified identity layer’ in the cloud. This layer acts as a type of authentication barrier that works to provide security across different networks and systems, such as customer systems and workplace systems.

Autho is another innovative IDaaS start-up. The company has recently secured $55 million in funding to develop its Universal Identity Platform, which can secure web, mobile, IoT, and internal applications. As more and more applications move to the cloud, IDaaS could become the primary way to provide authentication.