Consolidation vs Best-of-Breed: Designing Your Identity Security Strategy

A recent One Identity survey of IT security professionals found that 51% of respondents use more than 25 different systems for identity management, and 21% have more than 100 different systems in use. Many of these multi-vendor tools and solutions are difficult to integrate with each other, leading to poor visibility over user accounts and increased risk.

Compounding this problem is the rapid increase in multi-cloud environments and remote users, resulting in identity sprawl and identity-centered security vulnerabilities. Quick to take advantage of this risky environment are cybercriminals – compromised and stolen credentials have been behind many headline attacks in the last 2 years, including Colonial Pipeline and JBS in 2021.

The emergence of consolidation

Fortunately, there is a new trend in identity security that is helping organizations close cybersecurity gaps and put in place an identity-centric approach. Consolidation is the driving force behind unified identity security solutions that centralize control and lowers risk.

The consolidated approach has emerged as a popular security strategy because it delivers easy to deploy solutions, simple integration, no interoperability risk and often a lower Total Cost of Ownership (TCO). It’s also easier to manage, generally requires less specialist expertise and, of course, provides much needed visibility across all your identities.

Gartner predicts that by 2025, “70% of new access management, governance, administration and privileged access deployments will be converged identity and access management platforms.”

Behind the scenes, convergence is possible for the following 3 reasons:

1. Vendor consolidation through mergers and acquisitions: For example, One Identity’s acquisition of OneLogin has resulted in the full integration of all our identity management technologies into a single, cloud-first Unified Identity Security Platform.
2. IAM use-case feature consolidation: With more vendors providing unified capabilities, Gartner Research has identified that 1 in 4 organizations are pursuing a cybersecurity vendor consolidation strategy.
3. Functional convergence is also increasing: As identity security has become a core part of all organizations’ security strategies, vendors have expanded their product suite and already offer a combination of IAM, IGA and PAM services.

In our report Identities and Security in 2021: A Global Survey of Identity and Security Stakeholders, 62% of IT security professionals surveyed said they see value in a unified platform for access and identity management.

What is a consolidated strategy?

As with many new concepts there are often differing interpretations of what it actually means. This can lead to disparate solutions that don’t offer the full benefits of a true consolidated security strategy.

For example, while a consolidated or converged IAM platform (CIP) may have started life as separate products, to be a truly converged solution they need to be fully integrated into a single platform to maximize security control and governance across the entire IAM spectrum.

However, some vendors are offering ‘consolidated’ solutions that don’t have the full integration and functionality you should expect from a true solution. This might be a result of a merger or acquisition where the vendor has expanded its portfolio of products, but they are still managed separately in different platforms.

Consolidation vs. standalone best-in-breed solutions

Consolidation delivers the following key benefits, compared to onboarding standalone best-in-breed solutions:

1. Improved organizational risk posture

With centralized control across all products within the unified solution, you get full visibility on all your identities and no unknowns existing in siloes. With full visibility you can close cybersecurity gaps and improve your risk posture.

2. Consolidated support

Pre-validated solutions are guaranteed to work together and are easy to deploy with no finger pointing to integrate them. There is no interoperability risk.

3. Total Cost of Ownership

As deal size increases, costs come down. When comparing the cost of standalone solutions vs. consolidated, you would expect to find savings with a consolidated approach.

4. Greater flexibility

Consolidation optimizes workflows and eliminates redundant ones, enabling your organization to operate more efficiently. Solutions are flexible so they scale with your needs.

5. Streamlines correlation

Consolidated identity security solutions fully integrate with other products or services in the stack to correlate all identities and verify everything before granting access to critical assets.

6. Rapid time to value

Consolidated solutions are a faster way to bring the value and protection of identity-based security to your organization than conventional standalone deployments.

Consolidation is more secure

Vendor and solution sprawl can create vulnerabilities as multiple solutions are difficult to monitor, manage and maintain, and there may be unknown gaps in your security where products don’t quite provide the coverage needed.

More products equate to a greater drain on your resources, spreading your security team thin and often needing more specialist skills. When you don’t have those skills or capacity to carry out upgrades and patching in a timely way, it increases your risk.

Cybercriminals love an organization with a complex and fragmented security architecture as there are more opportunities to breach your network through gaps in security. The solutions themselves also increase the attack surface if they’re not properly secured.

Consolidation also leads to better decision making as it provides single-pane-of-glass management and uses single–pass architecture to give you access to real time data and analytics.

Is consolidation right for you?

There are scenarios where a standalone best-in-breed solution is a better choice than a consolidated approach.

Some organizations, especially those that require very specialist identity security tools, may still benefit from best-of-breed solutions. These are often not available as part of a consolidated solution or, when they are, they’re not sufficiently mature to give you the full functionality required.

However, these cases are becoming the exception as the consolidation trend sweeps up these more specialist solutions and integrates them into converged platforms. If you’re an IT security professional with complex requirements, it’s worth exploring vendors’ technology roadmaps to see what their direction of travel is for the solutions you need.

Because of the capability and capacity constraints most organizations face, the benefits outlined above far outweigh the value of best-in-breed solutions. At the same time, it’s becoming less of a ‘one or the other’ choice as some identity security companies are best-in-breed for multiple products and offer these as consolidated solutions.

To find out whether consolidation is right for you, answer the following questions:

1. Are you experiencing identity sprawl?
2. Has the number of identities your organization manages increased significantly in recent years?
3. Do you think you have users with more privileged access than they need to do their job?
4. Are you worried about credential-based attacks?
5. Are you using multiple different systems to manage your identities?
6. Do you suspect that you have cybersecurity gaps in your security architecture?
7. Would you like to improve your security posture?

If you answer yes to any of the questions above, consolidation could deliver some tangible benefits and help you sleep easier at night.

To explore how unified identity security can close cybersecurity gaps, help you manage identities more effectively and save money, watch our video here.