Technology Reseller - v10

01732 759725 PRODUct OF THE MONTH 26 Access all areas across on-premise and public-cloud resources. Speaking at the launch of OneLogin Access, Garret Bakker, Principal Security Analyst at 451 Research, said that demand for a unified access management solution was a consequence of Hybrid IT and the proliferation of security products, with some companies buying, deploying and managing as many as 30, 40 or even 50 separate security solutions. “Most firms have far too many security tools in the on-prem world, and we are also seeing separate tools emerge for securing cloud. These tools only work in one of these environments and not both, so instead of making our lives easier they are layering on more stuff we have to manage. If security tools can work across both on-prem and the cloud, they can go a long way to making our lives a lot easier,” he said. Bakker added that, with 46% of firms likely to still be running workloads on-prem in 2019 and with one third of companies having repatriated apps and data from the cloud, Hybrid IT will be with us for the foreseeable future. “Hybrid IT is not a temporary, transitional phase that is going to last for the next 5-10 years. It may be an end stage in and of itself. This means we will be running workloads in a variety of locations – on-prem datacentres, co-lo facilities, hosted private cloud etc. – for a long time to come and our security tools will need to be able to address a wide variety of architectures.” www.onelogin.com To find out more about OneLogin Access, James Goulding, Editor of Technology Reseller (TR) , spoke to OneLogin CEO Brad Brooks (BB) about the benefits of the new product for businesses and their users. TR: It has taken a long time for such a product to be brought to market. Is it very complicated? BB: From an underlying technology perspective, yes, it is. It requires a cloud- based infrastructure, like nobody else has, that uses Docker containers running on an x86 machine in the customer’s location. But from a user perspective, it significantly simplifies how they manage their on-prem applications. It’s much simpler for the customer and requires less hardware and less software licensing from different vendors. So, from our standpoint, yes, there is a complexity in what we have been building over the last nine months. But from a customer standpoint, it is much simpler to run and costs less. TR: Are there similar products in this space? BB: No. We think we’ve got a real head- start in the marketplace. If you look at the comments that both Gartner and Forrester have made about the product, it is a unique solution. OKTA doesn’t have it yet; Microsoft doesn’t have it. We are the first with this unified approach towards identity and access management, relying on a cloud-based architecture. TR: Why is that so? You would have thought it was an obvious development. BB: There are a couple of things that have complicated its development. One, you have a lot of incumbent players that have not been going in this direction because they don’t have a cloud-based architecture to support it. Then, for newer players that come at it from the cloud, like we did, it does require a level of engineering and architectural investment. Because the market for managing just cloud apps has been growing so fast, it’s hard to judge when you should get into the on-prem piece and create a whole unified architecture and when you should just carry on doing what you’re doing. When do you jump? We made the decision that now is the right time to jump. We’ve had too many large global enterprise customers asking for this to ignore it any longer. OneLogin claims to have stolen a march on the competition with the launch of OneLogin Access, the first Identity-as-a- Service (IDaaS) solution to unify access management for on-premise and cloud applications. OneLogin Access gives customers a ‘single pane’ management console for managing access to cloud applications, traditional on-premise applications (such as Oracle and SAP), networks and devices. Use of standard protocols like SAML enables organisations to secure legacy applications with a variety of authentication factors (including adaptive authentication, which benchmarks typical user behaviour and detects anomalies) and monitor them with out- of-the-box security information and event management (SIEM). The company claims that having a single cloud-based Unified Access Management Platform integrated with Active Directory enables companies to modify access privileges across all applications in real time, rather than in days or weeks, and can slash access management costs by 50% or more. OneLogin research suggests that there is huge pent-up demand for such a solution. In a survey conducted by Arlington Research for OneLogin, 98% of IT decision-makers said they were either ‘extremely’ or ‘very’ interested in such a product. A separate study by McKinsey & Company found that 60% of respondents expect to rely on a third-party access service that supports multiple public-cloud environments and unifies access controls Most firms have far too many security tools in the on-prem world, and we are also seeing separate tools emerge for securing cloud Identity-as-a-service provider OneLogin has unified access management for on-premise and cloud applications Brad Brooks