eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Recent cloud services compromises have demonstrated the importance of controlling identities for access to cloud-delivered services. Afterall, usurping identities has become one of the main attack vectors for cyber criminals today. However, identity information is usually stored in silos, which require management and synchronization across services, which can allow mistakes to go unnoticed and malicious activity unchecked.
Those very same issues grow exponentially once enterprises move into multiple cloud environments, where identities and credentials are stored independently on each cloud service and become even more vulnerable to compromise. Boulder, CO based Strata aims to tear down those identity silos and bring visibility to those that want to regain control over identities and improve cybersecurity. Strata calls their offering an Identity Fabric, an apt name for a platform that brings identity orchestration and automation to multi-cloud environments.
A closer look at the Strata Identity Fabric
The developers at Strata recognized a common failing among multi-cloud solutions, one that could be summed up as each cloud having its own identity silo. In other words, users of cloud services, such as Microsoft Azure, Google Cloud Services, Amazon Web Services and many others would have to maintain a separate silo of identity, authentication, access control and policies for each cloud service, which in turn exponentially complicated identity management as new cloud services were added from different cloud providers.
The reality today is that enterprises are using multiple clouds and are looking for the flexibility to be able to move across multiple clouds and maintain control of identities and entitlements. Something that amounted to a massive undertaking for enterprises in the throes of digital transformation. Strata addresses the problem of disjointed and fragmented identity silos with a digital fabric that ties identity together into a single managed entity. In other words, those managing identities on numerous clouds could eliminate the practice of supporting numerous identity management systems and move identity management to a single pane of glass.
Simply put, unified identity management across multiple clouds becomes a reality with Strata’s take on multi-cloud identity management. Not only are identities made consistent across clouds, but also policies, as well as the fundamentals of access control, authentication and so forth. Which should prove to be a tremendous time saver for any organization, and of course make tasks like auditing and compliance a bit easier.
Hands on with the Strata Identity Fabric
To fully appreciate what Strata is all about, one has to do a deep dive into the best practices of establishing a distributed model for identity management and cloud security. For example, solving the dilemma of multi-cloud identity problems means leveraging decentralization, where a distributed architecture can be tied together using the concept of a fabric, which can tie clouds (hybrid, private, and public) together, along with on-premises systems.
Strata approaches the concept of a fabric with its platform approach, where it creates a distributed identity model that is centrally managed, yet connected to the various cloud services. The company uses something called Maverics Zero Code Connectors, which operate as connectors to various cloud services using standards, such as SAML, OIDC and SCIM. By leveraging agreed upon standards, custom code is not needed to create multiple identity integrations across multiple clouds and multiple applications. Perhaps it is best to think of those connectors as an abstraction layer that creates one-to-many relationships for identities.
The advantages of that approach are numerous and give administrators the ability to create unified policies, as well as consolidate rules, groups, entitlements, and so on into something akin to the concept of identity as a service, where unified management becomes the norm. What’s more, concepts such as MFA (multi-factor authentication), cross-platform compliance, auditing and ease of migration all become a reality for an organization.
Strata offers in-depth information on gateways to illustrate active processes
Starta offers a browser-based management console (or dashboard) that offers a single pane of glass view into the status of identities across the integrated clouds and identities. From the management console, administrators can drill down into policies, identities and so forth. Several visualizations are available to further help define the relationship between an identity and services, applications, and clouds.
There are several tools available to consolidate identities and create policies, as well as deploy connectors. From the end-user perspective, Strata offers the appropriate dialogs for a user to log in and be authenticated to the applications and clouds they have rights assigned to. What’s more, MFA can be implemented for additional security, as well as a SSO paradigm to make things simpler for end users to access applications, without introducing the complexity of multiple sign-ons, or creating additional risks with multiple, separate security policies.
Policies are easy to define, as are rule sets which drive access. Activity is logged, allowing administrators to create reports on access, as well as validate compliance, or even investigate security problems. The visual representations of connections and policies further ease the burdens of creating and managing identities. There are also tools that can be used to migrate identities to new clouds (applications), as well as creating the due diligence around assigning entitlements.
Strata uses a “no-code” approach for deploying connectors, which makes deployment easy, requiring no downtime or custom integration work. By leveraging standards, new connectors can be created quickly as new cloud services become available.
Conclusions
Strata’s approach to solving the multi-cloud identity orchestration problem proves effective. The company earns recognition for its ease of integration, visual representations and its ability to quickly consolidate identities without creating excessive burdens. For enterprises looking to bring identity management into a distributed, yet unified paradigm, Strata offers an elegant approach. The company also offers an interactive demo for those seeking more information.
Frank Ohlhorst is a veteran IT product reviewer and analyst who has been an eWEEK regular for many years.