C-HIT: Identity as a Service (IDaaS) - A Transformational Approach to Identity Management
Dr. Yuri Radams, C-HIT’s Chief Transformation Officer, states, “Historically, organizations developed identity management systems using a combination of COTS products and custom solutions. The legacy approach of performing identity management through an on-prem installation of a COTS product has numerous downsides besides the scale factor. These include increased costs of products and infrastructure, one-size-fits-all development as opposed to a lean approach, and harder integration with downstream systems.” Dr. Radams noted that these were the very issues troubling a federal healthcare agency when it selected C-HIT for modernizing their identity management system to a cloud model.
“It’s no surprise that adoption of the cloud for scaling IT services eventually caught up to the world of identity and access management,” says Dr. Radams. “Implementing identity management in the cloud affords the flexibility to scale on demand to meet ever-increasing business needs, along with the ability to promote lean services for workflow and role management. Moreover, the promotion of a subscription model provides organizations the ability to leverage identity management activities in a service-based model as opposed to the single, monolithic approach.”
So, how did they do it? Having supported the initial undertaking at the client agency as a subcontractor, C-HIT learned numerous lessons as part of that effort.
Some of these included customizing the solution to the identity management requirements of the various consumer types, providing a scalable infrastructure, and a obtaining a clear and concise understanding of the user experience. Leveraging this understanding, C-HIT transitioned the agency’s identity management system to the cloud leveraging Okta for providing the core identity management functionality. C-HIT’s transformation to an Identity as a Service (IDaaS) model allowed the agency to take advantage of features such as single sign-on, multi-factor authentication, and role management and provisioning as identity services, as opposed to custom integration, as was the case with the on-prem model.
The service-oriented nature of IDaaS has allowed us to incorporate the Scaled Agile Framework (SAFe) naturally and seamlessly. That, combined with DevSecOps in the cloud, has resulted in predictable and sustainable service delivery
Another aspect of C-HIT’s transformation has been the application of Agile principles. “We wanted to avoid the perils of a release-all-at-the-end, or Waterfall, methodology,” stated Dr. Radams. “The service-oriented nature of IDaaS has allowed us to incorporate the Scaled Agile Framework (SAFe) naturally and seamlessly. That, combined with DevSecOps in the cloud, has resulted in predictable and sustainable service delivery.”
The next phase of migration, which C-HIT regards as a key element of its transformation initiative, is applying a decentralized and repeatable set of methodologies, inherent in the IDaaS model, which ensure scalable and accurate integration and least disruption for users. “As the IDaaS services are deployed and become operational, C-HIT will continue to collaborate closely with our client for achieving their identity management vision. We are confident that the inherent scalability in our solution, if leveraged properly, can be expanded to the consumer population as well,” concludes Dr. Radams.