<img src="//bat.bing.com/action/0?ti=5794969&amp;Ver=2" height="0" width="0" style="display:none; visibility: hidden;">

How to Choose an Identity Management Provider

[fa icon="long-arrow-left"] Back to all posts

[fa icon="pencil'] Posted by Lewan Solutions [fa icon="calendar"] December 22, 2017


Guest post by Todd Moore, a Technical Architect at Lewan Technology.

We are living in a world where we are facing digital technology disruption in every organization and every industry.

Forbes reports that an average of 65 cloud applications are being used in enterprise size companies. With that comes the growing concern of how we can allow employees to quickly access information in a fast and secure manner. 

Enter Identity Management.

Identity Management (IDM) enables the right individuals to access the right resources at the right times and for the right reasons.


Providers such as Microsoft Azure Active Directory and DUO allow an organization to implement and extend Multi-Factor Authentication (MFA) and Single Sign-On (SSO) to their cloud applications. This can assist in provisioning, de-provisioning while increasing security.

Let’s take a look at the key features of an Identify Management solution and some standout features of Azure and DUO.

Consider these stats from AdWeek:

  • The average employee has 17 personal and 9 work passwords.
  • 21% of people use password that are over 10 years old.
  • 47% of people use password that are at least 5 years old.
  • 73% of online accounts are duplicate passwords.
  • 65% of breaches are due to leaked credentials.

In today’s web-driven world, we are signing up for site after site and who wants to remember hundreds of unique, secure, hard-to-guess passwords? We don’t and these stats back it up. Unfortunately, our penchant for reusing the same password on multiple sites is also the reason we see so many security breaches – if a hacker can get one password, there is a 73% chance he can use that same password to access other accounts. 

Too many passwords to manage!

Microsoft surpassed 100 Million Office 365 users in 2017 and most companies are just using a default identity solution and multiple application passwords.

What if you could consolidate workloads to use a single login password while removing the security threat that comes with duplicate passwords for multiple applications?  

Wouldn't life would be great if there was only one password?

SSO means being able to access all of the applications you need to do business, by signing on only once using a single user account. Once signed in, you can access all of the applications you need without being required to authenticate (for example: type a password) a second time.

Microsoft Azure


Providers such Microsoft and DUO can extend additional security capabilities to include on-premises and over 3,000 SaaS applications (cloud-based apps like Salesforce, Office 365, Concur, ADP, WebEx to name a few of the most common). They also allow multi-factor authentication, which I'll discuss in more detail next.

Multi-Factor Authentication

Multi-factor authentication (MFA) is a method of authentication that requires the use of more than one verification method and adds a second layer of security to user sign-ins and transactions. Think of this as first having to unlock your front door with a key, then with a keypad code. In most cases, the user will receive a pin or code to complete the verification process.

Authentication methods include:

  • Phone Call
  • Text Message
  • Mobile App Notification
  • Mobile App Verification
  • 3rd Party OATH

Password Reset

Using Microsoft Azure AD can grant the capability of implementing a self-service password reset (SSPR) portal. This will reduce helpdesk calls and empower employees. This is a benefit to any company when you consider these facts:Lewan-IDM-Multi-Factor-Authentication.jpg

  • Most organizations using Office 365 do not have an easy way to reset passwords.
  • 20% of helpdesk calls are password related.
  • Users are able to reset their own passwords with just a couple of clicks.
  • Most companies are able to pay for EMS, just for the password reset value.

Test your users’ ability to spot phishing emails

…Before you are hit with a real one.

DUO allows administrators to run a phishing campaign, which sends a fake phishing email to the company and then identifies who clicked on the link that you told them not to click on. 

When it comes to picking the right IDM provider for you, the solutions are similar but each is going to have subtle differences or added features that will determine which is right for your business. This is where we shine—let us help you evaluate, implement and maintain your IDM solution to free up your help desk and enable your end users. Contact Us today to learn more!

Topics: Email Security, Managed Infrastructure & Helpdesk, Data Security, Information Security

Lewan Solutions
Written by Lewan Solutions

  • View & Submit Comments

[fa icon="envelope"] Subscribe to Email Updates

[fa icon="comments-o"] Follow us

Get even more great content, photos, event info and industry news.

[fa icon="calendar"] Recent Posts